greg hughes - dot net - Things that Suck http://www.greghughes.net/rant/ Note that the contents of this site represent my own thoughts and opinions, not those of anyone else - like my employer - or even my dog for that matter. Besides, the dog would post things that make sense. I don't. http://www.greghughes.net/images/gregheadshot1.png greg hughes - dot net - Things that Suck http://www.greghughes.net/rant/ en-us Greg Hughes Wed, 23 Jul 2008 15:14:34 GMT newtelligence dasBlog 1.9.7174.0 greg@greghughes.net greg@greghughes.net http://www.greghughes.net/rant/Trackback.aspx?guid=a7014cb5-0a6b-41a7-868e-b0a006af99af http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,a7014cb5-0a6b-41a7-868e-b0a006af99af.aspx http://www.greghughes.net/rant/CommentView,guid,a7014cb5-0a6b-41a7-868e-b0a006af99af.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=a7014cb5-0a6b-41a7-868e-b0a006af99af 1

DNS has a hole in it. Bad guys are working on exploits right now. Patches are available right now. Anyone responsible for a DNS server needs to exercise that responsibility. Right Now.

Dan Kaminsky found a security hole in DNS recently, the details of which he was keeping quiet so providers could fix and release patches and DNS server owners could get those patches deployed, in order to avoid security breaches on the Internet. His intent was to release the gory details in a couple weeks at the Black Hat conference.

But the other day word of the details inadvertently leaked out, and so now everyone responsible for a DNS system must - and I do mean must - drop what they're doing and make sure their systems are patched and safe. Failure to do so puts Internet users at risk of site fraud and hijacking.

DNS is a system that translates names you can remember (like www.greghughes.net) to especially non-memorable numerical addresses the Internet can route (such as 208.109.238.146). It's the Internet's phone book, so to speak.

The security hole allows malicious people to spoof a web site using the actual, legitimate domain name. In other words, bad guys could hijack a DNS server, and if it happens to be one your computer relys upon, you could type in a legitimate address like www.google.com or www.yourbank.com, but the web page would be a malicious one - a fake. The recently-released patches plug the hole and prevent this misuse (although it doesn't really change the underlying protocol).

Aaron Massey wrote a very good post describing the issue and it's various details. He also links to Halvar Flake, a talented reverse-engineering guy who thought the threat through and pretty much guessed it right on his blog. After Halvar's guess, another security blog that had specific knowledge of the threat details confirmed Flake's hypothesis. As a result, the threat was disclosed.

Luckily, the various creators of the DNS systems used all over the Internet released patches about two weeks ago. The real question is, have you patched your servers? This is a critical flaw - it needs to be patched immediately.

If you want to know whether the DNS server your computer relies upon is vulnerable or not, you can use the DNS Checker in the sidebar of Kaminsky's blog (as long as it remains there).



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Is your DNS server safe? Major security hole needs to be patched right now http://www.greghughes.net/rant/PermaLink,guid,a7014cb5-0a6b-41a7-868e-b0a006af99af.aspx http://www.greghughes.net/rant/IsYourDNSServerSafeMajorSecurityHoleNeedsToBePatchedRightNow.aspx Wed, 23 Jul 2008 15:14:34 GMT <p style="clear: both;"> <b><i>DNS has a hole in it. Bad guys are working on exploits right now. Patches are available right now. Anyone responsible for a DNS server needs to exercise that responsibility. Right Now.</i></b> <br> <br> Dan Kaminsky <a href="http://www.doxpara.com/?p=1162" title="" target="_blank">found a security hole</a> in DNS recently, the details of which he was keeping quiet so providers could fix and release patches and DNS server owners could get those patches deployed, in order to avoid security breaches on the Internet. His intent was to release the gory details in a couple weeks at the Black Hat conference. </p> <p style="clear: both;"> But the other day word of the details inadvertently leaked out, and so now everyone responsible for a DNS system must - and I do mean <i>must</i> - drop what they're doing and make sure their systems are patched and safe. Failure to do so puts Internet users at risk of site fraud and hijacking. </p> <p style="clear: both;"> DNS is a system that translates names you can remember (like www.greghughes.net) to especially non-memorable numerical addresses the Internet can route (such as 208.109.238.146). It's the Internet's phone book, so to speak.<br> <br> The security hole allows malicious people to spoof a web site using the actual, legitimate domain name. In other words, bad guys could hijack a DNS server, and if it happens to be one your computer relys upon, you could type in a legitimate address like www.google.com or www.yourbank.com, but the web page would be a malicious one - a fake. The recently-released patches plug the hole and prevent this misuse (although it doesn't really change the underlying protocol).<br> <br> <a href="http://blaynesucks.com/2008/07/22/protocol-level-dns-flaw" target="_blank">Aaron Massey wrote a very good post</a> describing the issue and it's various details. He also <a href="http://addxorrol.blogspot.com/2008/07/on-dans-request-for-no-speculation.html" target="_blank">links to Halvar Flake</a>, a talented reverse-engineering guy who thought the threat through and pretty much guessed it right on his blog. After Halvar's guess, another security blog that had specific knowledge of the threat details confirmed Flake's hypothesis. As a result, the threat was disclosed.<br> <br> Luckily, the various creators of the DNS systems used all over the Internet <a href="http://www.doxpara.com/?p=1162" target="_blank">released patches about two weeks ago</a>. The real question is, have you patched your servers? This is a critical flaw - it needs to be patched immediately.<br> <br> If you want to know whether the DNS server your computer relies upon is vulnerable or not, you can use <a href="http://www.doxpara.com/" target="_blank">the DNS Checker in the sidebar of Kaminsky's blog</a> (as long as it remains there). </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=a7014cb5-0a6b-41a7-868e-b0a006af99af" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,a7014cb5-0a6b-41a7-868e-b0a006af99af.aspx IT Security Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=4cd382d5-db3f-4806-a5c2-85521ea266b5 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,4cd382d5-db3f-4806-a5c2-85521ea266b5.aspx http://www.greghughes.net/rant/CommentView,guid,4cd382d5-db3f-4806-a5c2-85521ea266b5.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=4cd382d5-db3f-4806-a5c2-85521ea266b5 2

