|
|
|||||||||||||
**** NewsBytes **** NewsBytes **** NewsBytes ****
Microsoft Educational software rates
Having passed the appropriate exams that test our products and licensing know-how, Co-Operative Systems has again qualified as a Microsoft Education Reseller able to offer software at heavily discounted prices to Charities, Educational Institutions and NGO's along with only a limited number of other authorised suppliers. To purchase products, or to see if your organisation qualifies for this scheme, please contact our products team on 020 7793 0395.
National Giving Week
An extra £700 million a year is the prize behind National Giving Week's campaign (17-23 October) to encourage UK tax payers to donate to charities more efficiently. In 2004, 13% of campaign-aware donors increased their giving as a result, but how many charities are ready to follow up leads by using their databases? Sound preparation and documentation of what donors need and expect from your organisation is key to a long-standing relationship.
www.nationalgivingweek.org
SDSL on go slow
Almost a year after the first murmurings of SDSL (Symmetric Digital Subscriber Line), BT announced in September that it was 'pausing' the service rollout. BT cites lack of demand for the admittedly-more-expensive broadband offering as prompting the interregnum, but it seems that consumers are presently happy with contended (shared) connections speeds, while some businesses prefer to stick with leased lines, perceiving these as a more secure solution for dedicated connections.
Skype: going, going, gone!
Skype, the pioneer company offering free telephone calls via the Internet has been bought by eBay for $4.1bn. For now, the basic service that allows users to make phone calls between any computer connected to the Internet remains free, as does the downloadable software.
Skype press release
Potter-casting
In a case of joining 'em if you can't beat 'em, J. K. Rowling has made Harry Potter available from Apple's iTunes web site to frustrate pirateer downloaders.
IT Directors' conference
The third Charities Consortium IT Directors' Group Annual Conference takes place on 13-14 October at Horwood House near Milton Keynes comprising a number of discussions and a keynote speech on "The Value of IT". For further information and bookings contact Barbara Goddard email: barabara.goddard@salvationarmy.org.uk phone: 020 7367 4981.
24Mbps is here
Be there. Or be square, is perhaps the implication of the new 24Mbps broadband offering from
www.bethere.co.uk or Be as they call themselves. The new 24 meg down, 1.3 meg up service includes a free Be Box modem, one of the first to be enabled for next generation ADSL2+, as well as a built-in 54Mbps 802.11 g wireless interface. Home Be costs £24 per month and Office Be costs £75 per month ex-VAT, but your phone code area to if it Be There yet.
**** end of NewsBytes ****
| ^ Back to contents ^ | ||
|
1. Virus outbreak! Dealing with it before, during and after
Needless to say, you want to avoid a computer virus attack if at all possible, but are you prepared should the worst happen? | ||
| More help at hand. All the back issues just a click away |
The best method for learning about how well you could recover from a virus infection a live drill, but since most of us perceive we don't have that kind of spare time luxury, a better bet is to prepare some plans and try to foresee some of the problems. This article is drawn from experiences of outbreaks both large and small. First off, is it for real? No point in risking staff wandering off in anticipation of an afternoon's break when it's a false alarm. At this early stage it's a matter of gathering and evaluating basic information, then ascertaining whether you are the subject of a hoax, a known (or previous) infection or a new infection. Assuming the attack is genuine, 4 episodes start to play themselves out concurrently from this point onwards, so it's important to realise this.
The reason this logical sequence of events isn't usually as summarily discharged as the list would imply is that it may need several 'goes round the loop' to determine the final solution, effectively testing a series of hypotheses. However, it's vital to avoid too much iteration in public, as staff confidence of the outbreak being solved completely will start to wane if PCs are re-visited for second or third inspections and they lose count of the number of visits by techies. The strain on those responsible for IT systems comes because they must effectively deal with them all of these operations at the same time to minimise the disruption to the rest of the organisation. So, if you're going to have a virus outbreak, choose to have it on a Friday afternoon so it can be sorted out over the weekend - ha-ha! A mere flesh woundWhen the infection is limited to, say, 3 machines and is only a Word macro virus, the pattern is simply one of :
Major surgeryIf we're talking about 100 infected machines or more, then a rigorous plan with checklists and specific actions for members of the IT staff are needed. Some examples of what might be required in larger infestations:
Own goalsOne advantage of upfront planning is that you can choose from a series of goals (that often conflict depending on how much time you can dedicate to each) before the recovery proceeds. Such goals might be minimal disruption to your organisation, fastest recovery time, capturing support information - for instance, for potential prosecutions, implementing additional security measures, preventing further such attacks. Learn more about disaster recovery. -IB-
|
Good read? Rate this article |
| I | B | |
| ^ Back to contents ^ | ||
|
2. Easy encryption for email and memory sticks
Freeware encryptor utility for data vaults and email. | ||
| More help at hand. All the back issues just a click away |
Here's a brilliant idea that solves two major security problems of our time with just one simple piece of software - Cryptainer. What's more the 'lite' version is free and works on any Windows PC from Windows 95 upwards. The two problems are "How to protect data on memory sticks"and "How to prevent email being read by Internet snoopers".And one answer to both of these is encryption. 
