Wednesday, December 30, 2009

Motivational Moment

Thought for the Day

December 30, 2009

HAPPINESS IS FOUND IN DOING-NOT MERELY IN POSSESSING.

It’s true. Money can’t buy happiness. Most of us are motivated by aspirations of the lifestyle we desire to ourselves and our families, not by the physical possessions-homes, vacations, automobiles, etc. When you recognize this fact, you will know that you must constantly "raise the bar" to encourage yourself to reach higher goals. Your goals should include the possessions that you desire, but as former Apple Computer chairman and CEO John Sculley said, "Success is a journey, not a destination. Make sure you enjoy the trip."

This positive message is brought to you by the Napoleon Hill Foundation. Visit us at http://www.naphill.org.

Monday, December 28, 2009

A Positive Moment with Jon Gordon

A Positive Moment with Jon Gordon | Jon Gordon's Blog | Developing Positive Leaders, Organizations and Teams

Posted using ShareThis

Motivational Monday

FRIENDS MUST BE GROWN TO ORDER-NOT TAKEN FOR GRANTED.

Your friends will be what you make them. If you are the kind of friend who freely gives of your time and always shows consideration for others, your friends will be generous and kind. If you are the kind of person who takes your friends for granted, neither giving nor expecting much in return, you will attract friends who exhibit the same qualities. In friendship, like attracts like. Assess your behavior occasionally to determine what kind of friend you are. Are you the kind of person you would like to have as a friend? Do you freely give more than you expect in return, or are you always asking and never giving? Do you take the time to stay in touch, to remember friends’ special occasions? When you become so consumed with your own interests that you forget about your friends, you are well on your way to becoming friendless.

This positive message is brought to you by the Napoleon Hill Foundation. Visit us at http://www.naphill.org.

Wednesday, December 23, 2009

Obama selects tech veteran for top cybersecurity post

Obama selects tech veteran for top cybersecurity post

Howard Schmidt is respected by many but will have his work cut out for him
By Jeremy Kirk

Howard Schmidt was named as the White House's cybersecurity coordinator on Tuesday, a job that was reportedly difficult to fill as the U.S. strengthens its computer security defense.

The appointment marks a return to government for Schmidt, who left his job as vice chairman of former President George W. Bush's Critical Infrastructure Protection Board in April 2003, saying he was retiring from government service to join the private sector.

"As President Obama has said, this cyber threat represents one of the most serious economic and national security challenges we face as a nation," Schmidt said in a video statement on the White House's Web site.

Schmidt will be responsible for creating a U.S network security strategy that encompasses protocols for ensuring a unified response to cybersecurity incidents. He also will be in charge of strengthening partnerships between government and business, the research and development of next-generation technology and a national campaign for cybersecurity awareness.

Schmidt has a depth of experience in cybersecurity, most recently working in the U.K. for the Information Security Forum, a nonprofit that focuses on researching and evaluating cybersecurity risks. His private industry experience includes a stint as chief information security officer for auction giant eBay and chief security officer for Microsoft, where he worked on the company's Trustworthy Computing initiative, a massive revamp of Microsoft's security practices.

On the government side, Schmidt served in the U.S. Air Force in both active duty and civilian positions. He established the first dedicated computer forensic lab when he was a supervisory special agent and director of the Air Force's Office of Special Investigations (AFOSI) Computer Forensic Lab and Computer Crime and Information Warfare Division. Before that position, he headed the Computer Exploitation Team with the FBI at the National Drug Intelligence Center.

President Obama announced the cybersecurity coordinator position in May, but as months dragged on it became apparent that candidates were concerned over what sort of power the role would have. Possible candidates included Scott Charney, a Microsoft vice president for its Trustworthy Computing program.

Schmidt's experience across the public and private sectors -- and technical acumen -- will serve him well, said Alan Paller, director of research at the SANS Institute. "He was the only one being considered who knew what it was like to secure a system. That set him apart from everybody," Paller said.

But that doesn't mean the job will be easy, as Schmidt will have to propel a delicate and very broad agenda across many government agencies in order to deliver better computer security.

"The main fight in any cybersecurity initiative is between the people who want to put some more resources into protection against the people who want to get on with the job of business and not be delayed in any way," Paller said. "People who work with IT companies come to Washington with mandates to stop government from doing anything that will cost them money."

Schmidt will have to avoid getting bogged down in endless meetings and speeches about cybersecurity. "There really aren't that many hours in a day," Paller said.

Schmidt's office will be in the old executive office building next to the White House, a location that puts him in a better location for influence, Paller said. Schmidt will report to John Brennan, assistant to the president for homeland security and counterterrorism.

Pulling together the cybersecurity efforts across the U.S. government will be challenging, said Roger Thornton, CTO and founder of security vendor Fortify Software. "I think it will be a very tough job. He's going to have to herd some cats," Thornton said.

aid.

Monday, December 21, 2009

IronMAN 2

Motivational Monday

Thought for the Day

December 21, 2009

COOPERATION MUST START AT THE HEAD OF A DEPARTMENT IF IT IS EXPECTED AT THE OTHER END. THE SAME IS TRUE FOR EFFICIENCY.

In most large organizations, the amount of time and energy that is squandered in interdepartmental rivalry is enormous. Managers who compete with others inside the company waste valuable resources that should be directed at fulfilling the company’s mission to serve its customers better. Worse, a negative, internal focus can cause the company to miss opportunities, the full effect of which may not be realized for months or even years. Whether you are the head of the department or the newest worker on the staff, you can help your company immeasurably by refusing to become embroiled in internal strife. Compete with yourself to do the best job you can do instead of competing with others.

This positive message is brought to you by the Napoleon Hill Foundation. Visit us at http://www.naphill.org.

Thursday, December 17, 2009

Motivational Moment

Persistence

“Remember…You can do wonders if you keep trying. You can cope with anything; you really can. IN-depth faith always wins over difficulties. Keep going strong with the excitement principle.”