On TechCrunch IT, in a post called "The New Apple Walled Garden," author Nik Cubrilovic makes a good point...

TechCrunchIT » The New Apple Walled Garden

Geeks and enthusiasts wearing Wordpress t-shirts, using laptops covered in Data Portability, Microformats and RSS stickers lined up enthusiastically on Friday to purchase a device that is completely proprietary, controlled and wrapped in DRM. The irony was lost on some as they ran home, docked their new devices into a proprietary media player and downloaded closed source applications wrapped in DRM.

I am referring to the new iPhone - and the new Apple iPhone SDK that allows developers to build ‘native’ applications. The announcement was greeted with a web-wide standing ovation, especially from the developer community. The same community who demand all from Microsoft, feel gifted and special when Apple give them an inch of rope. When Microsoft introduced DRM into Media Player it was bad bad bad - and it wasn’t even mandatory, it simply allowed content owners a way to distribute and sell content from anywhere.

How can people who preach and pontificate open systems be so enamored with a completely closed, proprietary system as Apple's? Now, don't get me wrong. I was in line at an Apple store last week with all the people Nik talks about in his article. I really like the iPhone and I think my Mac is great, hardware-wise (okay, the OS is not too bad either). But there's something that's always lurking there in the back of my mind, like a pestering little voice that doesn't want me to give in or forget lessons of the past. "A closed system is a system doomed to fail," the voice tells me. Either that, or it is so limiting as to stifle. Or both. Maybe I need to get my medication checked. On the other hand, maybe the voice is right. Or both.

Risking cliche cynicism, I think one has to consider whether The Church of The Steve congregation is further developing (or devolving, if you prefer) in its adoration, at the expense of long-term good. Blind faith, crazed unthinking people saying one thing yet doing another, the how-dare-you-question mentality... Sounds familiar. And that's coming from an Episcopalian. An imperfect, sometimes-questioning, sometimes-doubting, cynical one -- But you get the point. I hope.

Perhaps the scariest part of my thought process today is that I actually agree completely with Dave Winer on this one. He nails it right on the head. Okay, there are times when I agree with Dave, but until now I've never really admitted it in public. :)

What do you think about Apple's model? Fanboy? Concerned? Who cares? End of the world as we know it? Utopia? Told-ya-so?



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. He makes a good point: On Apple's closed nature, demands of Microsoft by the community, and apparent hypocrisy http://www.greghughes.net/rant/PermaLink,guid,4cd382d5-db3f-4806-a5c2-85521ea266b5.aspx http://www.greghughes.net/rant/HeMakesAGoodPointOnApplesClosedNatureDemandsOfMicrosoftByTheCommunityAndApparentHypocrisy.aspx Wed, 16 Jul 2008 18:31:58 GMT <p> On TechCrunch IT, in a post called "The New Apple Walled Garden," author Nik Cubrilovic makes a good point... </p> <blockquote> <p> <a href="http://www.techcrunchit.com/2008/07/15/the-new-apple-walled-garden/"><em>TechCrunchIT » The New Apple Walled Garden</em></a> </p> <p> <em>Geeks and enthusiasts wearing Wordpress t-shirts, using laptops covered in Data Portability, Microformats and RSS stickers lined up enthusiastically on Friday to purchase a device that is completely proprietary, controlled and wrapped in DRM. The irony was lost on some as they ran home, docked their new devices into a proprietary media player and downloaded closed source applications wrapped in DRM. </em> </p> <p> <em>I am referring to the new iPhone - and the new Apple iPhone SDK that allows developers to build ‘native’ applications. The announcement was greeted with a web-wide standing ovation, especially from the developer community. The same community who demand all from Microsoft, feel gifted and special when Apple give them an inch of rope. When Microsoft introduced DRM into Media Player it was bad bad bad - and it wasn’t even mandatory, it simply allowed content owners a way to distribute and sell content from anywhere.</em> </p> </blockquote> <p> How can people who preach and pontificate open systems be so enamored with a completely closed, proprietary system as Apple's? Now, don't get me wrong. I was <a href="http://www.greghughes.net/rant/GotMyIPhone3gAfter4HoursOfActivationFailureWaitingAtTheStore.aspx" target="_blank">in line at an Apple store last week</a> with all the people Nik talks about in his article. I really like the iPhone and I think my Mac is great, hardware-wise (okay, the OS is not too bad either). But there's something that's always lurking there in the back of my mind, like a pestering little voice that doesn't want me to give in or forget lessons of the past. "A closed system is a system doomed to fail," the voice tells me. Either that, or it is so limiting as to stifle. Or both. Maybe I need to get my medication checked. On the other hand, maybe the voice is right. Or both. </p> <p> Risking cliche cynicism, I think one has to consider whether The Church of The Steve congregation is further developing (or devolving, if you prefer) in its adoration, at the expense of long-term good. Blind faith, crazed unthinking people saying one thing yet doing another, the how-dare-you-question mentality... Sounds familiar. And that's coming from an Episcopalian. An imperfect, sometimes-questioning, sometimes-doubting, cynical one -- But you get the point. I hope. </p> <p> Perhaps the scariest part of my thought process today is that I actually <a href="http://www.scripting.com/stories/2008/07/16/applesWalledGarden.html" target="_blank">agree completely with Dave Winer on this one</a>. He nails it right on the head. Okay, there are times when I agree with Dave, but until now I've never really admitted it in public. :) </p> <p> What do you think about Apple's model? Fanboy? Concerned? Who cares? End of the world as we know it? Utopia? Told-ya-so? </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=4cd382d5-db3f-4806-a5c2-85521ea266b5" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,4cd382d5-db3f-4806-a5c2-85521ea266b5.aspx Apple Random Stuff Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=4f6ec124-e239-48b3-8e66-fcc7b883982c http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,4f6ec124-e239-48b3-8e66-fcc7b883982c.aspx http://www.greghughes.net/rant/CommentView,guid,4f6ec124-e239-48b3-8e66-fcc7b883982c.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=4f6ec124-e239-48b3-8e66-fcc7b883982c I've traveled to Europe with my iPhone before, and despite activating an international data plan I ended up spending a bit more than I wanted to (by about $100). But Raven Zachary came back home to a $800+ bill, and there are many tales of others having even worse experiences.

