Tag Archives: DoS

The New Attack: Penetrate and Tailor

In its latest security report Cisco identifies a trend I hadn’t heard of before with malware writers: Closer inspection of those computers they’ve successfully penetrated to see whether there’s something interesting there, and then if there is targeting that company (or organisation) with a more tailored follow-up attack:

Attackers can—and do— segregate infected computers into interest areas and modify their methods accordingly. For example, after initial infection by a common downloader Trojan, subsequent information may be collected from infected machinesto identify those systems more likely to lead to sensitive information. Subsequently, those “interesting” machines may be delivered an entirely different set of malware than would other “non-interesting” computers.

This is, as Cisco says, a pretty good example of that much maligned term, the Advanced Persistent Threat. Unfortunately they don’t give more concrete examples. But it seems as if the most targeted sector is the pharmaceuticals and chemical industry: 500% more than the median infection rate, or twice the next industry, oil and gas.

On DoS (Denial of Service) attacks, Cisco says that “while once largely prank-related, DoS attacks are increasingly politically and financially motivated.” It doesn’t add more, unfortunately, and much of the rest of the report is sales-pitch. I’ll try to get more out of them, because there might be some interesting trends lurking behind the rather thin data.

User Determined Computing

I’m not sure it’s a new phenomenon, but Accenture reckons it is: employees are more tech savvy than the companies they work for and are demanding their workplace catches up.

A new study by Accenture to be released next week (no link available yet; based on a PR pitch that mentions no embargo) will say that until recently all the most advancted networks and communication devices were at the office. Now they’re at home. The company calls it “user-determined computing”:

Today, home technology has outpaced enterprise technology, leaving employees frustrated by the inadequacy of the technology they use at work.  As a result, employees are demanding more because of their ever-increasing familiarity and comfort level with technology. It’s an emerging phenomenon Accenture has called “user-determined computing.”

The global study of more than 300 Chief Information Officers (CIOs) will argue that “executive and technology leaders are undertaking superficial improvements in their information technology systems rather than making fundamental changes to meet the growing demands of users.” The research will show that the high performing companies are those that are deploying the new technologies.

So far so good (and until we see the report that’s all we’ve got for detail.) I’d argue that this disconnect has existed for years and only been exacerbated by the rise of Web 2.0. But I’m a little less sure of Accenture’s argument when it says that it has launched an internal initiative of its own — what it’s rather lamely calling “Collaboration 2.0”, which involves

rolling out enhanced search capabilities, high-definition and desktop video conferencing solutions, unified messaging, and people pages (similar to personal pages on social networking sites).

A good enough start, I guess, but hardly an office revolution. And I think the term “user-determined” is misleading; it sounds as if users actually have a say in what computers, communications and software they use. Even Accenture’s own Collaboration 2.0 doesn’t sound as if that’s the case. “User-influenced”, maybe.

What do I think? I believe that most companies’ internal software systems need a major more radical overhaul — of five media companies I have had dealings with recently, one still uses the same editing software it had in place more than 10 years ago, another uses a system that has no major changes to its interface since the early 1990s, and another uses DOS WordStar.

I believe that companies need to be more flexible about how/where/when their workers work. The when and where is being addressed with telecommuting and flexible hours. But I also think that workers should be free to use everything that Web 2.0 has to offer — collaboration tools like stuff from 37Signals, Google Apps, Skype, their own hardware, whatever it takes. I know there are security and legal issues involved, but, let’s face it, what worker doesn’t use their own instant messaging program, log into Gmail on their office computer and other “illegal” moves inside the enterprise?

It’s time to let the worker work as s/he wants. If Accenture has spotted anything, it’s probably that the most productive workers are independent workers — those who set up their own systems so they’re not dependent on and held back by their employer. If that’s true, then the logical conclusion is that those employees are probably not employees anymore, but have struck out on their own either as consultants, freelancers or hitched their wagons to smaller, leaner and more flexible startups.

PS I wasn’t hugely impressed with Accenture’s own website, which didn’t comply with the most basic standards of Web 2.0. For one thing, it’s Flash-based, with no options for a quicker loading, HTML version. And the Flash doesn’t load quickly:

image

Secondly, a pop-up window greets you on your immediate arrival requesting your participation in a survey:

image

Not a good start.

It’s Not the “Death” of Microsoft, it’s the “Death” of Software

Paul Graham writes an interesting obituary of Microsoft, killed off, as he sees it, by applications that sit in your browser. It’s just a matter of time, he says, before every application we need can grabbed off the server.

This is the kind of established wisdom of Web 2.0 folks these days that prompts only howls of “old news”. In some senses it’s right. I don’t use an email client anymore, nor a news/RSS reader. I try to use a calendar app like Outlook as little as possible. I even use Google Docs sometimes. But we’re a long way from interesting, complex applications running in the browser.