-Dr. Norman Vincent Peale

Wednesday, December 16, 2009

McDonald's to offer free, unlimited Wi-Fi

McDonald's to offer free, unlimited Wi-Fi

Fast-food chain wants customers to stay longer
By Matt Hamblen

McDonald's restaurants may soon be the easiest spot to find free Wi-Fi and browse the Web as long as you like.

The restaurant chain is lifting a $2.95 fee for two hours of wireless Internet access starting in mid-January, according to the Wall Street Journal and other reports.

McDonald's officials could not be reached immediately for comment.

The free Wi-Fi will reportedly be available at about 11,000 of 14,000 U.S. locations. McDonald's has used Wi-Fi provided by AT&T Inc. for several years, after first launching the service at 75 locations in San Francisco in 2003.

The free Wi-Fi will come with no time limits, all the better to encourage visitors to stay longer and buy McDonald's coffee drinks and hamburgers.

Obama Dedicates $88M More for Health IT

Obama Dedicates $88M More for Health IT

As part of the new Recovery Act funding, President Obama pushes health information technology systems for community health care centers.

Monday, December 14, 2009

Rather than patch, Microsoft blocks buggy code

Rather than patch, Microsoft blocks buggy code


By Gregg Keizer

Microsoft has decided to disable a 17-year-old video codec in older versions of Windows rather than patch multiple vulnerabilities, according to the company's security team.

Last Tuesday, the same day it issued six updates that patched 12 bugs , Microsoft released a security advisory that outlined the unusual move, which blocks the Indeo codec -- software that compresses and decompresses video data -- from being used by either Internet Explorer (IE) or Windows Media Player. The update also prevents other applications that access the Internet from loading the codec.

It's unclear exactly how many unpatched vulnerabilities the Indeo codec contains, but at least two security companies -- VeriSign iDefense and Fortinet -- issued their own Indeo bug alerts Tuesday. The vulnerability uncovered by iDefense was reported to Microsoft more than a year ago.

The update targets only the oldest editions of Microsoft's operating system: Windows 2000, Windows XP and Windows Server 2003. Windows Vista, Windows 7 and Windows Server 2008 already bar the Indeo codec from loading. Intel introduced the codec in 1992.

By blocking the codec from being used in IE and Windows Media Player, said Microsoft, it's protecting users against the known attack vectors, would rely on duping people into visiting a malicious site.

It's unusual for Microsoft to skip patching known vulnerabilities and instead disable -- "deprecate" in programming terminology -- bits of code. "This is a rare occurrence, as it is usually challenging to remove functionally from products that customers are currently using without affecting existing applications," a Microsoft spokesman acknowledged via e-mail Thursday.

Patching the codec wouldn't make much sense, said Richie Lai, director of vulnerability research at security company Qualys. "Microsoft already made these changes for Vista and Windows 7, and Indeo is rarely used anymore," Laid said. "I see this more of an attack surface reduction move."

Microsoft saw it that way, too. "In this case, we created defense-in-depth changes that reduce the attack surface and removed the functionality of this codec rather than addressing individual vulnerabilities because it provided more comprehensive protection for an older, less used codec," said the company's spokesman.

On-disk applications, such as games that still rely on the Indeo codec, will function normally, Microsoft added.

This isn't the first time that Microsoft has declined to patch valid vulnerabilities. Last September, Microsoft announced that fixing a flaw in Windows 2000 Server SP4's implementation of TCP/IP was not feasible because that would "require re-architecting a very significant amount of the Windows 2000 SP4 operating system," and doing so meant "that there would be no assurance that applications designed to run on Windows 2000 SP4 would continue to operate on the updated system."

"Maybe this is a new trend," said Jason Miller, the security and data team manager of patch management vendor Shavlik Technologies.

"We believe this approach should provide more security for customers than addressing single instances of vulnerabilities," the Microsoft spokesman said.

The codec-blocking update has been pushed to in Windows 2000, XP and Server 2003 users via Windows Update's automatic update mechanism.

Wednesday, December 09, 2009

Nanotech used to build batteries out of paper

Nanotech used to build batteries out of paper

Stanford researchers build bendable batteries that can be soaked in acid and still hold charge
By Sharon Gaudin


Researchers at Stanford University have used nanotechnology to create lightweight and even bendable batteries out of paper.

The paper batteries are designed to be folded, crumpled or even soaked in an acidic solution and still work, according to Yi Cui , assistant professor of materials science and engineering, at Stanford. The team created the batteries by coating a sheet of paper with ink made of carbon nanotubes and silver nanowires.

Stanford offered no indication of when the batteries would be ready for commercial use.

"The most important part of this ... is how a simple thing in daily life -- paper -- can be used as a substrate to make functional conductive electrodes by a simple process," said Peidong Yang , professor of chemistry at the University of California-Berkeley, in a statement. "It's nanotechnology related to daily life, essentially."

The nanotubes used in the paper batteries and supercapacitors are one-dimensional structures with a small diameter, which enables the ink made from them to stick tightly to the paper. The university noted that the paper supercapacitors may be able to handle 40,000 charge-discharge cycles, which is an order of magnitude more than lithium batteries can take.

Cui pointed out that the nanomaterials make better conductors than traditional materials because they can move electricity more efficiently.

This is just the latest incidence of scientists using nanotechnology to further battery research.

Last summer, IBM launched a multi-year battery research project using nanotechnology, materials science and supercomputing.

In April, researchers at MIT reported that they are combining nanotechnology with genetically engineered viruses to build batteries that could power hybrid cars and cell phones.

And before that, another team of researchers at Stanford used silicon nanowires to enable lithium-ion batteries to hold 10 times the charge they could before. That means a laptop could last for some 40 hours using the new battery, according to Cui.

Monday, December 07, 2009

Motivational Monday

PHISHING SCAM - CDC Sponsored State Vaccination Program for H1N1

PHISHING SCAM - CDC Sponsored State Vaccination Program for H1N1

Centers for Disease Control and Prevention - Your Online Source for Credible Health Information

PHISHING SCAM - CDC Sponsored State Vaccination Program for H1N1

CDC has received reports of fraudulent emails (phishing) referencing a CDC sponsored State Vaccination Program for H1N1. The messages request that users create a personal H1N1 (swine flu) Vaccination Profile on the CDC.gov web site.