Raven wrote a blog article offering some tips to keep your costs down, all of which are good. So, if you are traveling out of the USA with your AT&T iPhone (and yes, that DOES include to Canada or Mexico, so do your homework), check out what he wrote.

As of today, there is no "unlimited" international data plan available. It can get very expensive to deal with email attachments and use the maps program, or even just to check email the same way you do back home (meaning automatically every n minutes). With the 3G network coming on the new iPhone and the associated roaming costs for high-speed access projected to be higher, this all becomes even more important.

Until AT&T makes it a little easier to be their customers, and simplifies things for those of use paying them big bucks for service, you'll need to order specific international services and configure your iPhone in certain ways to make sure you don't get nailed and you'll have to search the 'net to find sources to read about the problems and related solutions. I feel sorry for people who get completely blindsided (and there are a lot of those people out there). So much for seamless, don't-have-to-think-about-it use, eh?



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Avoiding high international carrier fees with your AT&T iPhone overseas http://www.greghughes.net/rant/PermaLink,guid,4f6ec124-e239-48b3-8e66-fcc7b883982c.aspx http://www.greghughes.net/rant/AvoidingHighInternationalCarrierFeesWithYourATTIPhoneOverseas.aspx Tue, 24 Jun 2008 14:49:54 GMT I've traveled to Europe with my iPhone before, and despite activating an international data plan I ended up spending a bit more than I wanted to (by about $100). But Raven Zachary came back home to a $800+ bill, and there are many tales of others having even worse experiences.<br> <br> <a href="http://www.wireless.att.com/learn/international/roaming/iphone-travel-tips.jsp">Raven wrote a blog article offering some tips</a> to keep your costs down, all of which are good. So, if you are traveling out of the USA with your AT&amp;T iPhone (and yes, that DOES include to Canada or Mexico, so do your homework), check out what he wrote.<br> <br> As of today, there is no "unlimited" international data plan available. It can get very expensive to deal with email attachments and use the maps program, or even just to check email the same way you do back home (meaning automatically every <i>n</i> minutes). With the 3G network coming on the new iPhone and the associated roaming costs for high-speed access projected to be higher, this all becomes even more important.<br> <br> Until AT&amp;T makes it a little easier to be their customers, and simplifies things for those of use paying them big bucks for service, you'll need to <a href="http://www.wireless.att.com/learn/international/">order specific international services</a> and <a href="http://www.wireless.att.com/learn/international/roaming/iphone-travel-tips.jsp">configure your iPhone in certain ways</a> to make sure you don't get nailed and you'll have to search the 'net to find sources to read about the problems and related solutions. I feel sorry for people who get completely blindsided (and there are a lot of those people out there). So much for seamless, don't-have-to-think-about-it use, eh?<br> <p> </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=4f6ec124-e239-48b3-8e66-fcc7b883982c" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,4f6ec124-e239-48b3-8e66-fcc7b883982c.aspx Apple Mobile Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=8b03395d-417d-4fb5-b4da-cb26fbbf7653 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,8b03395d-417d-4fb5-b4da-cb26fbbf7653.aspx http://www.greghughes.net/rant/CommentView,guid,8b03395d-417d-4fb5-b4da-cb26fbbf7653.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=8b03395d-417d-4fb5-b4da-cb26fbbf7653 14 I've spent the past couple days, off and on, editing a manuscript on my Mac using the Pages application that is part of iWork '08. I've been editing a Word .doc file, which pages can open and deal with. Sort of. In the end, the way Pages handles Word docs... FAIL.

