Friday, July 31, 2009
Thought for the Day
July 31, 2009
THE CON MAN WORKS HARDER AND PAYS MORE FOR WHAT HE GETS OUT OF LIFE THAN ANY OTHER PERSON, BUT HE KIDS HIMSELF INTO BELIEVING HE IS GETTING SOMETHING FOR NOTHING.
There is a fundamental rule in sales: You must sell yourself first before you can effectively sell others. If you can’t believe in the value of your products or service, no one else will either. If you are conning others into an unfair deal, you must work mightily to overcome your internal resistance to doing something wrong. A deal is a good one only when it is good for everyone involved. When each participant has an equal opportunity to profit and the risk is shared among partners who care about one another’s welfare, not only is the likelihood of success far greater, but the journey toward it will also be much more enjoyable.
This positive message is brought to you by the Napoleon Hill Foundation. Visit us at http://www.naphill.org.
Thursday, July 30, 2009
New IT job: Virtual Infrastructure Architect
According to a recent report by Forrester Research, a new role is emerging and quickly becoming required in many IT shops. The VI architect, Forrester says, would be responsible to oversee the operation of both the physical and virtual platforms across server, storage and network infrastructure domains. The position requires a range of virtual skills, including a broad knowledge of virtualization platforms and tools, but Forrester says don’t rely on technical certifications alone when considering potential candidates.
“Don’t discount a candidate just because he or she isn’t a VMware Certified Professional or Citrix Certified Administrator; relevant experience is just as, if not more, important,” the report reads. “Regardless, seek a VI architect with several years of hands-on virtualization experience, such as playing the role of technical lead on a large-scale server consolidation or virtualization initiative involving physical-to-virtual migrations.”
Not only will virtualization experience be required, but IT managers should also be looking for a technology generalist with experience and background in several areas of infrastructure, including networking and storage systems. The VI architect will help the network and storage teams, for instance, understand how virtual elements should perform and how to troubleshoot problems in the virtual realm, the research firm says.
Other skills required of a potential VI architect would be capacity planning, monitoring and forecasting skills. Forrester analysts explain in the report that either the VI architect will be the primary contact for capacity management or work closely with the already established capacity manager. Soft skills such as communication and facilitation capabilities will help the candidate get groups to more easily work together. And IT departments would also want to bring on a person that could achieve the goals without much guidance from management, the research firm suggests.
“The ideal VI architect candidate must be able to provide direct assistance to other infrastructure groups that may be facing configuration or performance problems,” Forrester analysts advise in the report. “Look for a candidate who will help reinvent your processes, service levels and other metrics as you discover their deficiencies.”
Monday, July 27, 2009
High Tech "Invisible
Tyrone D. Taborn
You may not have heard of Dr. Mark Dean. And you aren't alone. But almost
everything in your life has been affected by his work.
Dr. Mark Dean is a Ph.D. from Stanford University. He is in the National
Hall of Inventors. He has more than 30 patents pending. He is a vice
president with IBM. Oh, yeah. And he is also the architect of the
modern-day personal computer. Dr. Dean holds three of the original nine
patents on the computer that all PCs are based upon. And, Dr. Mark Dean is
an African American.
So how is! it that we can celebrate
the 20th anniversary of the IBM personal
computer without reading or hearing a single word about
him? Given all of the pressure mass media are under about negative
portrayals of African Americans on television and in
print, you would think it would be a slam dunk to highlight
someone like Dr. Dean.
Somehow, though, we have managed to
miss the shot. History is cruel when it comes to telling the stories of
African Americans. Dr. Dean isn't the first Black
inventor to be overlooked Consider John Stanard,
inventor of the refrigerator, George Sampson, creator of the clothes
dryer, Alexander Miles and his elevator, Lewis
Latimer and the electric lamp.
All of these inventors share two things:
One, they changed the landscape
of our society;
and, two, society relegated them to the footnotes of history.
Hopefully, Dr. Mark Dean won't go away as quietly as they did. He
certainly shouldn't. Dr. Dean helped start a Digital Revolution that
created people like Microsoft's Bill Gates and Dell Computer's Michael Dell.
