|
|
|||||||||||||
January 2007 Choosing Windows Vista, Phone-to-Calendar synchronisation, Blu-ray v. HD DVD, How full is your inbox?, How safe is that web site?
August 2006 Dell 9G PowerEdge server overview, Shop online? You'd have to be certified!, ADSL to the power of 8, Control your server 100ft away, Computing and telephony converge, Where are my Outlook pictures?
April 2006 Faster broadband, memory upgrades, What does your PC say about you?, Player security updates, Clock screensaver
*** NewsBytes ***
Pushing the envelope, punching the Air
Magician-like, Steve Jobs pulled Apple's latest sleek laptop from an internal office envelope, to demonstrate the sleek contender to the world's thinnest laptop title at the annual Macworld expo. The 1.4kg, 0.76in thick MacBook Air still squeezes in a webcam, to complement a 13.3in backlit display, 2GB of RAM, 1.6Ghz Core 2 Duo processor and 80GB of hard drive, lending some justification to Jobs' assertions of its "amazing feat of engineering.". The theatrical demo apparently produced gasps and cheers from Apple disciples among the assembly.
FacePal fundraiser
Facebook and PayPal are joining forces to bring fundraising potential into social networking. Facebookers can build virtual 'badges' - a kind of money-raising chart - to get their networked friends to donate to their favourite cause by using PayPal. Badges can be customised for appearance, message and amounts to be paid while also acting as a progress chart. Time for charities to start prodding their active Facebook-enabled supporters.
OpenOffice.org online
So much application software is going direct online these days - Google Docs springs to mind - requiring little more than a working computer with a Internet-connected browser. Joining the gang is a beta version of OpenOffice.org, the cross-platform rival to Microsoft's Office. Sign up at ulteo.com and get 1GB of free online storage into the bargain.
Beware the Mebroot, my son!
Computers running Windows XP, Windows Vista, Windows Server 2003 and Windows 2000 that are not fully patched are all vulnerable to a nasty rootkit virus labelled Mebroot by security firm Symantec. The Russian-authored virus has lain dormant for 3 months but in December suddenly awoke to start logging keystrokes on infected computers, giving rise to the potential compromised bank account logins and other confidential information. The pernicious infection attaches itself to the Master Boot Record (MBR) of a computer's drive, meaning it cannot be removed with the operating system running. On Symantec's blog Elia Florio wrote, "If you can control the MBR, you can control the operating system and therefore the computer it resides on!" Fortunately GMER has produced a utility that will scan and remove Mebroot.
Bill picks up his carriage clock
Long-time Microsoft chairman and Big Daddy Bill Gates finally bowed out in January after 35 years to spend more time on his philanthropic foundation work. His final keynote speech at this year's Consumer Electronics Show was by all accounts a lacklustre affair, promising fewer high-end technologies than punters had come to expect from previous CES keynotes. However, Gates's final 'logoff' emphasised Microsoft's vision of "Cloud computing", with software-as-a-service (saas) giving users access to their data irrespective of their location or of their device and highlighted "natural user interfaces" with trending towards touch- and speech-based input.
Tiny laptop goes bigger and wider
Asus, makers of the Eee PC (reviewed recently) has confirmed that its diminutive laptop will acquire 8-inch and 8.9-inch screen versions later this year and will feature Wimax support to enable wide-area Wi-Fi networking.
Wi-fry
Wi-Fi and wireless LANs have become such a commonplace tool in our computing lives, yet we may not realise that no extensive research into actual exposure levels on humans has been completed. Although there is no scientific evidence indicating that Wi-Fi and WLANs adversely affect our health, the Health Protection Agency (HPA) is to carry out a systematic programme of research into WLANs including measurements of exposures from these low power signals, typically 0.1 watt (100 milliwatts) in both a computer and the wireless Access Point. The good news is that results so far show exposures are well within ICNIRP guidelines.
Enterprise IP VPN 2008 Forum
To learn more about secure site-to-site and remote access, it's worth signing up for this year's Enterprise IP VPN forum. Key issues to be discussed will be benefits of VPN deployment, pros and cons of different implementations? (SSL, IPSec, MPLS, Mobile, Managed VPNs), installation methods appropriate to your organisation and leading VPN vendors will be present such as Tiscali and Check Point. Registration for the one-day conference is free and takes place on 12th March at the Inmarsat Conference Centre, London.
