|
|
|||||||||||||
**** NewsBytes ****
LaCie points finger to 1TB drive
Storage hardware firm LaCie has launched its d2 SAFE Hard Drive which incorporates biometric protection with up to 10 fingerprints, allowing users read/write or read-only access to the stored data. The external drive is accessed via Firewire 400/800 and USB 2.0/1.1 ports in capacities of 500GB and 1TB, the latter retailing at under £400. The drive also includes automatic 128-bit AES hardware encryption for automatic file encoding. Product details at LaCie.
XP exit
The version of Windows XP used by Original Equipment Manufacturers (OEMs) will be phased out by the end of January 2008 even though its Vista replacement still has compatibility problems. Instead, OEMs will be required to bundle Vista despite some customer resistance. Downgrade rights will still apply, so that customers can buy a Vista licence but continue to use XP, though the operating system software and its CDs will become more difficult to obtain. On a posting in Dell's Direct2Dell blog, some customers have gone as far as citing lack of XP as a deal-breaker. Support for the Windows XP series of systems comes "either 12 months after the next service pack releases or at the end of the product's support lifecycle, whichever comes first" according to Microsoft's support lifecycle page for XP SP2, but since rumours of a Service Pack 3 abound, the exact date is unknown. Microsoft's current estimate is 2008.
Mainstream support for all versions of Windows XP should continue at least until April 2009, though the extraordinary extension of support previously granted to the popular Windows 98 should be borne in mind.
Vista plaster
Unfolding rumours on the Internet suggest that Microsoft is gearing to release Windows Vista Service Pack 1 (SP1) around November 2007. The company earlier used legal pressure to have a link removed to a packaged download of Vista hotfixes run by the owner of thehotfix.net
Flash flood
A timely reminder to keep Flash player updated on vulnerable machines if updates are not automatic. Adobe has announced solutions to critical vulnerabilities across a raft of their products on affected systems including Microsoft Windows, Apple Mac OS X, Linux and Solaris. The vulnerabilities could allow remote, unauthenticated attackers to execute programs arbitrarily or cause a denial of service (DoS) that typically result in floods of traffic making systems unusable. For more info read Adobe security bulletin APSB07-12.
DotAsia domains
Following approval from ICANN (Internet Corporation for Assigned Names and Numbers), applications for domain names under the new .asia top-level domain will begin to be accepted from October. DotAsia Organisation Limited announced a phased release of net addresses ending in .asia to be assigned in a sunrise period from 9 October 2007 allowing for government authorities and trademarks. After 15 January 2008 registrations will go fully public on a first come, first served basis. This brings to three the number of populated continents with their own domain names, the notable exceptions being Africa and, ironically, America, where much of the Internet's technology developed.
Dial M for mouse
The latest version 3 of Skype enables one-click links for instant dialling of phone numbers presented on web sites. The legendary Internet telephony software now contains a plug-in for web browsers that turns phone number highlighting off or on, displaying the country code and flag, as in this example for the Directory Recycling Project.
Cybercrime is all in the mind
Internet scammers are employing mind game tactics to con computers users. The study commissioned by anti-virus company McAfee was carried out by Professor Clive Hollin, leading forensic psychologist at the University of Leicester. New scams are less subject to typos, employ slicker graphics and mirror language familiar to the recipient, say by mingling copy with topical news stories. Primary author of the report, Dr. James Blascovich said: "By scamming $20 from just half of one percent of the U.S. population, cyber criminals can earn $15 million each day and nearly $5.5 billion in a year, a powerful attraction for skilful scam artists." Mind games press release and reports list.
MEMBERS exhibition - open to non-members
The annual Membership Management Technology Exhibition kicks off on Wednesday 19th September 2007 showcasing technology for more effective and efficient management of membership and subscription organisations. Appealing to Membership Administrators, IT Managers, Financial Directors and CEOs, there is free entry to the 20 seminar sessions, demonstrations and exhibition. Details and registration at
Conference House.