Millions of jobs in information technology can be traced back directly to Dr. Dean.
More important, stories like Dr. Mark Dean's
should serve as inspiration for African-American children. Already victims
of the "Digital Divide" and failing school systems, young, Black kids
might embrace technology with more enthusiasm! if they knew someone like
Dr. Dean already was leading the way.
Although technically Dr... Dean can't be credited with creating the computer
-- that is left to Alan Turing, a pioneering 20th-century English mathematician, widely considered to be the father of modern computer science -- Dr. Dean rightly deserves to take a bow for the machine we use today. The computer really wasn't practical for home or small business use until he came along, leading a team that developed the interio! r architecture (ISA systems! bus) that enables multiple devices, such as modems and printers, to be connected
to personal computers.
In other words, because of Dr. Dean, the PC became a part of our daily
lives . For most of us, changing the face of society would have been enough. But not for Dr. Dean.. Still in his early forties, he has! a lot of inventing left
He recently made history again by leading the design
team responsible for creating the first 1-gigahertz processor chip.. It's
just another huge step in making computers faster and smaller. As the
world congratulates itself for the new Digital Age brought on by the
personal computer, we need to guarantee that the African-American story is
part of the hoopla surrounding the most stunning technological advance the
world has ever seen.. We cannot afford to let Dr. Mark Dean become a
footnote in history. He is well worth his own history book.
Thursday, July 23, 2009
Dangers to Avoid If Your Tech Job Is Also Your Hobby
Allan Hoffman, Monster Tech Jobs Expert
Techies often make information technology their career, because they love working with computers, whether cobbling together networks or building Web sites. But if your work is also your hobby, when do you have time for anything else? Is this situation simply a win-win for techies and their employers? Or does focusing too much attention on one part of your life pose risks?
“The job is just a way for me to continue my hobby and earn a living at the same time,” says Adnan Wasim, who writes a blog about system administration and software development. For Wasim, computers started out as a hobby and then morphed into a full-fledged career as he earned a bachelor’s degree in computer science and then started working full-time in the field. “Turning a hobby into a career is a perfect way to spend eight hours a day earning a living,” he says.
Career coach Lynn Berger concurs. “I believe it is wonderful to love what you do, and it should be somewhat fun,” she says.
On the surface, the convergence of a job and a hobby would appear to serve everyone well. Techies get to focus on what they love to do, while their employers enjoy the fruits of their enthusiasm. Yet techies should still watch out for these danger spots to make sure their hobby doesn’t drive their careers in the wrong direction.
Danger Spot 1: Not Focusing on the Job
Berger, for instance, warns techies about focusing on areas that interest them as a hobby when their jobs may require them to focus on something else entirely. “The only downside is if an individual spends a disproportionate amount of time on what they believe to be most interesting while ignoring the more significant and important parts of their job,” she says.
No doubt the transition from a hobby to a job requires a change in perspective. Self-styled computer geeks will typically reach a plateau with their hobby, often because they’re not required to delve deeper or tackle the sort of problems large organizations face.
“Given any task, there are enjoyable aspects of a task, and some not so enjoyable,” Wasim says. "When pursuing a hobby, an individual will probably work on the enjoyable aspects, ignoring the not-so-enjoyable aspects. However, to learn something fully, the not-so-enjoyable aspects are also important. A job can help you force yourself to learn the not-so-enjoyable aspects. This can only be beneficial in the long run.
Danger Spot 2: Not Diversifying Beyond Pure Technology
What’s more, even though techies may enter IT because they consider computers a hobby, that dynamic may change as they mature and their careers progress.
“Folks who enter IT because it is their passion are to be commended,” says John Baldoni, author of How Great Leaders Get Great Results. “The challenge is to enkindle a passion for management. Sadly, this is often not the case with tech folks, because moving into management requires that they give up what they enjoy doing most.”
In other words, a techie may be reluctant to give up the day-to-day work involving coding applications, tuning networks and the like, even if doing so could lead to additional responsibility, a better salary and perhaps a more rewarding career in the long run.
Management, in particular, requires a shift in outlook, along with a dedicated interest in areas like communication, writing and presentation skills.