*** More NewsBytes ***
| ^ Back to contents ^ | ||
|
1. 2008 prospects: The Good
As 2008 dawns, we will see a host of smaller, more efficient, cheaper, greener technologies grabbing our attention. | ||
| More help at hand. All the back issues just a click away |
The Consumer Electronics Show in Las Vegas always heralds a bright new future for gadgets and techno-toys but this year it's an indication of pervasive technologies to come. IT-for-the-home is getting a serious boost, but this market is worth watching for all of us because the spin-offs will engage users with technologies coming to the fore in the workplace a) by dint of development, and b) due to increased user familiarity and learning. There will also be side-effects in that inherently unsecure frameworks will be leapt upon by the cybercrime underworld faster than before, with innocent users being fleeced before they can hit the "Add/Remove Programs" button. 
Mobile phone-controlled heatingThe era of home automation – often paired with images of unlikely citizens wearing shiny clothes – looks like it has finally emerged. Turn the lights on, view room interiors via web cams jack up the heating and pull the blinds down if it a cold snap descends - all controlled through your mobile. Receive prowler alerts too. Hawking's HomeRemote Gateway constructs a web portal between you and the appliances in your home for around £300 as a starter kit. You'll be talking to your fridge before you know it, my little snowflake. 
A laptop that runs all dayAs the blur between the definition of 'laptop' and 'handheld' broadens, so too does the dividing line between which is best value for money. Previous Ultra Mobile PCs (UMPCs) offered poor battery life and punitive price tags.
Although moves to create greener hard drives started to make a showing, like Western Digital's GreenPower Intelli-series drives claiming to reduce energy consumption by 40%, low-power disc drives for travel are likely to focus increasingly on solid state drive (SSD) technology with an absence of power-hungry moving parts. 
Help someone out of a jamSmart in-car GPS units will find the quickest route through clogged streets. Nothing new there perhaps except that units will talk to each other, such as those by Dash Navigation, collaborating to broadcast warnings of congestion based on actual conditions. So the next time you're stuck in a jam, you can console yourself that your Dash Express unit is helping someone else avoid your predicament. Music and pictures on the wirelessYour grand-dad would never have imagined this!
Wireless wave power will also recharge phones and laptops employing magnetic induction coil techniques according to pioneering companies Splashpower and Fulton Innovation. Security on a stick
Picking up a Best of Innovations award is Yoggie's Pico, a USB key-sized firewall, effectively a personal security computer with 13 security applications in a very small box. Blocking Internet threats outside the PC, it boosts PC performance by offloading the security software. Servers in the homeMedia streaming servers and media centre type boxes have been around a while now but the scene will get a lot more user-friendly and sophisticated. The approach is perhaps epitomised by the (ever so) gradual release of Windows Home Server which promises sharing of music, photos and video (now old hat) but via remote access through a Hotmail-style interface. More drives can be added without configuration hassles and there is automated backup thrown in. More in our Windows Home Server review. Pocketable TeraByte disc drives
Storage will go through the roof but still fit in your pocket. Discs larger than today's typical server storage are being forged with devices like Seagate's FreeAgent, a portable device that not only ranges up to 750GB of available space (to store photos, music, videos, software applications, documents, email and so on), but also encrypts and manages the files with its onboard software. This frees the user from the constraints of the software on the computer it is plugged into making content truly portable and manageable on-the-go. "It's literally about being able to escape the confines of your desktop or your laptop," according to Jim Druckrey, senior vice president and general manager of Seagate Branded Solutions. Contacts-IB- Acknowledgements: staff team |
Good read? |
| I | B | |
| ^ Back to contents ^ | ||
|
2. 2008 prospects: The Bad
Ever considered raising your own army? Scarily, it's easier and cheaper to organise nowadays than it was for both 14C European mercenaries or Chinese warlords. Hacking has achieved commodity status. | ||
| More help at hand. All the back issues just a click away |