Add email disclaimer text
Using McAfee's Groupshield Anti-virus product, it is possible to set up lines of disclaimer text that are automatically added to the bottom of all outgoing emails, a task that has hitherto required special programming in Exchange. This space is typically used to add links to a privacy policy or promote a web site or event. The feature is enabled via a Gateway policy in the company's GroupShield 6.0 for Microsoft Exchange product. Contact us for further details or setup.
*** More NewsBytes ***
| ^ Back to contents ^ | ||
|
1. 21st century broadband
A review of broadband: where it's been and where it's going next. And is it coming to a socket near you? | ||
| More help at hand. All the back issues just a click away |
The Good News ...Broadband connections will continue to become faster and bandwidth will be more readily available, both when we want it and how we want it. The Bad News ...Our expectations are higher and wallets tighter, so the small profits means that there may be trouble ahead (and probably little love and romance) for ISPs that aren't already gearing up for future technology implied by the good news above. Oh, and tariffs will enter complexity levels only seen thus far in mobile phone services. The agony and the historyIn the beginning (of the 21st century) was ADSL – the bog standard 512 Kilobits per second connection that, blow by campaigning blow, was eventually delivered to the furthest recesses of the UK. Within 5 years however, BT was attempting to quench an insatiable appetite - by customers for bandwidth and by competitors for BT's market share - hence the next leap towards '8Megs' with the DSL Max product. The DSL Max 'experiment' looks as though it will be consigned to history as a failed one. Early adopters signed up eagerly to the 'up to 8 Mbps' service in the expectation of Internet speeds approximately 15 times what they were accustomed to. True, the small print did say that no more than 5Mbps is what one could realistically hope for, though quite a few customers actually found they were hitting the high speeds. But scouting around the forums showed that it was a wildly inconsistent experience, even given the 10-day 'adjustment' period. Considerable numbers of participants found themselves bumped from their existing 1Mbps or 2Mbps service down to even lower values than before. UK consumer bandwidth demand now surges after 6pm rising to a midnight peak Based on BT's IPStream technology, DSL Max needs a running-in period over nearly a couple of weeks while the equipment measures speeds, and in particular, disconnections, while it tried to fine-tune the line between customer and exchange for optimum speed. Imagine whizzing high-speed trains along a curved track, then comparing the number of successful arrivals to the number dead carriages scattered along the track side and you get a picture of the calculation process; in other words the customer is involved in the testing phase. Folks on regular wired broadband may have noticed recently that either prices of new services from their ISP are dropping (eg to under a tenner a month) or that monthly usage allowances for their bandwidth are increasing. Or possibly both. How can this be? Are ISPs rolling in cash? Band on the runQuite the opposite. There is now so little margin for ISPs in the low-end broadband consumer services that the only benefits for them are to try and engender the loyalty (by keeping prices low) of a large customer base and add teasing upgrades to the bigger tariffs. Meanwhile they are concentrating on business services where value is easier to bolt on, like additional support contracts, managed routers, guaranteed bandwidth for time-sensitive services like Internet telephony, and so on. At the same time, providers must find backing (or dig into reserves) to invest in new technologies like BT's Wholesale Broadband Connect. So crucial are these emerging services that some ISPs are claiming competitors who remain on IPStream will soon be at a severe economic disadvantage (read: pushing up daisies). The problem as its most basic is that Internet customers increasingly want more bandwidth than can be brought on stream - unless they pay more up front. But we customers are the least willing to become investors; we've already had enough risk and experimentation, thanks all the same. To work around this most fundamental mismatch between supply and demand, providers initially tried simple pricing regimes (pays your money, takes your choice) to let the market organise itself, but this doesn't work when everyone is sharing the same wires. At the point of delivery, you'll know all about the unfairness of sharing when a neighbour is hogging the line with Internet gaming at all hours, or a nearby media company is streaming video to its customers. The next tactic was for the service providers to apply fair usage policies, and they still do. However such policies are actually exercised fairly indiscriminately and usually only as a last resort to reign in heavy downloaders, gamers and peer-to-peer users. Restrictive measures are becoming more sophisticated of late, and the new 'traffic prioritisation' buzzword philosophy aims to balance application needs - such as Voice Over IP that requires a continuous stream – with constantly changing patterns of human behaviour. For instance, UK consumer bandwidth demand now surges after 6pm (initially families and afterworkers) rising to a midnight peak when gamers come online, only easing off towards 1am or so. 