An example of the phishing email is below:

Sample H1N1 phishing email which states that the recipient needs to create a personal H1N1 (Swine Flu) Vaccination Profile on the CDC.gov site

Users that click on the embedded link in the email are at risk of having malicious code installed on their system. CDC reminds users to take the following steps to reduce the risk of being a victim of a phishing attack:

  • Do not open or respond to unsolicited email messages.
  • Do not click links embedded in emails from unknown senders.
  • Use caution when entering personal information online.
  • Update anti-virus, spyware, firewall, and anti-spam software regularly.



Modify/Update Subscriber Preferences | Unsubscribe | Send Feedback | Learn more about CDC Email Updates

To receive the latest news for your region, please update your profile with your country, state and zip code.

Questions or problems? Please contact support@govdelivery.com.

Department of Health and Human Services
Fight Flu with Facts! Visit flu.gov. Call 800-232-4636. Text FLU to 87000.
Centers for Disease Control and Prevention

Centers for Disease Control and Prevention (CDC) · 1600 Clifton Rd · Atlanta GA 30333 · 800-CDC-INFO (800-232-4636)

Fake Microsoft security e-mail spreads malicious code

Fake Microsoft security e-mail spreads malicious code

Spammers are cashing in on a recent stir over allegedly problematic Windows security patches

By Microsoft Subnet

It didn't take long for the bad guys to cash in on the confusion surrounding so-called faulty Windows patches. Cisco Security Intelligence Operations is reporting significant activity of spam e-mail messages that claim to offer a fix for security flaws in various Microsoft products.

This spam comes in a week where flaws in security updates affecting Windows were reported by security company Prevx, then denied by Microsoft and finally retracted by Prevx, leading to the security company issuing a public apology. Users however, remain unconvinced that the November Patch Tuesday security patches were not to blame for an increase in occurrences of the black screen of death. Many readers have posted personal accounts of their own black screens of death which they attribute to the patches.

The situation is ripe for the plucking for spammers using that fear to tempt users into downloading malicious software. Cisco reports that text in the e-mail message instructs the recipient to click on a link to download updates that will fix security issues in Microsoft Internet Explorer, Windows XP, Windows Vista, or Windows 7. However, the link downloads an .exe file that attempts to install malicious software on the user's system.

Cisco reports that the following text is a sample of the e-mail message that is associated with this threat outbreak:

Subject: URGENT!!Microsoft Updates!

Message Body:

MIME-Version: 1.0

Content-type: text/html; charset=iso-8859- 1

From: supportmicrosoft.com

Message-Id: <20091203080449.1 995838E2920teks aid.joinvps.c om
Date: Thu, 3 Dec 2009 08:04:49 +0000 (IJTj

H ello,A few microsoft products have been found to have ome holes in them allowing hackers to take over and control users PC. f you are running: Microsoft Internet Explorer, Windows XP, Windows =ista, or Windows 7 then you are at risk of losing your computer and all f your datakbr bIf you have not already got the pdate goto this link: httplfmssupport.sytes.et/lipdater.exe or this link: http :/ftinyur1.com/microsof-up dater and get the Updater to fix the holes to protect yourself team. Thanks, Microsoft Support Team.

Cisco is reporting the outbreak because it owns the IronPort spam and anti-malware product. IronPort's security operations center analysts examine real-world e-mail traffic from over 100,000 contributing organizations worldwide. Cisco says the spam attack is a "hot" one in the wild and that potential damage from it is moderate. The attack is being kept in check because the spam should be fairly easy to spot with enterprise-class malware detection products like IronPort.

On the other hand, attacks against Windows are so popular because many of the naive masses have made Windows their operating system of choice. (Per comment below: By the term "naive masses" I mean that those who are least computer literate are most likely to use Windows and it would only be someone naive that would fall for such a scam as this one.) Even with such a poorly crafted e-mail attack as the one above, how many moms, pops and grandparents could fall prey?

SETI@home in spotlight following IT chief's job loss

SETI@home in spotlight following IT chief's job loss

Serves as reminder of how to properly partake in volunteer computing projects
By Alpha Doggs


UPDATE: On Dec. 3, Neisluchowski issued a statement denying misuse of or theft of school computers.

Reports this week out of Arizona about how a public school district IT chief lost his job have put the use of volunteer grid computing efforts in the spotlight.

According to the Arizona Republic and other news reports, Brad Niesluchowski lost his job earlier this fall as network systems administrator at Arizona's Higley Unified School District following an investigation into suspicious activity that included running the SETI@home distributed computing program across 5,000-plus school computers. The school district alleges that running the program on computers around the clock for nearly 10 years has cost it more than $1 million in energy and other costs, and interfered with teaching by messing up other programs, such as SMART board systems. In fact, Niesluchowski (or "NEZ") had gained a reputation as a sort of god among SETI@home users for his status as its most active user as documented via a public credit system.

The situation has generated strong opinions from many corners, with some upset by comments by school superintendent Denise Birdwell ("We support educational research and we would have supported cancer research but we however as an educational institutional do not support the search of ET.") that are seen as flip and showing a lack of understanding of how SETI@home really works. A Fox News report out of Las Vegas includes an interview with Niesluchowski's wife, who says use of the software was authorized by a previous administration. Others pointed out that Niesluchowski losing his job stemmed from much more than just his use of SETI@home.

On top of all this, a police investigation is ongoing and involves allegations of possible stolen computers and gear, according to the Republic.

One issue the Niesluchowski affair immediately brought to my mind has to do with the proper use of volunteer computing programs, which allow end users to donate the spare processing power on their computers via one of the dozens of ongoing volunteer computing projects, many based on open source software called BOINC.

In compiling a package of stories on volunteer computing this past summer, I asked David Anderson, a research scientist at UC Berkeley Space Sciences Laboratory who founded the BOINC project in 2002, about guidelines for using such software. His response: "The BOINC project's advice is to get permission from whoever owns the machine."

I circled back with Anderson today in light of the Niesluchowski situation, asking about whether it might harm SETI@home. His response: "I don't think S@h gets a black eye. Our policies explicitly forbid this."