Formatting issues have resulted in a badly-hacked mess of a document that probably barely passes for acceptable when I return it with edits. I feel pretty terrible for the recipient.

So, frustratingly it's time to buy a copy of Mac Office '08. I was afraid it would come to this, and I guess I'm not really surprised at all. It was wroth a try, and I get Keynote so that's cool (as long as I don't have to use it for PowerPoint files that is).

Meanwhile, time to go up in the office and grab that Windows laptop with Office 2007 and get back to work...



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Pages on the Mac is not a good enough replacement for Microsoft Word http://www.greghughes.net/rant/PermaLink,guid,8b03395d-417d-4fb5-b4da-cb26fbbf7653.aspx http://www.greghughes.net/rant/PagesOnTheMacIsNotAGoodEnoughReplacementForMicrosoftWord.aspx Thu, 15 May 2008 23:26:31 GMT I've spent the past couple days, off and on, editing a manuscript on my Mac using the Pages application that is part of iWork '08. I've been editing a Word .doc file, which pages can open and deal with. Sort of. In the end, the way Pages handles Word docs... FAIL.<br> <br> Formatting issues have resulted in a badly-hacked mess of a document that probably barely passes for acceptable when I return it with edits. I feel pretty terrible for the recipient.<br> <br> So, frustratingly it's time to buy a copy of Mac Office '08. I was afraid it would come to this, and I guess I'm not really surprised at all. It was wroth a try, and I get Keynote so that's cool (as long as I don't have to use it for PowerPoint files that is).<br> <br> Meanwhile, time to go up in the office and grab that Windows laptop with Office 2007 and get back to work...<br> <p> </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=8b03395d-417d-4fb5-b4da-cb26fbbf7653" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,8b03395d-417d-4fb5-b4da-cb26fbbf7653.aspx Apple Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=2e5be256-2fba-40d1-815a-eb45c023f33d http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,2e5be256-2fba-40d1-815a-eb45c023f33d.aspx http://www.greghughes.net/rant/CommentView,guid,2e5be256-2fba-40d1-815a-eb45c023f33d.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=2e5be256-2fba-40d1-815a-eb45c023f33d

Got iTunes, or anything else Apple on your Windows computer? If so, when the Apple software checks for updates, you'll probably AppleUpdateSafari1see an option (which is enabled by default) to install Safari - even if you don't already have it installed  on your computer. Safari is Apple's default web browser (and actually not a bad one at that). But since people are used to seeing - well - updates when the software checks for updates, you might not realize you're installing new software.

Just making sure you're paying attention here, is all.

Sure enough, when I check for updates on my Windows machine, where Safari has never been installed, I'm presented with the option to install it...

AppleUpdateSafari2

As Tom Krazit tells us... Just un-check the box if you don't want to install Safari. Simple as that.

"It seems that at some point people became conditioned to downloading anything that shows up from an official source, like Microsoft, Apple, AOL, Yahoo, or whoever. Remember, it's your PC; spend your installation capital wisely." (link)

It's always important to pay attention to what you're clicking on. Fact is, Apple's probably counting on the fact that a significant number of people will just click without thinking - And that's indicative of a whole slew of problems, with users, companies, you name it.

For my part, I made the educated decision to install it. I actually kind of like Safari on the Mac, so I'm interested din trying it on Windows.



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Safari magically installing on Windows? Just say &quot;no&quot; if you don't want it... http://www.greghughes.net/rant/PermaLink,guid,2e5be256-2fba-40d1-815a-eb45c023f33d.aspx http://www.greghughes.net/rant/SafariMagicallyInstallingOnWindowsJustSayQuotnoquotIfYouDontWantIt.aspx Fri, 21 Mar 2008 20:47:04 GMT <p> Got iTunes, or anything else Apple on your Windows computer? If so, when the Apple software checks for updates, you'll probably <a href="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/SafarimagicallyinstallingonWindowsJusts_C1D3/AppleUpdateSafari1_2.jpg"><img style="border: 0px none ; margin: 10px 0px 10px 15px;" alt="AppleUpdateSafari1" src="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/SafarimagicallyinstallingonWindowsJusts_C1D3/AppleUpdateSafari1_thumb.jpg" align="right" border="0" height="76" width="186"></a>see an option (which is enabled by default) to install Safari - even if you don't already have it installed&nbsp; on your computer. Safari is Apple's default web browser (and actually not a bad one at that). But since people are used to seeing - well - updates when the software checks for updates, you might not realize you're installing new software. </p> <p> Just making sure you're paying attention here, is all. </p> <p> Sure enough, when I check for updates on my Windows machine, where Safari has never been installed, I'm presented with the option to install it... </p> <p> <a href="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/SafarimagicallyinstallingonWindowsJusts_C1D3/AppleUpdateSafari2_2.jpg"><img style="border: 0px none ; margin: 10px 0px 10px 15px;" alt="AppleUpdateSafari2" src="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/SafarimagicallyinstallingonWindowsJusts_C1D3/AppleUpdateSafari2_thumb.jpg" border="0" height="484" width="378"></a> </p> <p> As Tom Krazit tells us... Just <a href="http://www.news.com/8301-13579_3-9900727-37.html" target="_blank">un-check the box</a> if you don't want to install Safari. Simple as that. </p> <blockquote> <p> <em>"It seems that at some point people became conditioned to downloading anything that shows up from an official source, like Microsoft, Apple, AOL, Yahoo, or whoever. Remember, it's your PC; spend your installation capital wisely." (<a href="http://www.news.com/8301-13579_3-9900727-37.html" target="_blank">link</a>)</em> </p> </blockquote> <p> It's always important to pay attention to what you're clicking on. Fact is, Apple's probably counting on the fact that a significant number of people will just click without thinking - And that's indicative of a whole slew of problems, with users, companies, you name it. </p> <p> For my part, I made the educated decision to install it. I actually kind of like Safari on the Mac, so I'm interested din trying it on Windows. </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=2e5be256-2fba-40d1-815a-eb45c023f33d" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,2e5be256-2fba-40d1-815a-eb45c023f33d.aspx Apple IT Security Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=f4140845-0528-4ed2-88d8-2766fa378716 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,f4140845-0528-4ed2-88d8-2766fa378716.aspx http://www.greghughes.net/rant/CommentView,guid,f4140845-0528-4ed2-88d8-2766fa378716.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=f4140845-0528-4ed2-88d8-2766fa378716 28