Add to this the continuous background sapping 'leak' of Internet radio – and increasingly Internet video and TV on demand; perhaps the ultimate indication of Internet acceptance, nay presumption, is the number of people who quit the room but leave the broadband radio on. Time for a paradigm shift perhaps? What is Wholesale Broadband Connect?In the crudest of terms, WBC means broadband with speeds of up to 24 Mbit/s, trialled by BT through Summer 2007 and being introduced during 2008. At the same time, ISPs that use IPstream (BT Wholesale’s most-used product) are seeing their monthly rates reduced by 9%, hence the scramble to offer low-cost services to their customers and/or bolster their minimal margins a little. The move is an attractive alternative for ISPs who find local unbundling (LLU) too expensive – an unholy scrum of service providers fitting their own chosen equipment in local exchanges in preference to BT's. Across the UK, 1.5 million lines have been unbundled in this fashion with the current round of savings being applied to 561 exchanges. January 2008 should see a further round of rebates heading towards ISPs as BT universally lowers the cost of providing broadband services. However some ISPs view IPStream as an unsustainable technology in the long run and are shifting (wholesale, as it were) to WBC. This is because the possibility of universal 24Mbps broadband is just one of many benefits of a new generation of products under Wholesale Broadband Connect, which in turn is underpinned by the BT 21st Century Network (21CN) mission. 
What is 21st Century Network?Put simply, 21CN is a radical simplification that places all traffic on an end-to-end IP-based network to satiate the UK appetite for services based on a convergence of voice, mobility, video, data and content. Having made its debut in South Wales, BT's 21CN trial ended in June 2007. The first of its kind in the world to carry phone calls over an all-IP next-generation network, it employs both ADSL and ADSL2+ technology and will result in around 350,000 BT customers in the Cardiff area migrating to 21CN over the next year. ADSL2 – the sequelOne could be forgiven for predicting the rise of a two-tier broadband nation. Will the days of the 'Broadband Haves' and the 'Have-nots' return? This time, instead of broadband versus narrowband modems, the commodity in question would be 24Mbps, a similar ten-fold leap in speed from the era of the dial-up to the first ADSL. The rollout of 21CN once again follows a familiar pattern of beginning in the South-East/metropolitan areas heading to North-West/rural ones. Perhaps such fears are misguided though; after all, BT anticipates that Wholesale Broadband Connect will be available to almost half the UK from early 2008. The company has also marked out other technologies such as WiMax and fibre for delivering high-speed Internet to outlying places where phone line quality is too poor to squeeze more information down the line. However, the picture this time around is clouded by the bonanza of wholesale discounts on existing IPStream technology, filtering down from BT to ISPs. In the impending scuffle, we're already beginning to see a broadening of the quantity and type of tariffs, with bundles of Internet service goodies being hurled with wild abandon at the customer's mouse hoping to catch that button click that says "Buy". A bewildering variety at top10-broadband currently parades the following deals:
With long contract times appearing in the small print it's never been a more precarious time for consumers to choose or switch providers. However, move up to a business service level and ISPs will love you for keeping them in pliers and cabling. Contacts-IB- Acknowledgements: PlusNet |
Good read? |
| I | B | |
| ^ Back to contents ^ | ||
|
2. What's your PC up to when you're not looking?
There's a bot on the landscape. It's out to trash some computers. And it has a few bot-pals. A couple of million in fact. | ||
| More help at hand. All the back issues just a click away |
In Ray Harryhausen's legendary stop motion film Jason and the Argonauts, an army of seven skeleton warriors arise from the ground, commanded and created by Aeetes who sows Hydra's teeth in the soil. An eerie parallel exists in today's computers, but with a much larger and more destructive force; vast networks of programs lie dormant on ordinary machines waiting for the command to spring to action at the whim of their commander. The proliferation and potential threat caused by rogue robot programs has prompted the FBI to launch a large cyber crime initiative entitled Botroast, resulting in recent charges and arrests. However the obstacles stem as much from those who own computers as those who seek to infect them. 