He said it looks like "NEZ" got obsessed with SETI@home credit and made "some major errors in judgment."

On the plus side, Anderson said that SETI@home being in the news reminds the world that the project - which celebrated its 10th anniversary this year -- is still going.

Wednesday, December 02, 2009

MDCH Warns Residents to Avoid Fraudulent E-Mails

MDCH Warns Residents to Avoid Fraudulent E-Mails

Referencing CDC-sponsored State Vaccination Program

Phishing emails are a scam, attempts to obtain personal information

LANSING - The Centers for Disease Control and Prevention (CDC) and the Office of the Chief Information Security Officer (OCISO) Cyber Security Incident Response Team (CSIRT) have received reports of fraudulent emails referencing a CDC-sponsored State Vaccination Program for the H1N1 virus. The messages request that users create a personal H1N1 “Vaccination Profile” on the cdc.gov Web site. The messages then states that anyone who has reached the age of 18 has to have his/her personal “Vaccination Profile” on the cdc.gov site.

The CDC has NOT implemented a state vaccination program requiring registration on www.cdc.gov. These emails are a scam and residents are asked to ignore and delete them.

Users that click on the embedded link in the email are at risk of having a malicious code installed on their system. The OCISO reminds users to take the following steps to reduce the risk of being a victim of a phishing attack:

  • Do not follow unsolicited links and do not open or respond to unsolicited email messages.

  • Use caution when visiting un-trusted Web sites.

  • Use caution when entering personal information online.

For more information, please visit www.cdc.gov/hoaxes_rumors.html

###

Tuesday, December 01, 2009

Dell Customizes Chrome OS for the Dell Mini 10v

Dell Customizes Chrome OS for the Dell Mini 10v



A Dell employee has gotten Chromium OS, the code behind Chrome OS that Google released to open source, to run on a Dell Mini 10v netbook. The fact that a Dell programmer tinkered with the code and passed on his findings to others is a sign of how liberating and rich open source can be, as well as how Chrome OS is piquing curiosity. Still, some experts see Chrome OS as being five to 10 years away from mass adoption with consumers and enterprises, respectively. The world is, after all, still propelled by Windows. Read how to get Chrome OS running on a Dell Mini below ...

BackTrack4 Uses IPv6 to Cover Tracks

BackTrack4 Uses IPv6 to Cover Tracks

This past week I was working on performing a security assessment and I was using the latest version of BackTrack 4 [1]. I noticed that it has Miredo support to help auditors establish a secret IPv6 back-channel to their exploited systems. This shows that the security community is recognizing how IPv6 can be used as a backdoor to owned systems.

Let's face it; IPv6 deployments haven't been as numerous as many of us would have hoped. Several years ago we were expecting that at the end of 2009 migration to IPv6 would be in full motion. However, the fact that IPv6 is still fairly obscure to most security administrators means that is can fly under the radar of most organizations. However, IPv6 is starting to gain the attention of hackers as a means of creating a covert channel to compromised systems.

It is a fact that many organizations have a default outbound policy on their firewalls that allow virtually all outgoing connections. This means that the dynamic tunneling technique Teredo [2], which places IPv6 packets inside UDP 3544 packets, would be allowed outbound by most companies. If a similar technique were to use TCP port 80 to create encapsulated IPv6 tunnels outbound those would also be permitted to leave an organization. The organization's stateful firewalls would then allow the return traffic to be returned to that internal host and thus any protocol could be carried through the encapsulated IPv6 packets.

Let's imagine a malicious piece of software that finds vulnerable systems using IPv4. Unlike IPv6's sparse population of nodes, the dense population of IPv4 hosts makes them easy to find. Once those systems are exploited the malicious code would leverage that fact that the host operating system was already running IPv6. Mac, Windows, Linux, BSD, Solaris, HP-UX, AIX, and many other operating systems have IPv6 enabled by default. While that organization hadn't enabled IPv6 on their access routers, the host would still be able to create an IPv6-within-IPv4 tunnel to somewhere on the Internet. That infected host could create a 6in4 tunnel to a command and control server on the Internet. This traffic wouldn't be picked up my most IPSs because most of them lack the ability to peer deeper into the packet contents and fewer still know how to correctly decode an IPv6 header [3].

BackTrack is a Linux Live CD operating system that has many pre-compiled/pre-installed utilities for performing security assessments. The most current version, BackTrack 4, was recently released to help penetration testers get up and going quickly. BackTrack4 now contains Miredo [4] client/server software to maintain access to a compromised system that was successfully compromised by other tools in the BackTrack toolkit. Miredo is an open-source implementation of the Microsoft Teredo [2] IPv6 tunneling system. Following is a screen shot of BackTrack4 and the Miredo client.

Google

IPv6 will continue to grow in popularity and it will increasingly be used as a method to obscure connections until there are a greater number of tools to observe encapsulated packets. Hopefully the security defenders will start to take notice of IPv6 and the risks associated with having a default outbound policy.

Monday, November 30, 2009

Latest Microsoft patches cause black screen of death

Latest Microsoft patches cause black screen of death

The changes to some registry keys can render a PC useless, according to a UK security vendor that has a software fix
By Jeremy Kirk

Microsoft's latest round of security patches appears to be causing some PCs to seize up and display a black screen, rending the computer useless.

The problem affects Microsoft products including Windows 7, Vista and XP operating systems, said Mel Morris , the CEO and CTO for the U.K. security company Prevx.

Prevx was alerted to the problem by users of its security software last week, Morris said. Microsoft apparently made changes to the Access Control List (ACL), a list of permissions for a logged-on user. The ACL interacts with registry keys, creating visible desktop features such as a sidebar.

However, the latest patches appear to make some changes to those registry keys. The effect is that some installed applications aren't aware of the changes and don't run properly, causing a black screen, Morris said.

Security applications seem to be particularly affected. Morris said users of other security products have also complained about the issue, even going so far as trying to reinstall the operating system to fix it.

"If you've got this problem, it's massively debilitating," Morris said.