Encrypting memory sticks and data keysCreate one volume up to 25MB for free - a serious amount of space for simple text data and documents, which is normally what most of us want to keep private. The Cryptainer window provides a drive mapping to its first volume, say drive F:, and when you have created a password (more than 8 characters long) you have access to this volume either in the Cryptainer window or from within Windows Explorer. Putting files into the new encrypted volume accepts all the usual methods of copying, moving, pasting and dragging. Now should you lose or misplace the memory stick on which this volume was created, the finders-keepers would either have to know this password or hack through some of today's toughest encryption standards to decode the data. Cypherix® reckon the mean time to break their encryption is 1032 years - many times the estimated age of the Universe - so more than enough to dissuade the occasional thief or voyeur. Assuming all you did was leave your stick temporarily at another workplace, in a cafe, on someone's desk, etc, you'll be assured that on its return, the data will still be intact and private. Another really neat feature - one that has clearly been crafted with well-travelled memory sticks in mind - is that Cryptainer can be installed entirely on the stick itself. This means that you can walk up to any PC (Windows 2000/XP systems upwards, installation still needed on Windows 98)and access your encrypted memory stick with any installation. Now there's progress! While essential to the encryption process, we found the structure and concept of primary and secondary (additional) volumes of little interest to ordinary users, and the need to remember the filenames of additional volumes a bit irksome, which slightly obscured Cryptainer's otherwise user-friendly features, but it's a minor gripe. Encrypted EmailThe second of Cryptainer's features is just as revolutionary and even simpler to accomplish. This time you need to share a (different) password with the eventual recipient of your encrypted email. First, you send your recipient a password via another secure method, preferably NOT through the Internet, eg text, phone, even fax if you can be sure it's going to be seen by the right person. This method compares banks that send credit cards and their PINs separately, but even more secure because the two deliveries arrive by different means. Now you simply:
The result is a file with a .SIT extension (eg finance2005.sit) that you email as an attachment which is only decipherable by someone with the password and the decrypting/viewing software called DecypherIT, also free to download at: http://www.cypherix.co.uk/downloads.htm To make it even easier for your recipient, you could eliminate the need for them to have DecypherIT by clicking the "Create Encrypted Self-Extractor" which creates a small program (eg finance2005.exe) that extracts the data when opened, prompting for the password before allowing access to the data. This process effectively builds in a run-time version of DecypherIT, adding around 70KBytes in size to the original data. Just about the only disadvantage with this latter option is that many organisations now run mail servers with a variety of email attachment filters and one of the types of file frequently blocked are .EXEs, because of the number of virus-laden spams of this form in circulation. Become an encryption proLike many programs, this one has an upgrade path if (or more probably when) you outgrow a mere 25MBytes of encrypted space, but to the credit Cypherix, the company behind it all, they have made Cryptainer LE (Lite Edition) licence free and non-expiring in perpetuity. With this kind of magnanimity, you'll hardly begrudge them a US$30 upgrade fee to their next 'pro' product, currently availing purchasers of 2.5GByte encrypted volumes, a 100-fold increase on the LE version. For organisations needing bulk licences, there are further discounts too bringing costs down to less than US$6 per head. Contacts-IB-
|
Good read? Rate this article |
| I | B | |
| ^ Back to contents ^ | ||
|
3. New technology: Trusted computers?
Computer hardware is about to start mistrusting programs as a default behaviour to improve security. Will it work? | ||
| More help at hand. All the back issues just a click away |
We've come a long way from the days when Windows PCs didn't require a password to login, and even where passwords were implemented, they were stored in a simple text file, therefore accessible to hackers and backdoor programs to distribute and thus glean confidential information. Since those days, we have acquired hashing mechanisms, encryption and rights administration systems to lock down our computers, but all of these rely on software, because it's cheaper more easily reproduced than hardware. However, software is also hackable and corruptible. 