What is a botnet?Terms like 'zombie' and 'bot' makes ordinary folks' eyes glaze over: such infiltration surely couldn't possibly happen to their shiny new PC and why would it matter anyway? A bot is basically a computer hijacker, only the owner is usually completely unaware, indeed some could care less. Take this one instance and multiply it by a thousand or a million and you've got yourself a botnet army - virtual indeed, but powerful nevertheless. Such tiny bot programs are literally herded, or controlled from afar by their masters, to inflict damage on web sites, bring down servers, jam up communications, send millions of spam emails - in fact any whim the master chooses to conjure up. Enter the 'botherder'. The most insouciant of such bot victims often have no idea of the damage that their security-compromised machine is helping to wreak out there on the Internet. If they cared to look, they might easily spot some wayward activity passing through their broadband modem connection with its madly flashing LED light. Most new Windows PCs now arrive with a pre-installed security suite - one that covers the bases of anti-virus, firewalling, perhaps some email scanning too - but such packages are often on a 3-month trial basis and, come the expiry date, even the most conscientious of owners will forget and let the renewal lapse, despite numerous automated reminders. Even those that go through the subscription hoops may subsequently only update their security software every few days or weeks, when a daily update should be a bare minimum. Rounding up the botherdersThe USA's FBI has had some success with its Operation Bot Roast, though tracking down culprits is technically difficult and time-consuming; anyone who places stealth programs on remote computers is clearly going to go some lengths to avoid being found out themselves. Tackling the other receiving end of the problem, the computer itself - or rather the owner - is not necessarily trivial either. While computer education on security issues and protective programs are not a technical barrier, finding the resources to tackle the millions of vulnerable is a different matter. One proposed solution was to make ISPs responsible for giving support and PC health checks to their Internet subscribers. ISP margins of just a few percent continue to plummet as consumer expectations (high speed bandwidth, lots of it, unlimited email accounts, extra web space) soar, hence the increasing automation of ISP operations. A single phone support call person-to-person to a subscriber would blow away the ISP profits on that user for the entire year. Bot plot means squat? Despite a 163% increase in malware over the period of just one year, UK computer users in the UK seem to be turning a blind eye, even though more have personal experience of spam and phishing attacks than over the last 2 years. A 1200-user survey of corporates by Trend Micro covered the UK, US, Germany and Japan, with UK respondents coming bottom in the perception of the seriousness of security threats, yet topping the league of security targets. For instance 60% of US respondents indicated that they view spyware as a serious threat compared to 48% of their UK counterparts. Trend Micro: Study into user perceptions of IT security threats Getting personalTo be fair, ISPs are slowly making inroads into the automated consumer protection of their lines by limiting traffic. Fair usage policies on most broadband tariffs reign in excessive users and a typical ISP barrier of say, 500 emails per account per day helps tackle spam outbreaks. But botnets don't necessarily require vast amounts of data to be sent in order to function, indeed bot programs must run on sparse amounts of code and communication to remain undetected. With such low margins at stake, the big question over Internet security is "Who pays"? In the present laissez-faire situation, the answer is everyone. Consumers end up with raddled, infected computers that perform as if ageing prematurely, while institutions, government and corporate organisations come under continual attacks by massed armies of those infected machines. Fortunately, new ease-of-use features in security software are encouraging computer owners to upgrade, and since new versions are contain fewer vulnerabilities than old ones, security is tightened 'by the backdoor' so to speak. Perhaps laggard computer users might sit up and take notice when they realise things are starting to get personal. In fact, they already have. Bots can bring down enterprise machines and trash web sites, but they can also steal confidential information: account details, logins and then identities. Next month we look at an example of how such attacks can happen, and how some preventive measures. Highly organised gangs of organised criminals now concentrate their efforts in this arena because payback time can be swift. They only have to snatch security details once and then - in the online world - they instantly 'become' the owner, changing passwords, spending money and draining bank accounts. The FBI operation is chipping away at the most damaging peak of the iceberg, but faces hurdles, like the fact that cyber-crime develops as fast as security measures can keep up and that 'botherding' does not even count as an illegal activity in many countries. However some of their key cyber security tips promote relatively simple prevention steps rather than cures:
-IB-
|
Good read? |