Merry-Freakin'-Christmas from Blockbuster. NOT.

Not too long ago I wrote about Blockbuster's sudden and substantial rate increase. People were upset, me included. I begrudgingly gave in, however, and started paying the $7.00 increase - from $17.99 to $24.99 - per month for unlimited in-store exchanges and three mail rentals at a time.

BlockBusterLetterDec27th A few minutes ago I got a very "friendly" email from Blockbuster, letting me know some of the great rentals they have available in the first paragraph, encouraging me to exchange movies in the store in the second paragraph, and then pretty much putting it to me without so much as kissing me first in the third paragraph. Here is exactly what it said (click the image on the right to see a screen shot of the actual email with the section highlighted):

"To continue to bring you the unmatched convenience of both online and in-store DVD rentals, your monthly subscription fee will change from $24.99 to $34.99. This adjustment† will go into effect on your next billing cycle on or after December 27, 2007. The benefits of your subscription plan will remain the same."

So, in the time span of about four to five short months, my monthly cost has gone from $17.99 to $34.99 per month (in other words, roughly doubled) and the services I get for the money are less (since I no longer get the two coupons a month for movie or game rentals that I got for a couple years before their August price and service change).

"Ok, but that's the last straw."

As soon as the month I have already paid for runs out mid-January, I'm dumping this mess. Goodbye Blockbuster. Hello Netflix. I feel like I have to encourage everyone to do the same. This is - in my opinion - not a consumer-friendly company. I know they need to make a profit, and I was willing to support that. But dragging your customers through this kind of mess is not the way to do it. Believe me when I say I'd likely have been willing to spend more for better service (or at least consistently good service in both the store and online, which I don't get today), had a reasonable rate increase been effectively sold to me.

If some kind of miracle happens between now and January 18th when my account runs out and Blockbuster changes their plans, I'll consider sticking around. But it won't happen. This appears to be just more of the same decisions. It's too bad.

If you received an email, feel free to make use of the comments here. What does yours say? What do you think? What - if anything - will you be doing about it? If you agree with me and want to share the sentiment, you can link to http://www.boycottblockbuster.com/, which points to this page.

Time to stand up and say something.

Added -- Some other comments made on other blogs:

And, via Gizmodo, a humorous visual that effectively captures the essence of the situation...

 

I also noted that new subscribers to Blockbuster (people who go there today to sign up for the first time) will be recruited under the "old" pricing plans, as they have not changed the information on the web site. That seems a little disingenuous, if not completely dishonest, doesn't it? Click the image below to see a fill-size screenshot of their pricing page on the site as of the morning of December 20th. I'd hope they'd at least get this problem fixed soon (unless they don't intend to increase the prices for new customers, of course).