The latest computers - like a Dell Optiplex, IBM ThinkVantage, and laptops by Toshiba or HP/Compaq - incorporate a new chip called a Trusted Platform Module (TPM). This module is a physical implementation of the Trusted Computing Platform Alliance (TCPA) specification, designed to make computers inherently more secure because it cannot be accessed by users, or hackers, and its contents cannot be read. The principle is that files are encrypted with a key stored in the TPM which users will have to type in order to decrypt. The various technologies go by different names:
What implements a trusted platform are techniques such as preventing programs from reading or writing each other's memory (memory curtaining) or deriving an encryption key from the software and hardware currently in use (sealed storage) and these act to protect private information. BenefitsStraight away we can see that computers with TPM provide an encrypted environment by default and that if such computers were lost, stolen or misplaced, then the contents would remain secure and unreadable by others. Furthermore, it is clear that software can be prevented from being tampered with, maintaining it's original condition and, ultimately, its reliability. Rogue programs, like spyware, would not be able to run, intervene or capture confidential data. Any attempts to interfere with original software would thus alert the user's attention. A computer owner could provide digital certificates to show that the machine was trusted and 'clean' and therefore able to run programs from another similarly trusted computer safely - an obvious application being remote computing. DrawbacksHowever the ability of trusted computing to embed keys in hardware and the corresponding software has led critics to propose that it restricts owners' use of their computers unreasonably and even support a kind of 'remote censorship'. Apple's intended switch from IBM's Power PC architecture to Intel's x86 processor chips in 2006 means that with Macs and Windows machines sharing a common hardware platform, users could theoretically install any software on the PCs, running Windows on a Mac or OS X on a Dell. Thus it may be in Apple's interests to employ a TPM chip to ensure that only Mac computers can run its OS X system. (It may be too late. Word on the street is that a pirate copy of OS 10.4.1 that runs on an Intel Pentium 4 is already downloadable from the Internet). Trusted computing also helps to make digital rights management (DRM) systems more secure, and this means content providers can control how their consumers listen to music, watch videos, read digital books and so on. The later version of iTunes now limits ones capability to burn a selected playlist of purchased songs to a CD a certain number of times. TiVo digital video recorder owners may now have a 'video rental' solution suddenly imposed upon a particular type of program or schedule, preventing them recording it, or deleting a previous recording after a day - behold the virtual rental store. One can see how manufacturers and media companies deem it essential to control 'their' content, but ultimately a tinkering student or teeny will find a flaw and decrypt the content into a permanent version and once a movie or track leaks on to the Internet ... TPM to comeAt present, TPM is an add-on piece of hardware, but by 2008 or 2009 every PC made should have TPM facilities built into its main processor chip. As this starts to happen, then so will the need for special TPM software - like HP's ProtectTools or Wave Systems' Embassy - fade away, as support for trusted hardware becomes incorporated into major operating systems. The Windows Vista version is likely to be called "Next Generation Secure Computing Base". Contacts
-IB-
|
Good read? Rate this article |
| I | B | |
| ^ Back to contents ^ | ||
|
4. Anatomy of a spam attack. Or is it?
From holiday booking to hapless victim in a few hours. | ||
| More help at hand. All the back issues just a click away |
My relatively quiet inbox was suddenly deluged with spam recently. On display was the usual brand of messages of the type "Please update your account", "Here is your password", "Member support" and so on. The addresses had been sent aliases of my own domain (let's call it mydomain.com to protect the innocent, ie me). So lots of messages from mail@mydomain.com, info@mydomain.com, etc. I was able to deduce the source, because among these was an obscure alias I had created recently (a deliberate tactic), let's call it hoteldelaplage@. I had used it just one time to attempt booking at a French hotel a week before (advice: don't bother, the phone is far quicker). Within the next 2 hours a dozen more emails arrived addressed to (and sent from) administrator@, admin@, service@, mail@, info@, sales@, register@, webmaster@mydomain.com - all the conventionally-spammed aliases that one should avoid these days. Some were also CC-ed as peter@, ray@, james@ - clearly a stab in the dark at genuine addresses. A few reports whacked off to Spamcop soon had the host address (originating from somewhere at wanadoo.fr) popping up on various well-known spam-blocking lists, some of which showed the IP address to be in a range that had been reported before. Things passed quietly until the next evening when a few more similar mails appeared. However, the rogue host address had started to disappear from spam blocker lists (not a persistent spammer perhaps), and I noticed that fresh emails now each had a new IP address. Over subsequent evenings the same pattern was repeated, always with a different IP. Also many of them had identical .ZIP attachments harbouring viruses. The problem was now transparently obvious, but there was nothing I could do about it. Somebody out there had a machine with a mass-mailing virus, possibly one of the hotel staff even, and every evening they would switch on read their emails and probably not even realise that their machine was busy emailing people in the address book and delivering a payload of viruses resident on the same computer. Because the rogue machine connects intermittently (perhaps with a wanadoo.fr dialup, perhaps not), the service provider allocates a dynamic IP address to the machine, a common technique to share a limited pool of addresses rather than paying for and dedicating static ones, hence the continually changing IP numbers in the message headers. From here there are 2 outcomes:
Whichever it is, I've configured my remote mail server to delete anything sent from those bogus addresses and heave a sigh of relief that I operate a domain rather than a single mailbox which would probably have become overloaded by now.
