So-Called 'Dying Cities' Fight Back With Conference

So-Called 'Dying Cities' Fight Back With Conference

Forbes magazine's alleged "10 Fastest Dying Cities" In America are fighting back with a symposium and arts festival. The event will be hosted by the city of Dayton, Ohio Aug 7 - 9. Dayton -- along with Detroit and Flint in Michigan; Canton, Cleveland and Youngstown, Ohio; Buffalo, N.Y., Charleston, W. Va. Scranton, Pa. and Springfield, Mass. were dubbed America's fastest dying by Forbes in August 2008. Organizers say the cities want to "demonstrate that our people and our citizens are very much alive, by presenting the most innovative efforts underway to return our communities to vibrancy. By sharing ideas and inspiration, we can learn from each other, form new relationships and create a host of possibilities for civic enhancement." Friday, Aug. 7 will feature an evening of arts and music from Dayton and other cities. Saturday, Aug. 8 there will be a symposium from 8 a.m. to 5 p.m. at the Dayton Convention Center. And on Sunday, Aug. 9 there will be continental breakfast at Riverscape MetroPark and more networking. The event is free, although preregisatration is requested so organizers can gauge the number of attendees. As for lodging, a group rate is available at the Dayton Crowne Plaza across from the Convention Center and at The Doubletree, four blocks away, both for $89 per night. For the Crowne Plaza, call (877) 834-3613 and ask for the Ten Living Ciities or T10 group code. At the Doubletree, call (937) 461-4700 and ask for the Ten Living Cities group rate. The 10 Living Cities is the brainchild of Peter Benkendorf, executive director of Involvement Advocacy, and Mike Elsass, owner of Color of Energy Gallery, both of Dayton. They envisioined bringing together artists and activists, community leaders and organizers, public officials and civic-minded people from the 10 cities, to share ideas, inspiration and create new possibilities for what our future can be. More at www.tenlivingcities.org.

Top 21 African American Professional Organizations

Just a thought. Would it be possible for all 21 organizations to work together, share resources and organize toward accomplishing a common goal and that goal is implementing the Urban Agenda.??? Why wait for President Obama when we have 21 agencies ready and able to solve the problems in Black America. I am ready to get involved in such an undertaking. Anyone else ready to make a CHANGE!!!

Top 21 African American Professional Organizations

Whether you're an African American accountant, attorney or astrophysicist, there's probably a related professional organization. Joining an association can provide education in your field, networking opportunities and advocacy -- all with a focus on issues important to African Americans. Find the right one for you by checking out this list of 21 of the largest and oldest national groups: BDPA National Assn of Black Accountants National Assn of African Americans in Human Resources National Black Business Trade Associations National Black MBA Assn National Sales Network Organization of Black Designers American Assn of Blacks in Energy National Organization for the Professional Advancement of Black Chemists and Chemical Engineers National Society of Black Engineers National Society of Black Physicists BCA 100 Black Men of America Blacks in Government National Black Nurses Assn National Medical Assn Student National Medical Assn National Assn of Blacks in Criminal Justice National Bar Assn National Organization of Black Law Enforcement Executives National Assn of Black Journalists Click here to read the full story.

Tagged site stole identities

NY official: Tagged site stole identities

By VERENA DOBNIK

NEW YORK (AP) -- New York's attorney general charged Thursday that Tagged.com stole the identities of more than 60 million Internet users worldwide - by sending e-mails that raided their private accounts.

Andrew Cuomo said he plans to sue the social networking Web site for deceptive marketing and invasion of privacy.

"This company stole the address books and identities of millions of people," Cuomo said in a statement. "Consumers had their privacy invaded and were forced into the embarrassing position of having to apologize to all their e-mail contacts for Tagged's unethical - and illegal - behavior."

Started in 2004 by Harvard math students, Greg Tseng and Johann Schleier-Smith, Tagged calls itself a "premier social-networking destination." The California-based company claims to be the third-largest social networking site after Facebook and MySpace, with 80 million registered users.

Cuomo said Tagged acquired most of them fraudulently, sending unsuspecting recipients e-mails that urged them to view private photos posted by friends.

The message read: "(name of friend) sent you photos on Tagged."

When recipients tried to access the photos, Cuomo said they would in effect become new members of the site - without ever seeing any photos. Recipients' e-mail address books would then be lifted, the attorney general said.

Tagged temporarily suspended its online campaign last month, in response to user complaints.

E-mail and telephone messages from The Associated Press to the company were not immediately returned on Thursday.

In an open letter on the site, dated June 16, Tseng acknowledges that Tagged had received 2,000 complaints "from people who invited all the contacts in their e-mail address books but didn't intend to."

He said that every day, "our members make 2 million new friend connections" using the site's special "feature." But on June 7, in response to the complaints, "we hit the pause button."

The site than e-mailed all new members to offer "information on how to manage their contacts and, if they wanted, how to cancel their membership."

Cuomo said Tagged's problems went far beyond technical glitches.

"This very virulent form of spam is the online equivalent of breaking into a home, stealing address books, and sending phony mail to all of an individual's personal contacts," Cuomo said.