This year could turn out to be fun (for casual hackers), lucrative (for organised Internet criminals) or miserable for ordinary computer users. Pick the hat that fits you best. The reason is a combination of DIY hacking tools and DIY web applications, the former being grabbed by newbie cyber-criminals gearing up to be the next big kid on the block, and the latter web apps coming up for adoption by Mr. Average Web Site Owner trying their hand at building Web2.0-style forums, blogs, social networking or e-commerce. It's a deadly mix. Computer cloudburst The famous 2007 Storm botnet was estimated to have taken control of millions of computers by hooking recipients of emails with the socially-engineered subject line "230 dead as storm batters Europe". Those opening the attachment unknowingly submitted their computers to the possibility of being lured into one of the largest botnets known. Whereas writers of viruses and Trojans once played out their games on the Internet stage for fun or to gain status among their peers, the exercise has now shifted to bolster a black-market cyber-economy with the aim of creating huge armies of everyday computers controlled by bots at the behest of their human creators. At their whim of their controllers, such armies can be made to inject millions of spams into the Internet, initiate distributed denial of service (DDoS) attacks aimed at bringing down servers and web sites, or to steal confidential information on a vast scale. Bots for hireWith malware available 'off-the-shelf', today's botnet builder finds it a relatively straightforward task to buy malware modules, and even support services, just as for bona-fide software packages. A package of malware now affords its purchasers a mantle of invisibility. With the innate ability to obfuscate the source of spam runs and attacks or the control centres than command the botnet armies, sophisticated malware renders its perpetrators almost imperceptible. Security experts are convinced that cloaking techniques, such as the fast-flux Domain Name System (DNS) and encrypted inter-bot communications, continue to receive as much development effort as the botnets themselves, and researchers who have tried to penetrate control and command centres have had their own machines subjected to intense, automated denial of service attacks. In other words, the botnets have been designed to defend themselves too. The degree of sophistication in such self-defence mechanisms indicates a fair level of investment their development, and that reflects a growing black economy background that must be rising to support it, meaning you don't spend that much money if you're not already making it. Peruse the malware mallAlmost no type of malware is not up for grabs these days, and inserting or piggy-backing the payload into legit software is a given, the latter then hiding mail zombies, click frauds, key loggers, pop-unders, spam and any number of exploits. Hackers sell malware to each other through Internet relay chat (IRC) sessions and purchase or rent modules on malware sites. Between £500 and £1000 might get you an encrypting, data-stealing, Trojan package, with discounted rates available on some Russian sites, or access to 10,000 pre-compromised PCs on the Internet. Hacking to orderCan't afford the whole software package? Then £50 a day buys you your very own denial of service attack. Pick up some CDs containing harvested email addresses or, if you can't be bothered with that, contact a spam broker and let them do the dirty work for you; it's all available on sale or return so that you only pay for mails that hit their destination. There are even tools available to create a personalised bank phishing scam. Cue the murky world of laundering in credit card details ($1 each) and bank accounts ($50 each) and scams for 'cashing-out' of debts. The cause for concern is that losses due to cybercrime have recently doubled with a survey by the US Computer Security Institute (CSI) showing a leap to over a third of a million dollars coming on the heels of a five-year decline. Almost one-fifth of those respondents who suffered one or more kinds of security incident said they'd suffered a targeted attack. "Mounting threats are beginning to materialize as mounting losses", said Robert Richardson, CSI director and author of the survey. The complete 2007 CSI/FBI Computer Crime and Security Survey is available for free download on the CSI Web site at GoCSI.com. Security experts believe that in the long-term the solution to black cyber economy activities is to divert IT talent in up-and-coming developing countries into the 'white economy', to head off the potential for attraction into illegal activities, particularly in rural, under-developed regions where the IT-literate have no outlets to apply their skills. Contacts
-IB-
|
Good read? |
| I | B | |
| ^ Back to contents ^ | ||
|
3. 2008 prospects: The Ugly
In our Ugly section, we have lumped all those insidious threats that creep up and then explode into the limelight, usually concerning very large groups. | ||
| More help at hand. All the back issues just a click away |