And next time? -IB- |
Good read? Rate this article |
| I | B | |
| ^ Back to contents ^ | ||
|
5. Upskilling - they mean "training"
Whatever the latest jargon calls it, developing your IT skills remains a good idea. | ||
| More help at hand. All the back issues just a click away |
We're in the thick of conference season, brim full with meetings, notes, spreadsheets, Powerpoint presentations - and just how do we collate all that information? With a raft of IT office software at our disposal, many people have not progressed beyond the 'Personal Computer' environment bygone days and can still only grapple with typing and printing a simple document. Learning how to use some of the main components of office software - even just a little better - will prove invaluable later Benefits
Don't know what you need? Or how to justify it? Look at our article on Training Needs Analysis for a step-by-step method. It sounds a bit like a cheesy advert, but there are always huge advantages to be had from a bit of 'upskilling' and it's still the one area that IT users neglect - themselves. Sit down, look at your diary, and plan some training for the new year for a new start, before your projects jam up all the available dates. Learn more about training. Contacts-IB-
|
Good read? Rate this article |
| I | B | |
| ^ Back to contents ^ | ||||||||||||||||||||||
|
6. Q&A: How do I dial from a modem when away from the office?
Question 
Hi Mark,
Our campaigns officer has taken her laptop computer to a conference in Peterborough. | ||||||||||||||||||||||
| More help at hand. All the back issues just a click away |
There certainly is, but this is a bit like one those recipes that say you should have started preparing the ingredients yesterday! Plenty of companies provide free easy-access dialup Internet access. Your own broadband provider is often one of them(!) so this is a good first base as they commonly give out a number you can dial with an ordinary modem (built into most laptops) which you can access with the same login name and password as for your broadband account. However, assuming your officer didn't take all those dialup details with her (she probably had other things to think about!), here are some examples of public dialups that you can access for free.
You officer will need to make a new dialup connection on her laptop PC, accessible from the Control Panel in Network Connections and then "Add a new connection". Don't forget that many hotels and conference centres may require a "dial 9" to get out through their phone exchange, so a "9" might need adding to the beginning of the dialup network connection number. Moreover, you may to put a "1470" prefix on the phone number to identify the number you are dialling from. This is because the PBX phone exchanges in many organisations (yours included perhaps) automatically blank the outgoing numbers, to prevent nuisance cold calls and auto-diallers. However, the internet dialup providers above can only supply their service for free by claiming back (probably from BT Wholesale) the portions of calls made, and to do this they must identify the dialup callers. The "1470" prefix forces your modem to reveal the phone number it is dialling from - in this case a venue in Peterborough - or caller-id, and allows the provider to make its claim. No "1470" means they won't connect you. So the worst dialup phone number combination you could end up having to configure, taking the "free-internet-uk" provider above as an example, might be: 9,1470,0844 535 2040The commas inserted here make the modem pause briefly to allow exchange ring tones to be established before continuing, but often they are unnecessary. Worldwide, you can find our about a lot more freely accessible dialups at http://www.freedomlist.com/find.php3 with 105 in the UK alone. -IB-
|
Good read? Rate this article | ||||||||||||||||||||
| I | B | |||||||||||||||||||||
| ^ Back to contents ^ | |||
|
Clicks of the Trade - the Recently-Used menu list
--- Quick tips for happier clicks! --- | |||
| More help at hand. All the back issues just a click away |
-IB-
|
Good read? Rate this article | |
| I | B | ||
^ Back to contents ^Overview of InfoBulletin Opinions expressed within InfoBulletin do not necessarily represent the views of Co-Operative Systems.
E&OEViewing IB Implementation Privacy |
Subscriptions ^ Back to contents ^Contact details
|
|
|
Read recent and past issues of InfoBulletins on the Web at http://www.coopsys.net/ibindex.htm or search our archives and subject index.
We hope you found InfoBulletin useful! If you would like to comment on any of the articles or request particular subjects to be covered, mail us here.
| ||