Prevx has released software that fixes the registry to match the ACL settings, which should resolve the problem, Morris said. Users could do this on their own by modifying their registry settings, but making alterations to those settings is risky since it can severely affect how the operating system runs.

On Nov. 10, Microsoft released 15 patches for vulnerabilities in Windows, Windows Server, Excel and Word.

Morris said Microsoft was likely just trying to fortify the security of the operating systems when it inadvertently made the error in its patches. "It's one of those things that happens from time to time when you have a dynamic operating system," he said.

Morris said his company hasn't contacted Microsoft yet but will send the company a copy of the software fix.

Prevx has more detail on the issue on its blog and posted the software fix, which is free.

Windows has at least 10 different issues that could potentially cause a black screen, wrote Dave Kennerley who works in support for Prevx.

"Our advice is try our tool first," Kennerley said. "If it works, great. If it doesn't, you are no worse off."

Microsoft officials could not be immediately reached for comment.

CIOs fear mass IT exodus following economic recovery

CIOs fear mass IT exodus following economic recovery

CIOs worry IT teams might flee for better opportunities in the economic recovery.
By Denise Dubie

IT professionals asked to do more work for less pay and fewer benefits might be able to forgive their employers' financial choices, but industry watchers say high-tech workers won't soon forget being treated poorly during the most recent economic recession and will look to find other employment opportunities as soon as the recovery gets under way.

Robert Half Technology this week released findings of a survey of 1,400 CIOs that showed 43% said retaining existing workers will be their top staffing priority in 2010. The IT staffing and consultancy firm also reported that 21% of CIOs polled said they would offer more training and professional development opportunities to employees in 2010.

"Employers need to focus on preventing burnout and keeping their best people engaged at work. This may be a challenge, given that staffing cuts and the reduction or elimination of benefits have left many employees feeling overworked and undervalued," said Dave Willmer, executive director at Robert Half Technology, in a statement.

Robert Half Technology suggested a few retention efforts IT employers must begin now, including training and career development programs and career advancement opportunities. CIOs should re-recruit their best employees, which essentially means they must start working to convince them to stay on board.

Other suggestions include recognizing excellence and providing project support. Robert Half Technology also suggests managers communicate regularly with staff, encourage team-building activities and promote work/life balance. Lastly, the firm says CIOs need to consider the compensation packages they offer as well as re-evaluate the workloads employees are carrying. Effort such as these will be important in reducing turnover, according to the firm.

"Companies may have to work at 're-selling' themselves to existing employees in much the same way they would when promoting themselves to prospective hires," Willmer added.

Yet it may be too late for some employees to be convinced to stay, suggests other research, which points to data collected after previous recessions and shows employees will seek other employment during the recovery. According to the September 2009 "Managing Talent in a Turbulent Economy: Keeping your team intact" report from Deloitte Consulting, "a resume tsunami may threaten unprepared companies as key employees who held on to their jobs in tough times seek out better opportunities when economic fears recede."

Jeff Schwartz, a principal with Deloitte Consulting's Human Capital practice, says there isn't much evidence to suggest that the recovery following the most recent economic recession will be any different in terms of employee turnover than previous downturns.

"There are some lessons that many in IT learned from the last recession that occur about 12 to 24 months after the end of the recession: very critical workers leave," Schwartz says. "Companies, especially leaders in IT, need to get ahead of the curve in terms of retention plans in the next year because it is a very reasonable bet that companies are going to see a pike in turnover after this recession."

Data from Gartner's CIO Research suggests the same, and the group's vice president Lily Mok says companies still are behind when it comes to workforce planning in regards to IT. She says as the recovery gets under way, IT teams won't return to their previous staffing levels, but instead hold steady, which means the remaining employees hold more company knowledge and experience – and represent a bigger risk if they decide to leave.

"Some IT skills take time to develop and companies hiring in these areas can face challenges finding permanent staff," Mok says. "We advise clients to be strategic and develop the technical skills they might need in the future in-house.”

She says now is when companies need to identify their core competencies, try to secure the skills and knowledge in-house to ensure that when economic conditions improve they have the talent and IT teams in place to prepare for a return to future growth.

"It's not realistic to predict what you need three years in advance, but having a workforce planning framework in place will help companies facing skills gaps when they really need that talent," Mok says.

Saturday, November 28, 2009

World AIDS Day December 1, 2009

Creed for Riches

Creed for Riches
by Dr. Napoleon Hill


I give thanks daily, not for mere riches, but for wisdom with which to recognize, embrace, and properly use the great abundance of riches I now have at my command. I have no enemies because I injure no man for any cause, but I try to benefit all with whom I come in contact, by teaching them the way to enduring riches. I have more material wealth than I need because I am free from greed and covet only the material things I can use while I live.


Source: PMA Science of Success Course. Pg. 25

Friday, November 20, 2009

Federal government using PS3 to crack pedophile passwords

Federal government using PS3 to crack pedophile passwords

By Alex Wawro

Federal officials have put the PS3 to work breaking passwords on computer equipment confiscated from suspected child pornographers. according to a story released on the Scripps Howard Foundation wire.

Though they aren't using the new PS3 Slim (since you can't install Linux on the new models) purchasing 20 old PS3 units is still about $8,000 cheaper than the Dell servers C3 had used previously. The unorthodox console approach has been so effective that agents are scouring eBay to find the best deal on another 40 consoles to round out their collection.

"Bad guys are encrypting their stuff now, so we need a methodology of hacking on that to try to break passwords," Claude E. Davenport, an agent in the U.S. Immigration and Customs Enforcement Cyber Crimes Center, told the Scripps reporter. "The Playstation 3 - its processing component - is perfect for large-scale library attacks."

Agents need computing power to break these codes because while a search warrant allows them to seize incriminating documents or digital evidence, the Fourth Amendment grants suspects the right to withhold their password information. To crack the code (there are over 280 trillian possible strings in a six-character alphanumeric password) C3 needs the processing power of about $11,000 worth of computers, which is now being provided by a network of PS3 consoles at a quarter of the cost.

Unfortunately for federal investigators, the consoles are strictly for work use only. "There's no controllers hooked up," claimed Davenport. Guess that means no Uncharted 2 at work after all.