blockbusterpricesdecember19list



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Boycott Blockbuster Time - Massive Rate Increases Once Again http://www.greghughes.net/rant/PermaLink,guid,f4140845-0528-4ed2-88d8-2766fa378716.aspx http://www.greghughes.net/rant/BoycottBlockbusterTimeMassiveRateIncreasesOnceAgain.aspx Thu, 20 Dec 2007 04:09:45 GMT <div class=wlWriterSmartContent id=scid:B3E14793-948F-49af-A347-D19C374A7C4F:836fe32e-a136-40a6-be40-8da0b2ebb7c9 style="PADDING-RIGHT: 10px; DISPLAY: inline; PADDING-LEFT: 0px; FLOAT: left; PADDING-BOTTOM: 10px; MARGIN: 0px; PADDING-TOP: 0px"> <script type=text/javascript><!-- digg_url = 'http://www.greghughes.net/rant/BoycottBlockbusterTimeMassiveRateIncreasesOnceAgain.aspx'; //--></script> <script src="http://digg.com/tools/diggthis.js" type=text/javascript></script> </div> <p> Merry-Freakin'-Christmas from Blockbuster. NOT. </p> <p> Not too long ago <a href="http://www.greghughes.net/rant/BlockbustersTotalAccessDealNotQuiteSoWonderfulAnymore.aspx" target=_blank>I wrote about Blockbuster's sudden and substantial rate increase</a>. People were upset, me included. I begrudgingly gave in, however, and started paying the $7.00 increase - from $17.99 to $24.99 - per month for unlimited in-store exchanges and three mail rentals at a time. </p> <p> <a href="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/BoycottBlockbusterMassiveRateIncreaseAga_11078/BlockBusterLetterDec27th_2.png"><img style="BORDER-TOP-WIDTH: 0px; BORDER-LEFT-WIDTH: 0px; BORDER-BOTTOM-WIDTH: 0px; MARGIN: 10px 0px 10px 15px; BORDER-RIGHT-WIDTH: 0px" height=285 alt=BlockBusterLetterDec27th src="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/BoycottBlockbusterMassiveRateIncreaseAga_11078/BlockBusterLetterDec27th_thumb.png" width=286 align=right border=0></a> A few minutes ago I got a very "friendly" email from Blockbuster, letting me know some of the great rentals they have available in the first paragraph, encouraging me to exchange movies in the store in the second paragraph, and then pretty much putting it to me without so much as kissing me first in the third paragraph. Here is exactly what it said (click the image on the right to see a screen shot of the actual email with the section highlighted): </p> <blockquote> <p> <em><strong>"To continue to bring you the unmatched convenience of both online and in-store DVD rentals, your monthly subscription fee will change from $24.99 to $34.99. This adjustment† will go into effect on your next billing cycle on or after December 27, 2007. The benefits of your subscription plan will remain the same."</strong></em> </p> </blockquote> <p> So, in the time span of about four to five short months, my monthly cost has gone from $17.99 to $34.99 per month (in other words, roughly doubled) and the services I get for the money are less (since I no longer get the two coupons a month for movie or game rentals that I got for a couple years before their August price and service change). </p> <p> "Ok, but that's the last straw." </p> <p> As soon as the month I have already paid for runs out mid-January, I'm dumping this mess. Goodbye Blockbuster. Hello Netflix. I feel like <a href="http://www.boycottblockbuster.com/" target=_blank>I have to encourage everyone to do the same</a>. This is - in my opinion - not a consumer-friendly company. I know they need to make a profit, and I was willing to support that. But dragging your customers through this kind of mess is not the way to do it. Believe me when I say I'd likely have been willing to spend more for better service (or at least consistently good service in both the store and online, which I don't get today), had a reasonable rate increase been effectively sold to me. </p> <p> If some kind of miracle happens between now and January 18th when my account runs out and Blockbuster changes their plans, I'll consider sticking around. But it won't happen. This appears to be just more of the same decisions. It's too bad. </p> <p> If you received an email, feel free to <a href="http://www.greghughes.net/rant/BoycottBlockbusterTimeMassiveRateIncreasesOnceAgain.aspx#commentstart" target=_blank>make use of the comments here</a>. What does yours say? What do you think? What - if anything - will you be doing about it? If you agree with me and want to share the sentiment, you can link to <a title=http://www.boycottblockbuster.com/ href="http://www.boycottblockbuster.com/">http://www.boycottblockbuster.com/</a>, which points to this page. </p> <p> Time to stand up and say something. </p> <blockquote> <p> Added -- Some other comments made on other blogs: </p> <ul> <li> <a href="http://arstechnica.com/news.ars/post/20071220-blockbuster-grinches-total-access-customers-with-price-hike.html" target=_blank>Ars Technica analysis</a> <li> <a href="http://www.hackingnetflix.com/2007/12/blockbuster-rai.html" target=_blank>Hacking Netflix</a> <li> <a href="http://gizmodo.com/336130/blockbuster-online-members-socked-with-christmas-price-hike" target=_blank>Gizmodo</a> <li> <a href="http://www.slashgear.com/blockbuster-dares-you-to-drop-them-no-kidding-199129.php" target=_blank>SlashGear</a> <li> <a href="http://www.fivecentnickel.com/2007/12/20/another-blockbuster-price-increase/" target=_blank>Five Cent Nickel</a> <li> <a href="http://www.ipodexpress.net/blockbuster-online-members-socked-with-christmas-price-hike-huge-price-increase/" target=_blank>Ipod Express</a> </li> </ul> <p> And, via Gizmodo, a humorous visual that effectively captures the essence of the situation... </p> <p align=center> <img src="http://gizmodo.com/assets/resources/2007/12/blockbuster_priceincrease.jpg">&nbsp; </p> </blockquote> <p align=left> I also noted that new subscribers to Blockbuster (people who go there today to sign up for the first time) will be recruited under the "old" pricing plans, as they have not changed the information on the web site. That seems a little disingenuous, if not completely dishonest, doesn't it? Click the image below to see a fill-size screenshot of their pricing page on the site as of the morning of December 20th. I'd hope they'd at least get this problem fixed soon (unless they don't intend to increase the prices for new customers, of course). </p> <p align=center> <a href="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/BoycottBlockbusterMassiveRateIncreaseAga_11078/blockbusterpricesdecember19list_2.jpg"><img style="BORDER-TOP-WIDTH: 0px; BORDER-LEFT-WIDTH: 0px; BORDER-BOTTOM-WIDTH: 0px; MARGIN: 10px 0px 10px 15px; BORDER-RIGHT-WIDTH: 0px" height=391 alt=blockbusterpricesdecember19list src="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/BoycottBlockbusterMassiveRateIncreaseAga_11078/blockbusterpricesdecember19list_thumb.jpg" width=393 border=0></a> </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=f4140845-0528-4ed2-88d8-2766fa378716" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,f4140845-0528-4ed2-88d8-2766fa378716.aspx Random Stuff Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=f47a490e-f8c3-42fe-8f30-b0aefe11f760 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,f47a490e-f8c3-42fe-8f30-b0aefe11f760.aspx http://www.greghughes.net/rant/CommentView,guid,f47a490e-f8c3-42fe-8f30-b0aefe11f760.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=f47a490e-f8c3-42fe-8f30-b0aefe11f760 40

Note: This article contains a cheesy workaround that worked for me. It is most certainly unofficial and not supported by HP or anyone else (including me). So, if you use it - just know your mileage may vary.