The system was set up so that a user was asked whether the sender of the photos was a friend, then suggesting that if the recipient didn't respond, the friend "may think you said no" (accompanied by a sad face icon).

Any click resulted in the same thing, Cuomo said: Every person on a user's contact list received an e-mail that again read, "(name of user) sent you photos on Tagged." The site then released a flood of offers for everything from sweepstakes to other services.

By the time a recipient realized there were no photos, it was too late.

On Thursday, a box on the site's home page still read: "NOW HIRING ... click here."

The attorney general said a lawsuit would seek to stop Tagged from engaging in "fraudulent practices" and to seek fines.

Another site founded by Tseng, Jumpstart Technologies, was fined $900,000 in 2006 by the Federal Trade Commission for violating the CAN-SPAM Act - signed into law in 2003 by President Bush as the anti-spam national standard for commercial e-mail.

At the time, the director of the FTC's Bureau of Consumer Protection, Lydia Parnes, said the Tseng-founded site had "intentionally used personal messages as a cover-up for commercial messages."

Such practices not only violate the law, she said, "but also consumer trust.

Newest IE bug could be next Conficker

Newest IE bug could be next Conficker, says researcher

It's 'custom-made' for hackers, claims expert; expect major attacks

By Gregg Keizer ,

The critical bug that Microsoft confirmed Monday but has yet to patch is a prime candidate for another Conficker-scale attack, a security researcher said.

"It's better than [the vulnerability used by] Conficker," Roger Thompson, chief research officer at AVG Technologies, said yesterday. "It exposes the whole world, and can be exploited through the firewall. That's better than Conficker, which mostly did its damage once it got inside a network."

Conficker, the worm that exploded into prominence last January when it infected millions of machines, exploited an already-patched bug in Windows that Microsoft had thought dire enough to fix outside its usual update schedule.

The worm hijacked a large number of PCs -- estimates ranged as high as 12 million at one point -- and then assembled them into a massive botnet able to spread malware, plant fake antivirus software or distribute huge amounts of spam.

"I have no doubt that the really bad guys are bustling to get this [new vulnerability] into their exploit toolkits," said Thompson. "For the Conficker people, this could be the next thing. They waited until they had a really good exploit, then combined that with some smart strategies. So I wouldn't be surprised if they picked up on this."

The vulnerability Thompson's worried about is in the Microsoft Video Controller ActiveX Library, or the "msvidctl.dll" file, an ActiveX control that can be accessed using Internet Explorer (IE). Although the bug has been used by hackers since at least June 9, it only made it into the public eye this week, when several security companies, including firms in both China and Denmark, reported that thousands of compromised sites were serving up exploits.

On Monday, Microsoft acknowledged the vulnerability in a security advisory, said it would produce a patch and provided an automated tool to disable the ActiveX control by setting nearly three-dozen "kill bits" in the Windows registry.

"This is a good exploit with a big lump of infectable people," said Thompson.

One reason why the bug is an excellent choice for hackers is that it hasn't been patched. When Conficker first appeared, the flaw it exploited had already been patched by Microsoft. It turned out, however, that there were plenty of PCs that had not been updated with the fix.

Thompson wouldn't hazard a guess as to whether Microsoft would be able to craft a fix in time to add it to the patches slated for delivery next Tuesday, July's regularly-scheduled update day. "But I'm fairly confident that they're trying very hard," he said.

Attack code is readily available, Thompson said, meaning that attackers not yet abusing the bug don't have to figure out an exploit of their own. "If the people who infect banner ads use this before there's a patch, then watch out," he warned.

Today, Microsoft admitted that researchers at IBM's ISS X-Force had reported the vulnerability in 2008, but did not name the date. The X-Force researchers had uncovered the flaw in late 2007, and had reserved a CVE (Common Vulnerabilities and Exposures) number in December of that year. One of the researchers, Alex Wheeler, who is now the manager of 3Com's TippingPoint DVLabs, declined to name the date ISS reported the bug to Microsoft, citing a non-disclosure agreement he'd signed with his former employee.

Microsoft didn't directly answer a question about why it had not patched the ActiveX vulnerability when it has known about the bug for at least six months and possibly as many as 18. "When we were alerted in 2008, we immediately started an investigation," a company spokesman said today in an e-mail. "As we wanted to be thorough, this took extra time to fully evaluate."

The "extra time" Microsoft needed may strike some as odd, since the ActiveX control -- the "msvidctl.dll" file -- is the company's own code. And that's unusual, said Thompson. "This is the first issue with a Microsoft .dll for, really, a long while," Thompson said. "Maybe since the ANI bug in April 2007. Usually, it's a Chinese .dll or something from Adobe."

The vulnerability in Windows' animated cursor -- found in the "user32.dll" file -- was patched more than 100 days after Microsoft was alerted by Alexander Sotirov, a vulnerability researcher at Determina. Microsoft issued an "out-of-band" patch for the ANI bug, breaking from its regular monthly schedule.