Thursday, November 19, 2009

AMF bowls for customers with video sharing over managed I

AMF bowls for customers with video sharing over managed IP

Company tests automated heating controls, video surveillance using nationwide IP
By Matt Hamblen


AMF Bowling Centers Inc. is wrapping up the roll-out of a $2 million nationwide network equipment upgrade that supports Voice over IP (VoIP) and video streaming, and includes turning over all network management to Verizon Business for three more years.

AMF has 300 bowling centers in 38 states with more than 9,000 employees. As part of a contract with Verizon, the company is now relying on Verizon for an IP network that supports VoIP, point of sale devices and credit card transactions, and web hosting.

The IP network also supports a centralized video surveillance system that is now being launched, as well as a centralized energy management system being tested in several bowling centers.

Additionally, because bowling has become a multimedia experience for customers, video and audio streaming of music videos is piped to most of the bowling centers using the IP network, said Harsha Bellur, vice president of IT at AMF.

"We have extreme sound and light shows over projection screens in most locations with music videos that play while people are bowling," Bellur said.

The contract with Verizon, signed early this year, will cost AMF about $800,000 a year, in addition to the $2 million equipment cost for Adtran routers in each center and cabling installations, he said.

AMF's annual network services cost has gone up slightly with the Verizon managed service, but the number of IP applications and network reliability have far exceeded what was previously available, Bellur said. "The ROI was on the wall, but we had to do this and it made a lot of sense to invest, even with the recession," Bellur said in an interview.

Before hiring Verizon for the managed IP service, AMF was using Verizon to provide a site-to-site VPN service, which relied on cable modems and DSL, and required AMF to work with 36 different ISPs.

One of the biggest advantages of using a managed service from a nationwide provider like Verizon is having Service Level Agreements (SLAs) to guarantee service, Bellur said. With cable modems and DSL there was not consistent bandwidth, while demanding applications like video were not possible.

The SLAs have already come in handy, resulting in a credit from Verizon because VoIP service in Atlanta and Virginia Beach, Va., was knocked out recently more than 3.5 hours -- a provision of the SLA -- due to regional flooding, Bellur said. "Verizon has kept up with its SLAs and offered a financial remedy," he said.

While the Verizon VoIP quality is generally good, one downside is that voice service goes down whenever there is a data network outage. Because of the recent flood-related outages, AMF is planning to provision at least one analog phone line in each center to provide an automatic failover for voice services.

"It's back to the future with the analog failover," he said, noting that AMF is now testing existing analog lines that were not being used to see which are resilient enough for failover duty.

"The voice outages were a challenge and we learned the hard way with the floods," he said. "It caused some heartburn and was not something we anticipated, but we have options."

The managed services contract with Verizon has not led to layoffs in the 29-person IT staff, although Verizon is managing all circuits, routers and cloud computing services. The added Verizon support has meant AMF can strengthen its end-user computer support desk, which now is staffed by seven of the 29 in IT, Bellur said.

Bellur and others picked Verizon partly because of its nationwide network, he said. AT&T Inc. and regional service provider Paetec also bid.

The centralized energy management system for AMF is undergoing trial runs now, to test the IP network automatically turning on and off heating and air conditioning according to hours of each bowling center.

The video surveillance system is designed to prevent theft and is just being installed to use the IP network, Bellur said.

While AMF centers are actively using the network to support video and audio, Bellur said his team is contemplating using video displays as digital signs that would show pricing and examples of products on sale, including food and alcohol.

In addition, training videos could be piped over the IP network, Bellur said. A longer term conceptual project has been discussed to stream videos of bowlers or birthday parties being held at bowling centers to relatives in other cities. Potentially, self-service kiosks for ordering food are possible, and online posting of scores could take place, shared over the nationwide network.

"Teams between two cities could host a tournament sharing tournament brackets," he said. "We're brainstorming, but it all comes down to costs."

Wednesday, November 18, 2009

BDPA Detroit in the NEWS.

IT professionals to honor Michigan high school students

By TAYLOR TRAMMELL

Students who participated in the Detroit chapter of Black Data Processing Associates’ high school training camp will see the fruits of months of hard work tonight when they are honored at a scholarship and education awards banquet at Compuware Corp. at 7 tonight.

Matthew Clark, a senior at Cass Technical High School; Darryn Brundage-Forrest, a sophomore at Renaissance High School; Daniel Rothchild, a freshman at Pioneer High School, and Jourdan West, a freshman at Michigan State University, represented the chapter at BDPA’s 32nd National Technology Conference in Raleigh, N.C., in August. The team competed against more than 25 other chapters and won second place in Web design at the conference.

To prepare for the competition, the students trained for four to six hours every Saturday from January to August. Brundage-Forrest called it vigorous.

“They gave Quiz Factory questions to practice, which is the basic software they use at the competition,” he said. “We studied books on HTML, Java and CSS.”

For West and Clark, the training wasn’t new. Both students participated in the program in 2008 and came back for more.

“Last year we came in 10th place,” West said. “That was my main motivation to come back because I am not a 10th-place person. With a lot of hard work and determination, we did pretty good.”

At the conference, the students attended assemblies and programming sessions to further prepare them for the competition.

“It was definitely worthwhile,” Rothchild said. “I haven’t been able to see other kids who were also interested in computer science, so it was good to meet people with the same interests as me.”

All four students received a $2,000 scholarship to any university, and they already have plans for how to use their awards.

Clark plans to go to Ferris State University and study architecture. Brundage-Forrest plans to attend Florida Agricultural & Mechanical University to study engineering, information technology or medicine. Rothchild hasn’t picked a college but plans to study computer science. West graduated from Cass Tech in June and is a civil engineering major at Michigan State University.

The BDPA scholarship recipients, the rest of the class in the training program and the volunteers who helped prepare the students for the competition are to be acknowledged at the banquet, where former Detroit Mayor Dennis Archer is to be the guest speaker.

The BDPA high school training camp “is a very good program because it gives students a chance to do something different,” Clark said. “Instead of playing basketball all day, they gave us an opportunity to learn and have fun.”