Giving it all awayMore infamous than than the possibility of having your Facebook profile poked around in by the equivalent of a bin prowler, more notorious even than Orange's breach of Data Protection Act security (where new staff shared passwords), was the government's loss of half the nation's child benefit records, and also later, with more CDs sent to London failing to turn up. Not much the individual can do to protect his- or herself on this scale other than to hope that large institutions and IT projects start to turn the corner on this kind of fiasco. The security breachGloucester suffered badly in 2007, not just from the flooding, but later on through the last quarter as one of its home-grown industries, Fasthosts, came under attack. The 'UK's number 1 web host' was hit heavily towards the end of last year, both by a major security breach and by an outcry from users over the way they dealt with the problem, involving three forced password resets. The changes affected control panel, email, FTP, and database passwords as a result of an intruder gaining access to a server. Where the no.1 has tripped, others will no doubt fall into the same hole this year. When it comes to security, does your host have the most? The empty postbagWe've all heard of ISPs losing email and, sadly, chances aren't getting any less likely. Orange inadvertently whipped up a storm as it began to remove without warning what it thought were dead Freeserve/Wanadoo accounts it had inherited. Howls of protest ensued from account owners who had lost years of emails and contact details, forcing the company to engage a rapid restoration process. Once again Fasthosts popped up on the radar in its attempts to update a mail server destroying email along the way. Canning the catchallSome service providers are now wantonly closing down catchall email addressing, whereby a domain (normally a subsidiary one) is otherwise configured by default to route all mail to a single address without any filtering. Such practices allow an infinite number of dictionary attacks by spammers and, while in theory this may not hurt domain owners who have implemented good spam filtering at their end, ISPs have had to curtail this freedom to save their mail servers being spam-lashed in the interests of reputable performance. If you haven't yet received a notice from your domain or web host saying something like "Disabling of 'default address' feature", then 2008 could be the year that you get yours, so ensure your organisation isn't relying on 'catchall' to get a large number of email addresses routed to their respective inboxes or you could be in for writing a lot of mail-forwarding rules. Likewise with the new wave of web applications that fail to make the accepted security grade, such as web calendars with email reminder settings that can be hacked into. Expect to have to be on the ball. Integration trepidationPayPal users may be wondering how 'delighted' they should be to see a recent email exclaiming "PayPal joins Facebook!". It's one thing when a social networking site announces they are going to make personal details available through public searches; another when they make a user's online purchases visible in their profile and therefore visible also to their socially-networked friends (no surprise gifts for them then), as in Facebook's Beacon fiasco. It's yet another when you start linking all these together with your online money (PayPal) so time will tell how wary users have become. -IB-
|
Good read? |
| I | B | |
| ^ Back to contents ^ | ||
|
4. Windows Home Server review
Move the telly over - a server in every home is coming. | ||
| More help at hand. All the back issues just a click away |
Microsoft products arrive with less of big-bang these days and kind of creep into your consciousness, leaving you with the feeling that, somehow, they always existed and perfectly suited a need you always had. The approach is perhaps epitomised by the gradual release over the last 12 months of Windows Home Server which promises sharing of music, photos and video (now old hat), but also via remote access through a Hotmail-style interface. The product forges a marriage between popular network attached storage (NAS) boxes, Windows Media Center and the popular Slingbox series of media streamers. Up to 4 more drives can be added to Windows Home Server without configuration hassles, allowing for use as a drive extender to add on new discs or recycle old redundant ones, and there is automated backup and server recovery thrown in. 
Losing your head over a serverThe software is essentially stripped-down Windows Server 2003 and designed to be ‘headless’ from the start. Early hardware examples, such as HP's Media Smart Server, don't even contain a graphics cards, the idea being that control is effected by hooking in through a separate PC via a networked Ethernet connection. Headless boxes are, after all, workhorses – they don’t need configuring every 5 minutes, so ‘bye-bye’ to dedicated keyboards and monitors and ‘hello’ to cost savings. 