“Management is not a hobby,” Baldoni says. "It is a full-time commitment. It requires a discipline for administration, akin to IT, yes, but focused now on people, not technology.
Danger Spot 3: Burnout
Computer-crazed techies also run the risk of burning out. Wasim cautions techies about spending all their time in front of a screen. “I think burnout is a very serious problem,” he says, noting the importance of mixing things up with family, friends, sports or whatever else interests you. "Too much of anything is bad.
America's 10 most wanted botnets
Botnet attacks are increasing, as cybercrime gangs use compromised computers to send spam, steal personal data, perpetrate click fraud and clobber Web sites in denial-of-service attacks. Here's a list of America's 10 most wanted botnets, based on an estimate by security firm Damballa of botnet size and activity in the United States.
No. 1: Zeus
Compromised U.S. computers: 3.6 million
Main crime use: The Zeus Trojan uses key-logging techniques to steal sensitive data such as user names, passwords, account numbers and credit card numbers. It injects fake HTML forms into online banking login pages to steal user data.
No. 2: Koobface
Compromised U.S. computers: 2.9 million
Main crime use: This malware spreads via social networking sites MySpace and Facebook with faked messages or comments from "friends." When a user is enticed into clicking on a provided link to view a video, the user is prompted to obtain a necessary update, like a codec -- but it's really malware that can take control over the computer.
No. 3: TidServ
Compromised U.S. computers: 1.5 million
Main crime use: This downloader Trojan spreads through spam e-mail, arriving as an attachment. It uses rootkit techniques to run inside common Windows services (sometimes bundled with fake antivirus software) or in Windows safe mode, and it can hide most of its files and registry entries.
No. 4: Trojan.Fakeavalert
Compromised U.S. computers: 1.4 million
Main crime use: Formerly used for spamming, this botnet has shifted to downloading other malware, with its main focus on fake alerts and rogue antivirus software.
No. 5: TR/Dldr.Agent.JKH
Compromised U.S. computers: 1.2 million
Main crime use: This remote Trojan posts encrypted data back to its command-and-control domains and periodically receives instruction. Often loaded by other malware, TR/Dldr.Agent.JKH currently is used as a clickbot, generating ad revenue for the botmaster through constant ad-specific activity.
No. 6: Monkif
Compromised U.S. computers: 520,000
Main crime use: This crimeware's current focus is downloading an adware BHO (browser helper object) onto a compromised system.
No. 7: Hamweq
Compromised U.S. computers: 480,000
Main crime use: Also known as IRCBrute, or an autorun worm, this backdoor worm makes copies of itself on the system and any removable drive it finds -- and anytime the removable drives are accessed, it executes automatically. An effective spreading mechanism, Hamweq creates registry entries to enable its automatic execution at every startup and injects itself into Explorer.exe. The botmaster using it can execute commands on and receive information from the compromised system.
No. 8: Swizzor
Compromised U.S. computers: 370,000
Main crime use: A variant of the Lop malware, this Trojan dropper can download and launch files from the Internet on the victim's machine without the user's knowledge, installing an adware program and other Trojans.
No. 9: Gammima
Compromised U.S. computers: 230,000
Main crime use: Also know as Gamina, Gamania, Frethog, Vaklik and Krap, this crimeware focuses on stealing online game logins, passwords and account information. It uses rootkit techniques to load into the address space of other common processes, such as Explorer.exe, and will spread through removable media such as USB keys. It's also known to be the worm that got into the International Space Station in the summer of 2008.
No. 10: Conficker
Compromised U.S. computers: 210,000
Main crime use: Also called Downadup, this downloader worm has spread significantly throughout the world, though not so much in the U.S. It's a complex downloader used to propagate other malware. Though it has been used to sell fake antivirus software, this crimeware currently seems to have no real purpose other than to spread. Industry watchers fear a more dangerous purpose will emerge.
Tuesday, July 21, 2009
Microsoft Releases 20,000 Lines of Linux Codeby Darryl K. Taft
Microsoft releases 20,000 lines of device driver code to the Linux community under the popular GPLv2 license.
Microsoft has released 20,000 lines of device driver code to the Linux community.