I have a HP Pavillion dv9620 laptop with Vista 64-bit Ultimate preinstalled. It's a big-ol' laptop and has a webcam built into the top of the display. But the camera has hardly ever worked. For months I am grumbled at it each time it has failed to work in MSN Messenger and in HP's own QuickPlay software. It worked for a while, then it worked only when I first started the computer, and eventually it would not even do that, so I pretty much gave up. HP drivers did not help, one bit. Heck, just finding them on the HP web site is a painful task.

Tonight Carl Franklin asked me to help his test his webcam. We fired up Live Messenger and I was able to see and hear him just fine, but of course mine was not working. Pretty lame.

Call that inspiration. Nothing worse for a technical person than to have a broken system, especially in front of other techies, heh. I decided to start searching the web again this evening for some sort of solution, and after finding a bunch of the same-old forum and newsgroup posts, I ran across what appears to be a real gem. And it seems to have solved my problem: No more failure to see and use the HP webcam, at least so far in Messenger and in QuickPlay.

chicony1

The camera is made by a company called Chicony, and it turns out Acer also uses their cameras (as do some other manufacturers). Note that not all HP notebooks have Chicony webcams - some have Ricoh models and possibly other brands. Check your Device Manager to see who the hardware manufacturer is listed as to help determine whether or not this is the right method for you (or just try it and deal with any glitches if it's not). But, according to this post in the forums at notebookreview.com, people are having great success using the Acer drivers on their Vista Pavillion machines with the built-in webcam.

I downloaded the drivers, checked them for safety, and updated my system by following the simple instructions. Voila! It works! It shows up in device manager as an Acer webcam, but I can live with that, for sure.

image

With a little luck it will keep working. Before posting this I rebooted and rechecked the camera, opened a few programs to try to screw it up, etc. So far, so good.

Here are the brief instructions (as slightly adapted from the post by Dylan Bennett at notebookreview.com):

  • First, download the drivers. I got mine from here, and yes -- these are the drivers I used on my 64-bit Vista install: Acer Extensa 5210 Chicony Webcam Driver 5.7
  • Next, unzip the installer executable file, then run the setup program and do the reboot thing.
  • After you log back in Windows should tell you it's setting up your devices and finding the drivers. Let it finish.
  • Open the Control Panel and then open the Device Manager.
  • Find the webcam under "Imaging Devices." On mine it was listed as a generic USB 2.0 device. Yours may be different.
  • Right-click on the webcam entry in Device manager and select "Update Driver Software..." from the menu.
  • Choose "Browse my computer for driver software."
  • Choose "Let me pick from a list of device drivers on my computer."
  • Uncheck the "Show compatible hardware" checkbox.
  • Scroll in the list to find Chicony in the dialog's manufacturer list.
  • Choose the "Acer Crystal Eye webcam."
  • You're most likely going to be warned that the driver cannot be confirmed to be compatible. You can tell it to install anyway.
  • Wait for the driver to be installed.
  • Check Device Manager under the Imaging devices section again and see what you have. Note that the webcam will likely now be listed as an Acer Crystal Eye webcam.

devicemanager4webcam

Now, go and use Messenger or whatever program has given you fits before and see what your results are. Be sure to reboot and try all your webcam-enabled programs. Give it a real brutal test before declaring success. For me it's been great, but your mileage most certainly may vary, and I am certain HP will not consider this a supportable configuration, heh.

Proof it works for those that need it, here you go. Gotta love the reflection-in-the-glasses thing, heh:

Good luck!