The banquet is to start at 7 p.m. at Compuware Corp., 1 Campus Martius in downtown Detroit. For tickets, go to www.bdpa-detroit.org/HSCC2009.html. Advance tickets are $40 for adults, $30 for students with proper ID. Tickets can be purchased at the door for $50.

Jourdan West, Daniel Rothchild, Darryn Brundage-Forrest and Matthew Clark all received $2,000 college scholarships after representing the Detroit chapter of Black Data Processing Associates at the organization’s 32nd National Technology Conference in Raleigh, N.C., in August.   (Tonji Zimmerman/Black Data Processing Associates)

Jourdan West, Daniel Rothchild, Darryn Brundage-Forrest and Matthew Clark all received $2,000 college scholarships after representing the Detroit chapter of Black Data Processing Associates at the organization’s 32nd National Technology Conference in Raleigh, N.C., in August. (Tonji Zimmerman/Black Data Processing Associates)Clark plans to go to Ferris State University and study architecture. Brundage-Forrest plans to attend Florida Agricultural & Mechanical University to study engineering, information technology or medicine. Rothchild hasn’t picked a college but plans to study computer science. West graduated from Cass Tech in June and is a civil engineering major at Michigan State University.

Taylor Trammell is a senior and editor at Mumford High School's student newspaper, Mumford Times. She also was an apprentice at the Free Press this summer. See more of her work at FreepHigh.com.

Tuesday, November 17, 2009

The Top 100 Most Influential People in IT

I do not consider this an exhaustive list but this is very disappointing. Out of the 25 names, 3 were White women and one male from India. No Blacks or Hispanic on this list. The big question is
WHY?????


http://www.eweek.com/c/a/IT-Infrastructure/The-Top-100-Most-Influential-People-in-IT/

Cray blows by IBM to regain supercomputing crown

Cray blows by IBM to regain supercomputing crown

The two leading systems swapped places in the latest Top 500 Supercomputers list
By Stephen Lawson

A Cray supercomputer at Oak Ridge National Laboratory has regained the title of the world's most powerful supercomputer, overtaking the installation that was ranked at the top in June, while China entered the Top 10 with a hybrid Intel-AMD system.

How to build your own supercomputer

The upgraded Jaguar supercomputer at Oak Ridge, in Tennessee, now boasts a speed of 1.759 petaflops from its 224,162 cores, while the IBM Roadrunner system at the U.S. Department of Energy's Los Alamos National Laboratory in New Mexico slowed slightly to 1.042 petaflops after it was repartitioned. A petaflop is one thousand trillion calculations per second.

The list of the Top 500 supercomputers, set to be released on Monday during the SC09 supercomputing conference in Portland, Oregon, is compiled twice a year and is now in its 34th installment. The total capacity of the systems on the new list is 27.6 petaflops, up from 22.6 petaflops on the previous list in June.

Roadrunner debuted in June 2008 as the first computer to surpass 1 petaflop on the Linpack benchmark test used to rank systems in the Top 500. It held the top spot in June 2009 with 1.105 petaflops, but lost its place after being repartitioned. Jaguar, which was in second place in June with 1.059 petaflops, was upgraded with new processors and surged ahead to take the lead. It is based on the Cray XT5 Linux supercomputer platform, which uses Advanced Micro Devices Opteron (AMD) processors. Its total peak capability is 2.3 petaflops.

The No. 3 system is Kraken, at the National Institute for Computational Sciences at the University of Tennessee, which performs at 832 teraflops. This Cray XT5 supercomputer was ranked No. 6 in June, when it was rated at just 463 teraflops.

China's fastest supercomputer ever, the Tianhe-1 in the city of Tianjin, achieved 563 teraflops for the No. 5 ranking. It uses Intel Xeon processors with Advanced Micro Devices GPUs (graphics processing units) as accelerators. Each node of the 71,680-core system has two Xeons attached to two AMD GPUs, according to the compilers of the Top 500 list. Tianhe-1 was built by the National University of Defense Technology for the National SuperComputer Center and is intended to provide high-performance computing services in northeastern China. Applications will include petroleum exploration and aircraft design.

The only other Top 10 system outside the U.S. was Jugene, built by IBM at the Forschungszentrum Juelich in Germany, which was ranked No. 4. U.S. computers dominated the Top 500 overall, making up 277 of the systems, with Europe accounting for 153 and Asia for 50. Just to make it onto the new Top 500 list, a computer needed to achieve at least 20 teraflops, up from 17.1 teraflops earlier this year.

Intel processors power 402 of the systems on the list, or 80.4 percent, up slightly from 399 in June. The IBM Power architecture is the second most commonly used, with 52 systems, down from 55. AMD's Opteron family appears in 42 of the systems.

Most of the Top 500 supercomputers -- 426 systems -- now use quad-core processors. Only 59 use dual-core chips, and just four systems are based on single-core architectures. There were six systems on the latest list using IBM's nine-core Cell Broadband Engine processor, also used in the PlayStation 3. Gigabit Ethernet is the internal interconnect technology in 259 installations, compared with 181 using InfiniBand.

Hewlett-Packard led in the number of systems on the list, with 210 supercomputers or 42 percent, compared with 185 for IBM. However, the IBM systems accounted for the most computing power, with 34.8 percent of total performance, down from 39.8 percent. HP held 22.8 percent.

The Top 500 list is compiled by Hans Meuer of the University of Mannheim in Germany, Jack Dongarra of the University of Tennessee at Knoxville, and Erich Strohmaier and Horst Simon of the National Energy Research Scientific Computing Center at Lawrence Berkeley National Laboratory in California.