The software giant announced its move at the O'Reilly Open Source Convention in San Jose, Calif., on July 20. The code, which includes three Linux device drivers, has been submitted to the Linux kernel community for inclusion in the Linux tree, Microsoft said.
The drivers will be available to the Linux community and customers alike, and will enhance the performance of the Linux operating system when virtualized on Windows Server 2008 Hyper-V or Windows Server 2008 R2 Hyper-V, Microsoft officials said.
In a Q&A about the release of the code on Microsoft's PressPass site, Tom Hanrahan, director of Microsoft's OSTC (Open Source Technology Center), said, "This is a significant milestone because it's the first time we've released code directly to the Linux community. Additionally significant is that we are releasing the code under the GPLv2 [General Public License Version 2] license, which is the Linux community's preferred license."
Hanrahan added, "Our initial goal in developing the code was to enable Linux to run as a virtual machine on top of Hyper-V, Microsoft's hypervisor and implementation of virtualization."
Sam Ramji, senior director of Platform Strategy in Microsoft's Server and Tools organization, said part of Microsoft's motivation behind this move is to help companies cope with "the current economic climate," which calls for increased heterogeneity.
Moreover, "there's mutual benefit for customers, for Microsoft, and for commercial and community distributions of Linux, to enhance the performance of Linux as a guest operating system where Windows Server is the host," Ramji said.
Ramji also noted that Microsoft is involved in other open-source efforts. Ramji said:
In a statement, Novell said: "As a leading Linux solutions provider and an active player in the Linux community, Novell was influential in bringing this about and has worked closely with Microsoft to make this a reality. Under the direction of Novell Fellow Greg Kroah-Hartman, who leads the Linux Kernel Device Driver project, Novell proactively engaged with Microsoft to provide valuable guidance and feedback to the Open Source Technology Center, which enabled the team to contribute the code in a way that was in line with community processes."
Meanwhile, in a blog post, Novell CTO Jeff Jaffe said:
Tuesday, July 14, 2009
|So-Called 'Dying Cities' Fight Back With Conference |
Forbes magazine's alleged "10 Fastest Dying Cities" In America are fighting back with a symposium and arts festival.
The event will be hosted by the city of Dayton, Ohio Aug 7 - 9.
Dayton -- along with Detroit and Flint in Michigan; Canton, Cleveland and Youngstown, Ohio; Buffalo, N.Y., Charleston, W. Va. Scranton, Pa. and Springfield, Mass. were dubbed America's fastest dying by Forbes in August 2008.
Organizers say the cities want to "demonstrate that our people and our citizens are very much alive, by presenting the most innovative efforts underway to return our communities to vibrancy. By sharing ideas and inspiration, we can learn from each other, form new relationships and create a host of possibilities for civic enhancement."
Friday, Aug. 7 will feature an evening of arts and music from Dayton and other cities. Saturday, Aug. 8 there will be a symposium from 8 a.m. to 5 p.m. at the Dayton Convention Center. And on Sunday, Aug. 9 there will be continental breakfast at Riverscape MetroPark and more networking.
The event is free, although preregisatration is requested so organizers can gauge the number of attendees.
As for lodging, a group rate is available at the Dayton Crowne Plaza across from the Convention Center and at The Doubletree, four blocks away, both for $89 per night. For the Crowne Plaza, call (877) 834-3613 and ask for the Ten Living Ciities or T10 group code. At the Doubletree, call (937) 461-4700 and ask for the Ten Living Cities group rate.
The 10 Living Cities is the brainchild of Peter Benkendorf, executive director of Involvement Advocacy, and Mike Elsass, owner of Color of Energy Gallery, both of Dayton.
They envisioined bringing together artists and activists, community leaders and organizers, public officials and civic-minded people from the 10 cities, to share ideas, inspiration and create new possibilities for what our future can be.
More at www.tenlivingcities.org.
Sunday, July 12, 2009
|Top 21 African American Professional Organizations|
Whether you're an African American accountant, attorney or astrophysicist, there's probably a related professional organization. Joining an association can provide education in your field, networking opportunities and advocacy -- all with a focus on issues important to African Americans. Find the right one for you by checking out this list of 21 of the largest and oldest national groups:
Friday, July 10, 2009
By VERENA DOBNIK
NEW YORK (AP) -- New York's attorney general charged Thursday that Tagged.com stole the identities of more than 60 million Internet users worldwide - by sending e-mails that raided their private accounts.