Quietly does itPhysical implementations of Windows Home Server (WHS) cropped up early on sub-£300, 57mm thick hardware implemented by Tranquil PC , boasting a quiet fan-less design with a 1.5GHz efficient CPU , internal 500GB hard drive, 512MB RAM, Gigabit Ethernet LAN socket, 4x USB2.0 ports, power consumption below 24 Watts and WHS pre-installed. If that isn’t sufficient for your 1.5 million photos, 6,500 hours of music, or 500 hours of video, then external drives can be added later. Starter for tenOEM versions of the WHS software on its own can be found online for under £90 for amateurs keen to build up their own boxes. Since the price includes the media and 10 Client Access Licences (CALs), the system is gaining from small groups looking to set up inexpensive document servers on their office networks. Although the 10-user limitation might be a bit of a handicap, it's fine for an office that's not quite ready for Small Business Systems (SBS) but still wants a Windows server, with possibility of a WHS box all-in for under £250. Last month saw the introduction of Power Pack 1, an update that introduced support for 64-bit clients, data security, better admin privileges via remote access and access to thumbnail images of uploaded photos. Rocking the partyAlready a bunch of dedicated third-party developed applications have cropped up adding features such as streaming of music (to your phone via 3G if you like), software that synchronises your photos with your Flickr account, add-ins to forward System Health Notifications from the Home Server to your email, and a web guide to view and stream your DVDs, videos, music and photos via the Internet when you’re not even at home. The interesting shift is ordinary folk are moving to managing their own servers, adding discs at will, configuring automated backup, and doing their own disaster recovery, when all else fails, and all that is empowering stuff in anybody’s book. Contacts-IB- Acknowledgements: Arik Fletcher |
Good read? |
| I | B | |
| ^ Back to contents ^ | ||
|
5. Submit or Die. E-commerce compliance unleashes spam
A raw trade-off between commerce regulations and spam protection leaves inexperienced web designers open to address harvesting. | ||
| More help at hand. All the back issues just a click away |
This is one of those cases where you are damned if you do (insert your email address on web pages) and damned (by the regulations) if you don't. Until last year, web designers were paying scant attention to the fact that web sites were required by law to display specified contact information on pain of a fine. This Companies Act requirement that came into force on 1st January 2007 and includes any organisation with a business arm and certainly if it is a company registered at Companies House. Although the information does not have to be displayed on every page in the web site, the poor general level of compliance with the ruling kind of suggests designers thought that part of the Act might somehow suddenly vanish. However the aspect of including a plainly visible email address on a web site is a tricky one, since it is no longer sufficient to include a contact form without also providing an email address and geographic address. The traditional contact form with a submit button usually hides the receiving email address, and with good reason: the equally traditional but now anachronistic ‘mailto’ link (where a single click fires up a message composition window) attracts address harvesters - malicious web crawlers that gather up unprotected emails. Once scooped, the addresses are incorporated into spammed lists and there's little one can do t get off them other than have spammers shut down, and if it were that easy, mass shut-downs would have ended our spam misery years ago. Address obfuscation techniques are available but not widely taken up by the designers of most web sites due to lack of time or legitimate concern over email address exposure.
VerdictWeb designers still believing they can avoid this requirement are basically in denial and legal advice has proved that non-compliance will be a breach of the regulation. Superb spam defences are going to the best deterrent in the medium term. Contacts-IB- Acknowledgements: staff team |
Good read? |
| I | B | |
| ^ Back to contents ^ | ||
|
6. Q&A: Avoid the embarrassment of password pickles
Question 
Hi Mark, Perhaps it was the stress of the run up to Christmas, but I thought my webmail password had somehow changed and therefore rang up support, who were very patient. The short of it is that they insisted I try again (and again!) and I ended up typing in my password 4 times in a row before succeeding and realising it hadn't changed at all. I just about coped with the humiliation this time but how do I avoid looking such a wally in future? | ||
| More help at hand. All the back issues just a click away |
First off, don't panic - we all do it. Long-term you can avert a similar predicament with a password manager such as KeePass, which stores all your logins and passwords behind a single master password. Then you can copy and paste (or even auto-type) your credentials into the username and password boxes without doing any typing at all. Of course, your password manager may not always be to hand (though the latest ones can be installed to a portable memory stick), so there are some quick tests you can do to spare your blushes. Typos only occur because our brains make them happen, so a little application of logic is all we need.
Still shut out after those 3 tests? Now you can go ahead and phone support without fear of getting egg on your face or the possibility of being ordered to eat anyone's shorts.
-IB-
|
Good read? |
| I | B | |
| ^ Back to contents ^ | ||||
|
Clicks of the Trade - make your browsing history ... history!
--- Quick tips for happier clicks! --- | ||||
| More help at hand. All the back issues just a click away |
-IB-
|
Good read? | ||
| I | B | |||
^ Back to contents ^
Opinions expressed within InfoBulletin do not necessarily represent the views of Co-Operative Systems.
E&OE
|
^ Back to contents ^
|
|
Read recent and past issues of InfoBulletins on the Web at http://www.coopsys.net/ibindex.htm or search our archives and subject index.
We hope you found InfoBulletin useful! If you would like to comment on any of the articles or request particular subjects to be covered, mail us here.
|
||