| I | B | |
| ^ Back to contents ^ | ||
|
3. Recovery shadowing retrieves lost files
Do-it-yourself file recovery in seconds on Windows Server 2003. | ||
| More help at hand. All the back issues just a click away |
Studies have shown that human error causes over a third of all data loss Anyone who has ever inadvertently lost or deleted a file on the network server is probably familiar with the humiliating tail-between-legs experience of going to the IT manager to ask if s/he can restore the files from yesterday's backup. Not just embarrassing, but a burden on overheads for the organisation as a whole, which diverts IT folk from progressing development issues instead. What if there was a neat way of creating a quick back up? Even better if the correct rights and permissions for the file in question were maintained after the recovery process? Studies have shown that human error (primarily accidental file deletion or modification) causes over a third of all data loss, so it can constitute a fairly critical element of 'down time' for an organisation. On Microsoft Windows Server 2003, Shadow Copies come to the rescue as a low-cost recovery method for file-related accidents caused by such human error, for instance: accidental deletions, corruption, or editing a file. Shadow Copies of Shared Folders creates copies of previous versions files and folders on network file shares at pre-determined time intervals - effectively freezing them at specific points in time.
Operation for users is simple via the file Properties menu in Windows Explorer, where a new tab pops up called "Previous Versions". This is found by clicking: 
This isn't a comprehensive backup for all server files (like programs) and won't protect against media failures, but is intended to mitigate that huge third of the time spent on erroneous losses by passing the recovery process to users themselves. At first sight, one might think that the Recycle Bin would be able to take care of recovering deleted files, but it fails in two significant aspects:
A more fundamental issue is that file permissions must be preserved - we don't want Jo losing files only to discover that Annabel can find them instead! Access Control Lists (ACLs) are a fundamental part of server operation to maintain file confidentiality and is inherent to Shadow Copies. Thus what Jo loses, only Jo can recover - apart from those with server administrator rights, but hopefully nobody will need to bother them with such recovery problems again. Are there performance issues for all this extra storage? The default settings for Shadow Copies are for 10% allocation of drive space and a twice daily schedule of restorations (7am and midday). For the average lightly-loaded server, performance should not be affected even when very large individual files like Microsoft Outlook personal folders (.pst) are stored on the file server. Experience has shown that heavily-used applications, eg Exchange mail, like to run on their own server, but heavily loaded servers need only a extra dedicated a disk for shadow copy storage. Based on recovery requests to its own corporate team, Microsoft reckons the costs savings are around $300 per restore (even discounting the time lost by the user in the first place) when done by a central IT team. Compare that with the cost of perhaps one extra server hard disc and few seconds taken by any given user to restore his/her own files securely shows that Shadow Copies is one installation that makes total economic sense. Contacts
-IB-
|
Good read? |
| I | B | |
| ^ Back to contents ^ | ||
|
4. Server stress - it's cool to be cool
If your server can't stand the heat, get it out of the server room. | ||
| More help at hand. All the back issues just a click away |
No sign yet of the blistering heat forecast for 2007, so we might be tempted to predict that servers are being given a respite this year, though with recent torrential downpours even a basement area can transmute from safe haven to soggy hole in the space of a few hours. However, during the momentary lapses into 'real Summer weather' some server enclosures are already heating up and going into the red zone. Chips, beans and refried machinesWe have come across 'blown servers' in the past, simply due to heat build-up so here's a reminder to look in on your neglected, hard-worked server box this month. If the air around the server seems mildly warm for humans, then be aware that the temperature inside it could easily reach 30°C higher than that. Add to that a similar jump in heat where all the action is at the chip, and you could be taking the processor beyond boiling point. It might run like this for days, weeks or even months, but such high stress levels will inevitably shorten chip life and experience shows that they turn their toes up most commonly in the hotter months. Where there is no air-conditioning in place, at least get a thermometer hung up near the server. If temperatures cross the 25°C - 30°C region, there is potentially a problem especially in enclosed spaces. Cheap temporary ventilation remedies are a desk fan or even just propping a door open to help the air flow through, but professional rack systems with built-in fans are a more durable solution. A well-ventilated room or enclosure should be part of your server protection plan, so perhaps now is a good time to go back and review possible threats, before the frenzy of the Autumn workload commences. -IB-