Andrew Cuomo said he plans to sue the social networking Web site for deceptive marketing and invasion of privacy.
"This company stole the address books and identities of millions of people," Cuomo said in a statement. "Consumers had their privacy invaded and were forced into the embarrassing position of having to apologize to all their e-mail contacts for Tagged's unethical - and illegal - behavior."
Started in 2004 by Harvard math students, Greg Tseng and Johann Schleier-Smith, Tagged calls itself a "premier social-networking destination." The California-based company claims to be the third-largest social networking site after Facebook and MySpace, with 80 million registered users.
Cuomo said Tagged acquired most of them fraudulently, sending unsuspecting recipients e-mails that urged them to view private photos posted by friends.
The message read: "(name of friend) sent you photos on Tagged."
When recipients tried to access the photos, Cuomo said they would in effect become new members of the site - without ever seeing any photos. Recipients' e-mail address books would then be lifted, the attorney general said.
Tagged temporarily suspended its online campaign last month, in response to user complaints.
E-mail and telephone messages from The Associated Press to the company were not immediately returned on Thursday.
In an open letter on the site, dated June 16, Tseng acknowledges that Tagged had received 2,000 complaints "from people who invited all the contacts in their e-mail address books but didn't intend to."
He said that every day, "our members make 2 million new friend connections" using the site's special "feature." But on June 7, in response to the complaints, "we hit the pause button."
The site than e-mailed all new members to offer "information on how to manage their contacts and, if they wanted, how to cancel their membership."
Cuomo said Tagged's problems went far beyond technical glitches.
"This very virulent form of spam is the online equivalent of breaking into a home, stealing address books, and sending phony mail to all of an individual's personal contacts," Cuomo said.
The system was set up so that a user was asked whether the sender of the photos was a friend, then suggesting that if the recipient didn't respond, the friend "may think you said no" (accompanied by a sad face icon).
Any click resulted in the same thing, Cuomo said: Every person on a user's contact list received an e-mail that again read, "(name of user) sent you photos on Tagged." The site then released a flood of offers for everything from sweepstakes to other services.
By the time a recipient realized there were no photos, it was too late.
On Thursday, a box on the site's home page still read: "NOW HIRING ... click here."
The attorney general said a lawsuit would seek to stop Tagged from engaging in "fraudulent practices" and to seek fines.
Another site founded by Tseng, Jumpstart Technologies, was fined $900,000 in 2006 by the Federal Trade Commission for violating the CAN-SPAM Act - signed into law in 2003 by President Bush as the anti-spam national standard for commercial e-mail.
At the time, the director of the FTC's Bureau of Consumer Protection, Lydia Parnes, said the Tseng-founded site had "intentionally used personal messages as a cover-up for commercial messages."
Such practices not only violate the law, she said, "but also consumer trust.
Thursday, July 09, 2009
Newest IE bug could be next Conficker, says researcher
The critical bug that Microsoft confirmed Monday but has yet to patch is a prime candidate for another Conficker-scale attack, a security researcher said.
"It's better than [the vulnerability used by] Conficker," Roger Thompson, chief research officer at AVG Technologies, said yesterday. "It exposes the whole world, and can be exploited through the firewall. That's better than Conficker, which mostly did its damage once it got inside a network."
Conficker, the worm that exploded into prominence last January when it infected millions of machines, exploited an already-patched bug in Windows that Microsoft had thought dire enough to fix outside its usual update schedule.
The worm hijacked a large number of PCs -- estimates ranged as high as 12 million at one point -- and then assembled them into a massive botnet able to spread malware, plant fake antivirus software or distribute huge amounts of spam.
"I have no doubt that the really bad guys are bustling to get this [new vulnerability] into their exploit toolkits," said Thompson. "For the Conficker people, this could be the next thing. They waited until they had a really good exploit, then combined that with some smart strategies. So I wouldn't be surprised if they picked up on this."