Monday, November 16, 2009

Motivational Monday

20 Ways to Get Mentally Tough

1. When you face a setback, think of it as a defining moment that will lead to a future
accomplishment.
2. When you encounter adversity, remember, the best don’t just face adversity; they
embrace it, knowing it’s not a dead end but a detour to something greater and better.
3. When you face negative people, know that the key to life is to stay positive in the
face of negativity, not in the absence of it. After all, everyone will have to overcome
negativity to define themselves and create their success.
4. When you face the naysayer’s, remember the people who believed in you and spoke
positive words to you.
5. When you face critics, remember to tune them out and focus only on being the best
you can be.
6. When you wake up in the morning, take a morning walk of gratitude and prayer. It will
create a fertile mind ready for success.
7. When you fear, trust. Let your faith be greater than your doubt.
8. When you fail, find the lesson in it, and then recall a time when you have succeeded.
9. When you head into battle, visualize success.
10. When you are thinking about the past or worrying about the future, instead focus your
energy on the present moment. The now is where your power is the greatest.
11. When you want to complain, instead identify a solution.
12. When your own self-doubt crowds your mind, weed it and replace it with positive
thoughts and positive self-talk.
13. When you feel distracted, focus on your breathing, observe your surroundings, clear
your mind, and get into The Zone. The Zone is not a random event. It can be created.
14. When you feel all is impossible, know that with God all things are possible.
15. When you feel alone, think of all the people who have helped you along the way and
who love and support you now.
16. When you feel lost, pray for guidance.
17. When you are tired and drained, remember to never, never, never give up. Finish
Strong in everything you do.
18. When you feel like you can’t do it, know that you can do all things through Him who
gives you strength.
19. When you feel like your situation is beyond your control, pray and surrender. Focus on
what you can control and let go of what you can’t.
20. When you’re in a high-pressure situation and the game is on the line, and everyone is
watching you, remember to smile, have fun, and enjoy it. Life is short; you only live
once. You have nothing to lose. Seize the moment.

What the Best do Better than Everyone Else!

Military wants lightweight fiber lasers for unmanned aircraft

This reminds me of the 1980's movie "Real Genius"

DARPA could offer over $6 million for advanced lighweight laser

By Layer 8

DARPA Hummingbird uavMilitary researchers are looking for a 22lb laser that can fit and operate in high-altitude unmanned aircraft.

As you might suspect, the Defense Advanced Research Projects Agency (DARPA) is behind the laser building project known as the Fiber Laser Pulsed Source (FILPS) program that could end up being used in a number of applications from drone communications and targeting to weapons. DARPA said approximately $6.3 million will be available with the anticipation of approximately two awards for FILIPS contracts.

Layer 8 Extra: 12 mad science projects that could shake the world

The attractive thing about fiber lasers is that they are by some estimates, two-times more efficient in that they can deliver more laser power per weight and volume than solid-state lasers.

Technically speaking from DARPA: The FILIPS program objective is to develop a versatile fiber laser/amplifier platform that can generate sub-ns duration pulses, with greater than 10-mJ of energy per pulse, at a 25-kHz repetition rate. The output pulse characteristics, including phase stability, pulse jitter, and laser beam quality, should be sufficient to enable efficient pulse energy scaling to the 100-mJ level via coherent combining. The system will need to be phase-locked to an external optical reference and configurable over a wavelength band greater than 5-nm in width.

DARPA stated that fiber laser amplifiers will enable the development of arrays of fiber amplifiers whose beams can be coherently combined into a single beam to reach very high power. The monolithic all-fiber design approach provides a robust platform that is more rugged than laser systems that employ free-space power transport. Fiber laser amplifiers will find applications in laser communications, target search and track, target identification and IFF, and ultimately high-power laser weapon applications.

The ultra-high efficiency and near diffraction limited beam quality promised by fiber laser amplifiers can lead to high power laser systems that are more than 10 times lightweight and more compact than existing high power laser systems currently deployed by the Dodd, DARPA stated.

Potential FILIPS developers need to address a few of the biggest hurdles in laser development. First is obviously keeping the weight down on the laser package itself. Laser-making equipment tends to be on the big and bulky side.

Then there is the issue of controlling the beam itself. From long distances in particular, lasers tend to spread out, making precise targeting a problem.

Finally there is the need to build a laser package that can generate enough power or brightness to be useful in myriad applications FILIP will entail.

DARPA has a ton of development work in lasers. For example in July the agency said it want to develop a laser system the goes way beyond today's opto-mechanical, acousto-optical or electro-optical systems to establish photonic integrated circuit (PIC) technology that will provide video frame rate beam steering speeds, and emit multiple beams with a total output power of 10 W.

DARPA said opto-mechanical scanning devices are usually bulky and relatively slow, while acousto- and electro-optical technologies utilize devices that while small in size, cannot provide the steering speeds and versatility necessary for many of the advanced applications the military envisions.

Known as the SWEEPER, which is short for short-range wide-field-of-view extremely-agile electronically-steered photonic emitters, DARPA said it expects the new laser technology to draw from phased array concepts that revolutionized RADAR systems.

DARPA said it expects SWEEPER will provide a compact, agile alternative to mechanically steered technology, and recognizing the recent advances in photonic device density, circuit complexity, and performance capabilities in the emerging PIC technology, the SWEEPER program should extend phased array beam steering to the optical domain in the near infra red (0.8 to 2 μm range) by developing PIC technology for optical phased arrays. Such arrays will require the integration of thousand of closely packed optical emitting facets, precise relative electronic phase control of these components, and all within a very small form factor with a total output power of 10W, DARPA stated.

DARPA has had a long interest in developing beyond-bleeding-edge laser technology. For example it currently is developing what's know as Blue Laser for Submarine Laser Communications which provides large area submarine communications at speed and depth, which no other future or existing system, or combinations of systems, can do. DARPA said.

Then there's the High Energy Liquid Laser Area Defense System which the agency defines as a novel, compact, high power laser enabling practical small-size and low-weight speed-of-light weapons for tactical mobile air- and ground-vehicles.

Large lasers have had success in blowing things up this year. In August, Boeing and the US Air Force said that a C-130H aircraft armed with Boeing's Advanced Tactical Laser (ATL) blasted a target test vehicle on the ground for the first time. Boeing has been developing the ATL since 2008 under an Air Force contract worth up to $30 million.

According to Boeing, the C-130 fired its 12,000lb high-power chemical laser through the beam control system while flying over White Sands Missile Range, N.M. The beam control system acquired the ground target and guided the laser beam to the target.