The problem: Most web applications are broken, and if we were paying for them, or Microsoft were making them, we’d be howling. Google Docs’ word processor, for example, quickly breaks down on bigger documents (weird artefacts appear in the text, keyboard shortcuts stop doing what they’re supposed to.) Its spreadsheet program mangles spreadsheets. The functionality in both is extremely limited for anything more than the most basic tasks.

All this takes us to a weird place: We somehow demand less and less from our software, so that we can declare a sort of victory. I love a lot of Web 2.0 apps but I’m not going to kid myself: They do one simple thing well — handle my tasks, say — or they are good at collaboration. They also load more quickly than their offline equivalents. But this is because, overall, they do less. When we want our software to do less quicker, they’re good. Otherwise they’re a pale imitation of more powerful, exciting applications in which we do most of our work.

Like what? Well, what have I got running on my (Windows) desktop right now:

  • BlogJet — blog writing tool. Online equivalent: Blog service tool. Difference: BlogJet more powerful than its browser equivalent, no latency, lets me work offline. Can move it around the screen and outside the browser. Can use ordinary editing shortcuts like Ctrl+B and Ctrl+K.
  • ExplorerPlus – file management tool. Lets me see what’s on my computer and move stuff around. Online equivalent: None? (ExplorerPlus now appears to be an orphan, sold by Novatix to SendPhotos Inc, but now no longer visible on their site.)
  • Text Monkey Pro – cleans up text. Online equivalent: Firefox plugin Copy Plain Text
  • ConnectedText – offline Wiki type organiser/outliner. Web app equivalent: TiddlyWiki. Jury still out on which is better
  • MyInfo – outliner. Online equivalent: Don’t know of any online outliner. There must be one.
  • PersonalBrain: thought organizer. Online equivalent: Don’t know of any.
  • Mindmanager: mindmapper. Online equivalents: bubbl.us, Mindmeister, Mindomo. Difference: Mindmanager much more powerful, works with more branches without losing effectiveness, integrates with other tools.
  • !Quick Screen Capture: screen capture tool. Online equivalent: Not known.
  • PaperPort: scanner and PDF database. Online equivalent: None.

Now it’s not as if I’m using these products because I think they’re all great. It’s just that no one has come along with anything better (Mac users: your cue to point me to great Mac equivalents). The past seven years, in fact have brought along nothing exciting in the offline apps world so it doesn’t surprise me that online applications, for all their simplicity, are getting the attention. (Don’t get me started on how weak and unimaginative PaperPort is. Mindmanager is still not as good as it could be; outliners are still doing very little more than their DOS forebears, and the lack of decent file managers is a crime.)

But all this just proves to me that there has been little real innovation in software in the sense of making programs do more. Web 2.0 has excited us because we lowered our expectations so much. Of course web apps will get better, and one day will deliver the functionality we currently get from desktop software. They may even do more than our desktop applications one day. But isn’t it a tad strange that we think this is all a huge leap forward?

Starting A Computer That Won’t Start

If you have problems starting Windows XP because of a blue screen telling you (I forget the exact wording) that you need to run CHKDSK /f and disable all antivirus and disk management programs, here’s a possible solution.

The problem is that while you’d love to run CHKDSK /f — which runs a check on your hard drive and fixes any file errors — you can’t actually start Windows, or even get to a DOS prompt, to do it. The furthest you’re likely to get is a screen listing the drivers being loaded, but stopping at one called agp440.sys. Then the blue screen. Here’s what worked for me (it assumes you have a spare computer and an external drive casing for your hard drive, whichever size it is. I’ve learned to hang onto these kind of things for just such a situation as this):

  • Turn off the computer (I’m assuming it’s a laptop but this would work with a desktop too)
  • Remove the hard drive (take photos with your cellphone if necessary to remind yourself where the screws went, etc)
  • Attach the hard drive to your second computer using the external casing
  • Run CHKDSK /f (or any Disk Checker utility) over the hard drive. This should fix the problems with the hard drive
  • Remove hard drive from external casing and put back in original computer.
  • Restart computer

May not work for everyone but it worked for me.

technorati tags: , ,

A New Way To Grab Stuff

The folks at EverNote tell me that version 1.0 for Windows is officially launched today:

As you may recall, EverNote lets you place all of your notes and content (web clips, images, text, passwords, to dos, etc.) on an endless, instantly searchable, digital roll of paper. Our founder, Stepan Pachikov, likes to say that EverNote gives users that much sought after ‘perfect photographic memory’ — a single place for all your info, accessible anytime, any place.

Some new features for those familiar with the earlier beta version:

  • – A Web Clipper where you can instantly export web content into EverNote from IE or Firefox. Our beta users have found this helpful for quickly capturing content while reading news, researching or shopping online;
  • New category icons (over 50), where you can easily assign icons to identifiable individual categories, such as Web Clips, Business, Personal, Travel, Shopping and more;
  • Ability to email or print notes;
  • Backup support;
  • Extensive improvements to categories, tool tips and keyboard shortcuts (a new total of 80).