The vulnerability Thompson's worried about is in the Microsoft Video Controller ActiveX Library, or the "msvidctl.dll" file, an ActiveX control that can be accessed using Internet Explorer (IE). Although the bug has been used by hackers since at least June 9, it only made it into the public eye this week, when several security companies, including firms in both China and Denmark, reported that thousands of compromised sites were serving up exploits.
On Monday, Microsoft acknowledged the vulnerability in a security advisory, said it would produce a patch and provided an automated tool to disable the ActiveX control by setting nearly three-dozen "kill bits" in the Windows registry.
"This is a good exploit with a big lump of infectable people," said Thompson.
One reason why the bug is an excellent choice for hackers is that it hasn't been patched. When Conficker first appeared, the flaw it exploited had already been patched by Microsoft. It turned out, however, that there were plenty of PCs that had not been updated with the fix.
Thompson wouldn't hazard a guess as to whether Microsoft would be able to craft a fix in time to add it to the patches slated for delivery next Tuesday, July's regularly-scheduled update day. "But I'm fairly confident that they're trying very hard," he said.
Attack code is readily available, Thompson said, meaning that attackers not yet abusing the bug don't have to figure out an exploit of their own. "If the people who infect banner ads use this before there's a patch, then watch out," he warned.
Today, Microsoft admitted that researchers at IBM's ISS X-Force had reported the vulnerability in 2008, but did not name the date. The X-Force researchers had uncovered the flaw in late 2007, and had reserved a CVE (Common Vulnerabilities and Exposures) number in December of that year. One of the researchers, Alex Wheeler, who is now the manager of 3Com's TippingPoint DVLabs, declined to name the date ISS reported the bug to Microsoft, citing a non-disclosure agreement he'd signed with his former employee.
Microsoft didn't directly answer a question about why it had not patched the ActiveX vulnerability when it has known about the bug for at least six months and possibly as many as 18. "When we were alerted in 2008, we immediately started an investigation," a company spokesman said today in an e-mail. "As we wanted to be thorough, this took extra time to fully evaluate."
The "extra time" Microsoft needed may strike some as odd, since the ActiveX control -- the "msvidctl.dll" file -- is the company's own code. And that's unusual, said Thompson. "This is the first issue with a Microsoft .dll for, really, a long while," Thompson said. "Maybe since the ANI bug in April 2007. Usually, it's a Chinese .dll or something from Adobe."
The vulnerability in Windows' animated cursor -- found in the "user32.dll" file -- was patched more than 100 days after Microsoft was alerted by Alexander Sotirov, a vulnerability researcher at Determina. Microsoft issued an "out-of-band" patch for the ANI bug, breaking from its regular monthly schedule.
"It's not the end of the world or anything," said Thompson. "But I won't be surprised to see Version 2.0 of Conficker with this. It seems custom-made for them."
Systems running Windows XP or Windows Server 2003 are vulnerable to current attacks through IE6 and IE7. Windows Vista and Windows 7 are not at risk; nor are users running IE8 or other browsers, such as Mozilla's Firefox and Google's Chrome.
CompuServe closes after 30 years
It was spun off as a separate company in 1975. It began offering electronic mail capabilities and technical support to commercial customers in 1978, and for many industry veterans it provided them with their first ever online experience. Undoubtedly, its golden years was during the 1980s (where it was used mostly to exchange files electronically) and the early years of the 1990s, where its email and moderated forums proved to be enormously popular with the PC crowd.
Indeed, by 1991, it claimed to have over a half a million users simultaneously online, and by 1995, it topped three million members, the largest online service provider at that time. However, cracks started to appear when it began competing against newcomers such as AOL, which rapidly gained market share thanks to its intense marketing campaigns and by offering users a flat monthly rate instead of the per-hour online access charged by CompuServe. AOL acquired CompuServe in 1997, and for a time the company was preserved as a separate service but was badly neglected by its parent company.
As the world wide web grew in popularity, many organizations closed their CompuServe customer support forums and instead began offering customer support via their own websites. And in an ironic twist, AOL is now itself facing an uncertain future as its subscription base has been steadily declining. In 2006 the UK ISP business of AOL was sold off to the Carphone Warehouse.