"It's not the end of the world or anything," said Thompson. "But I won't be surprised to see Version 2.0 of Conficker with this. It seems custom-made for them."

Systems running Windows XP or Windows Server 2003 are vulnerable to current attacks through IE6 and IE7. Windows Vista and Windows 7 are not at risk; nor are users running IE8 or other browsers, such as Mozilla's Firefox and Google's Chrome.

CompuServe closes after 30 years

Veteran ISP gets bulleted.

By Tom Jowitt

CompuServe (or CIS) was originally founded way back in 1969 as Compu-Serv Network in Columbus, Ohio as a subsidiary of Golden United Life Insurance. According to Wikipedia, its original remit was to provide in-house computer processing support to Golden United Life Insurance; and to develop as an independent business in the computer time-sharing industry, by renting time on its PDP-10 mid-range computers during business hours.

It was spun off as a separate company in 1975. It began offering electronic mail capabilities and technical support to commercial customers in 1978, and for many industry veterans it provided them with their first ever online experience. Undoubtedly, its golden years was during the 1980s (where it was used mostly to exchange files electronically) and the early years of the 1990s, where its email and moderated forums proved to be enormously popular with the PC crowd.

Indeed, by 1991, it claimed to have over a half a million users simultaneously online, and by 1995, it topped three million members, the largest online service provider at that time. However, cracks started to appear when it began competing against newcomers such as AOL, which rapidly gained market share thanks to its intense marketing campaigns and by offering users a flat monthly rate instead of the per-hour online access charged by CompuServe. AOL acquired CompuServe in 1997, and for a time the company was preserved as a separate service but was badly neglected by its parent company.

As the world wide web grew in popularity, many organizations closed their CompuServe customer support forums and instead began offering customer support via their own websites. And in an ironic twist, AOL is now itself facing an uncertain future as its subscription base has been steadily declining. In 2006 the UK ISP business of AOL was sold off to the Carphone Warehouse.

BDPA Offers Jobseekers Transport To National Career Fair

BDPA Offers Jobseekers Transport To National Career Fair

The Detroit Chapter of Black Data Processing Associates is providing transportation to take jobseekers to the National BDPA IT Career Fair in Raleigh, N.C. Aug. 7-9.

The event features 40 to 50 hiring companies with placement all over the United States.

More about the career fair at http://www.bdpa-detroit.org/Career2009.html.

BDPA Detroit is a non-profit 501(c) (3) organization comprised of professionals working in the IT industry or anyone having an interest in information technology

For additional info, please contact Beverly Person at Detroit-VPMM@bdpa-detroit.org or (313) 438-3519.

Nuspire Networks 'can't hire fast enough'

Nuspire Networks 'can't hire fast enough' for net security

One of the best kept secrets in Michigan IT is trying to fix that little problem of visibility.

Mostly because, the phrase of one of its founders, it can't hire people fast enough.

Security and connectivity provider Nuspire Networks Inc. was founded in 1999 by Saylor Frase and Steve Whitener as a spinout of Frase's Web development company, which he started as a Central Michigan University student in 1996.

Nuspire's first work was connecting hospitals to small clinics securely using Virtual Private Network technology, which some then doubted could be trusted to do the job. Relationships to handle connectivity for bigger tech companies like Unisys and IBM brought them to the attention of General Motors Corp., which in 2000 began using Nuspire to provide connectivity with dealers.

"To this day we still run that portion of connecting GM with dealers," Frase said.

More recently, the company has taken on work for Subaru, SPX Corp., InkStop stores and Fox TV. Those customers keep Nuspire scrambling -- they've kept up with InkStop's 300 percent annualized growth, for instance, by figuring out a way to complete a data phone infrastructure for a new store location in two weeks.

And three months ago, the company hired its first marketing and sales department.

"We never had a sales force up 'til then, but our products and services have now matured enough, and we see deals in the media now where we say, 'Wow, we should have competed for that,'" Frase said. "We're trying to raise our profile."

NuSpire has 60 employees now and openings in network engineering, corporate IT sales, sales engineering, call center support, administrative assistants, and very specific programming roles.

"We can't hire people fast enough, and it's neat to be with a Michigan company that has that problem," company marketing director Jim Hebler said.

More from the Great Lakes IT Report.

Motivational Monday

Thought for the Day

June 27, 2009

THE GREATEST CURE KNOWN

Emotions are sometimes strange, volatile, and unpredictable. They do not always respond to logic and reason. They do, however, respond to action. If you have occasional feelings of loneliness, discouragement, or discontentment, the best way to kill such negative emotions is to work them to death. Almost nothing is as bad as it first seems, and there’s nothing like a hard day’s work to put everything in proper perspective. When you begin to feel negative emotions, dwelling on your misfortunes only makes you feel worse. Do your best to put them out of your mind and think about more positive, constructive things. Physical labor can help. Choose a task that doesn’t require a great deal of concentration, and then focus on accomplishing the task at hand.

This positive message is brought to you by the Napoleon Hill Foundation. Visit us at http://www.naphill.org. We encourage you to forward this to friends and family.