Definitely worth checking out if you’re looking for a way to store data from the web on the fly.

Column: WordPerfect Office

 
Loose Wire — Office Challenge: Corel Software’s latest version of WordPerfect Office has some great features, including a dictionary to die for and fumble-free format switching; Is it time to ditch Microsoft?
 
By Jeremy Wagstaff, from the 8 May 2003 edition of the Far Eastern Economic Review (c) 2003, Dow Jones & Company, Inc.
 
It requires a brave soul to take on Microsoft on its home turf. Even more so when one of the main selling points is a blue screen that nostalgically reminds users of their youth.

Enter WordPerfect Office 11, the latest version of Corel Software’s suite of applications that is supposed to be an alternative to Microsoft Office, the lumbering behemoth that accounts for more than 90% of the “desktop office-productivity applications” market (in other words: word processing, spreadsheeting, making slide shows to impress the boss). At $300, it’s quite a bit a cheaper than Microsoft’s offering, and with its flexible upgrade policy, it means you can more or less trade in any competing Microsoft program for about $150. Not to be sniffed at if you’re tired of shelling out for a whole department’s worth of word processing. Oh, and for legal eagles and apparatchiks who love the old DOS, blue-screen look of WordPerfect, there’s that too, along with most of the original keystrokes.

But does it really make sense to ditch Microsoft Office? There are plenty of reasons you might not want to: While the main elements of WordPerfect Office are similar to those of Microsoft’s, don’t expect to find all the commands and keystrokes in the same place. That means you and your cohorts will have to unlearn quite a lot. And there are bits missing: There’s no e-mail program in this version, for example. While I found some elements of the word-processing part of the suite useful, I encountered what can only be called weird formatting issues, which nearly cost me this column.

But there are some positives. It will run on operating systems from as far back (gasp) as Windows 98, whereas Microsoft Office 2003 will only run on Windows 2000 and XP (go figure: it takes a non-Microsoft product to run on a Microsoft platform). There’s a great thesaurus and dictionary, courtesy of Oxford, which together give you extended meanings, choices of usage, related words, antonyms and what-have-you. Quattro Pro is a sturdy Excel spreadsheet replacement, while Presentations is half graphics package, half PowerPoint presentation creator.

And Corel goes the extra mile in ensuring that you can switch between formats easily: Say you composed a document in Microsoft Word; you can easily open it in WordPerfect, edit it, and then save it in either format — or countless others. You can even save a file in the Adobe Acrobat format, a great way to ensure your documents look as good on other people’s computers as they do on yours.

This commitment to easy jockeying between formats is a major strength. But it’s only part of what may be the future of software, and, perhaps, the salvation of Corel: easy switching of data between computers, between programs and between platforms, using something called Extensible Markup Language. XML — an open-source language developed by a consortium of manufacturers and developers — is an improved version of HTML, the programming language used to make Web pages. Simply put, HTML uses hidden tags so that different browsers know how to present information in similar ways: The tag <Title>, for example, tells the browser to use whatever font and layout it is programmed to use for that style to display the title of the Web page you’re viewing. HTML tags, however, are preset — Title, Bold, whatever — whereas XML tags can be modified by the user. Under XML a tag can be very specific, classifying the data it refers to: <Explanation of technical term>, for example, or <Inventory of pigs’ trotters from the Russian Steppes>, or <Information given by tech columnist that is needlessly confusing reader>. Any document that uses those tags can, in theory, hook up with another document that’s agreed on the same tags, meaning data can be shared, compared and combined easily, without a lot of converting and other jiggery-pokery.

What’s this got to do with Office suites? WordPerfect seamlessly weaves XML into its component programs, so users can, with relative ease, save documents in XML format. And, while Microsoft in theory offers the same thing, there are signs that it’s not quite playing ball: Only the whizzbang top-level version of the upcoming Microsoft Office will support full XML capability, according to press reports — a step back from its present version.

The reason? No one’s saying, but it’s quite possible that the Redmond giant sees a threat to its de facto dominance of the Office market. Not because folk like Corel may be stealing a few customers, but because XML may end up replacing the formats that you save your document in. Right now, most documents are saved as Microsoft Word files, spreadsheets as Excel files, etc. This makes sense because most people use those programs. But what happens if people start using XML — open, flexible, free — as a format instead? Microsoft may be left out in the cold.

This may never happen. For all their faults — and there are many — Microsoft Office’s programs rule the roost, and part of the reason for this is that they are good. Well, quite good, anyway. And while folk may grumble, no one’s really challenging them. Corel is to be congratulated for pushing the envelope with version 11 of WordPerfect Office, but as of this month it’s struggling to find a buyer.

My advice? Unless you’re mightily sick of Microsoft Office, or desperate to save cash, don’t ditch it quite yet. If you are, you might want to try another option first: OpenOffice, a free suite of applications which, given that most folk use only a fraction of their Office suite’s features, may well be enough.