|
Good read? |
| I | B | |
| ^ Back to contents ^ | ||
|
5. Save money: don't do an IT strategy!
Too many organisations start the strategy process, but then don't follow it through. | ||
| More help at hand. All the back issues just a click away |
A sad but all too typical scenario ... So many small organisations hire an IT consultant, do the plan ... a month goes by, then three, then another six. Nothing happens. A year has passed, technologies have changed and then they have to go through it all over again. What a waste! One can be forgiven for thinking cynically that consultants and contractors are peeved to see another source of revenue for the potential job vanishing. More often than not however, and especially in this sector, they just see it as a crying shame that a good deal of effort (on both sides) has gone down the fundraising drain. A year on and the organisation is left wondering whether it shouldn't just have gone out and bought that a new all-sing-all-dancing multi-function colour networked printer and be damned. Or a bunch of new PCs. Or a faster broadband line. But impulse purchases can arrive packed in Pandora's box of unforeseen consequences later on, so there's no guarantee that robbing Peter the consultant to pay Paul the computer salesman will conjure up IT networking bliss. Sad too because a good number of the challenges are people-centred ones, not out-and-out technical:
Tackling these points really will save a lot of money in the long run and a more efficient organisation makes for an appreciative audience. -IB-
|
Good read? |
| I | B | |
| ^ Back to contents ^ | ||
|
6. Q&A: Are our web site private parts actually public?
Question 
Hi Mark, Someone wrote in saying that some confidential information on our web site was on public view. They sent a link showing this was actually true! How do we stop it and is there other info we should protect? | ||
| More help at hand. All the back issues just a click away |
In the old 'Klondike gold rush days' of the web, everyone was dead keen to promote as much material on their web site as possible. These days the Internet has become intertwined with intranets and extranets and those contain personal, corporate and confidential files that you don't want to display to the whole of the public - or in the case of extranets, some of the public. As soon as you enter this territory, excluding the public from certain parts of your web server becomes an issue. This may be triggered by the setup of applications like private forums, content management or members-only file-sharing, for instance. Indeed large parts of web servers are already blocked from general view - the program files for instance - which will have been implemented by your web hoster. A cursory exploration of your web site structure is relatively easy to do. Just browse around some of your web links and see if you can find any folders that are exposed and shouldn't be. An easy ploy is to click at the end of the address in the address bar and 'back up' from the current page to the next level: press back space until you get to the next slash. Broadly, if a folder has an index page in it ending in .htm, .html or .php, then the browser will display that page; if not you might see all of the file links in the folder presented, and perhaps some nasty surprises! Some organisations have discovered that, although their web site designers provided a login form for private parts of the site, they failed to protect those web folders by applying the correct permissions (no access). The login security is thus effectively redundant since anybody could just type in a particular web folder and see all the confidential files anyway. Instead, correctly protected folders should produce a 403 error with a message something like "Forbidden: You don't have permission to access /accounts/2007/A173298/ on this server". For example, this folder http://www.coopsys.net/notes/ on our site is protected (even though it's empty) and thus gives the correct result, There are two pieces of advice which are key here:
-IB-
|
Good read? |
| I | B | |
| ^ Back to contents ^ | |||
|
Clicks of the Trade - Mousekeys, for when the mouse doesn't work
--- Quick tips for happier clicks! --- | |||
| More help at hand. All the back issues just a click away |
-IB-
|
Good read? | |
| I | B | ||
^ Back to contents ^Overview of InfoBulletin Opinions expressed within InfoBulletin do not necessarily represent the views of Co-Operative Systems.
E&OEViewing IB Implementation Privacy |
Subscriptions ^ Back to contents ^Contact details
|
|
|
Read recent and past issues of InfoBulletins on the Web at http://www.coopsys.net/ibindex.htm or search our archives and subject index.
We hope you found InfoBulletin useful! If you would like to comment on any of the articles or request particular subjects to be covered, mail us here.
| ||