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. My HP Pavillion Web Camera issue resolved - by using Acer drivers no less http://www.greghughes.net/rant/PermaLink,guid,f47a490e-f8c3-42fe-8f30-b0aefe11f760.aspx http://www.greghughes.net/rant/MyHPPavillionWebCameraIssueResolvedByUsingAcerDriversNoLess.aspx Sat, 08 Dec 2007 05:31:37 GMT <p> <em>Note: This article contains a cheesy workaround that worked for me. It is most certainly unofficial and not supported by HP or anyone else (including me). So, if you use it - just know your mileage may vary.</em> </p> <p> I have a HP Pavillion dv9620 laptop with Vista 64-bit Ultimate preinstalled. It's a big-ol' laptop and has a webcam built into the top of the display. But the camera has hardly ever worked. For months I am grumbled at it each time it has failed to work in MSN Messenger and in HP's own QuickPlay software. It worked for a while, then it worked only when I first started the computer, and eventually it would not even do that, so I pretty much gave up. HP drivers did not help, one bit. Heck, just finding them on the HP web site is a painful task. </p> <p> Tonight <a href="http://www.franklins.net/carl.aspx" target="_blank">Carl Franklin</a> asked me to help his test his webcam. We fired up Live Messenger and I was able to see and hear him just fine, but of course mine was not working. Pretty lame. </p> <p> Call that inspiration. Nothing worse for a technical person than to have a broken system, especially in front of other techies, heh. I decided to start searching the web again this evening for some sort of solution, and after finding a bunch of the same-old forum and newsgroup posts, I ran across what appears to be a real gem. And it seems to have solved my problem: No more failure to see and use the HP webcam, at least so far in Messenger and in QuickPlay. </p> <p align="center"> <img style="border-top-width: 0px; border-left-width: 0px; border-bottom-width: 0px; border-right-width: 0px" height="79" alt="chicony1" src="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/HPWebCameraissueresolvedbyusingAcerdrive_1134E/chicony1_e794ca60-5ef9-494f-9209-22842f88f2d6.jpg" width="260" border="0"> </p> <p> The camera is made by a company called Chicony, and it turns out Acer also uses their cameras (as do some other manufacturers). Note that not all HP notebooks have Chicony webcams - some have Ricoh models and possibly other brands. Check your Device Manager to see who the hardware manufacturer is listed as to help determine whether or not this is the right method for you (or just try it and deal with any glitches if it's not). But, <a href="http://forum.notebookreview.com/showthread.php?t=149463" target="_blank">according to this post</a> in the forums at notebookreview.com, people are having great success using the Acer drivers on their Vista Pavillion machines with the built-in webcam. </p> <p> I downloaded the drivers, checked them for safety, and updated my system by following the simple instructions. Voila! It works! It shows up in device manager as an Acer webcam, but I can live with that, for sure. </p> <p align="center"> <img style="border-top-width: 0px; border-left-width: 0px; border-bottom-width: 0px; border-right-width: 0px" height="226" alt="image" src="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/HPWebCameraissueresolvedbyusingAcerdrive_1134E/image_fe34da0d-31ac-4395-b819-ef63682634b7.png" width="244" border="0"> </p> <p> With a little luck it will keep working. Before posting this I rebooted and rechecked the camera, opened a few programs to try to screw it up, etc. So far, so good. </p> <p> Here are the brief instructions (as slightly adapted from the post by Dylan Bennett at <a href="http://forum.notebookreview.com/showthread.php?t=149463" target="_blank">notebookreview.com</a>): </p> <ul> <li> First, download the drivers. I got mine from here, and yes -- these are the drivers I used on my 64-bit Vista install: <a href="http://drivers.softpedia.com/get/SCANNER-Digital-CAMERA-WEBCAM/OTHER-SCANNERS/Acer-Extensa-5210-Chicony-Webcam-Driver-57.shtml">Acer Extensa 5210 Chicony Webcam Driver 5.7</a> <li> Next, unzip the installer executable file, then run the setup program and do the reboot thing. <li> After you log back in Windows should tell you it's setting up your devices and finding the drivers. Let it finish. <li> Open the Control Panel and then open the Device Manager. <li> Find the webcam under "Imaging Devices." On mine it was listed as a generic USB 2.0 device. Yours may be different. <li> Right-click on the webcam entry in Device manager and select "Update Driver Software..." from the menu. <li> Choose "Browse my computer for driver software." <li> Choose "Let me pick from a list of device drivers on my computer." <li> Uncheck the "Show compatible hardware" checkbox. <li> Scroll in the list to find Chicony in the dialog's manufacturer list. <li> Choose the "Acer Crystal Eye webcam." <li> You're most likely going to be warned that the driver cannot be confirmed to be compatible. You can tell it to install anyway. <li> Wait for the driver to be installed. <li> Check Device Manager under the Imaging devices section again and see what you have. Note that the webcam will likely now be listed as an Acer Crystal Eye webcam.</li> </ul> <p align="center"> <img style="border-top-width: 0px; border-left-width: 0px; border-bottom-width: 0px; border-right-width: 0px" height="96" alt="devicemanager4webcam" src="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/HPWebCameraissueresolvedbyusingAcerdrive_1134E/devicemanager4webcam_ef06b0a0-5855-4f7b-86ba-6b46737786de.jpg" width="247" border="0"> </p> <p> Now, go and use Messenger or whatever program has given you fits before and see what your results are. Be sure to reboot and try all your webcam-enabled programs. Give it a real brutal test before declaring success. For me it's been great, but your mileage most certainly may vary, and I am <em>certain</em> HP will not consider this a supportable configuration, heh. </p> <p> Proof it works for those that need it, here you go. Gotta love the reflection-in-the-glasses thing, heh: </p> <div align="center"> <div class="wlWriterSmartContent" id="scid:5737277B-5D6D-4f48-ABFC-DD9C333F4C5D:37483636-1fbc-48d9-8d45-86503ab3e6a0" style="padding-right: 0px; display: inline; padding-left: 0px; padding-bottom: 0px; margin: 0px; padding-top: 0px"> <div> <object width="425" height="355"> <param name="movie" value="http://www.youtube.com/v/E5aD7xyY_kQ">> <param name="wmode" value="transparent">><embed src="http://www.youtube.com/v/E5aD7xyY_kQ" type="application/x-shockwave-flash" wmode="transparent" width="425" height="355"></embed> </object> </div> </div> </div> <p> Good luck! </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=f47a490e-f8c3-42fe-8f30-b0aefe11f760" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,f47a490e-f8c3-42fe-8f30-b0aefe11f760.aspx Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=7c5b7c73-4426-4dbf-92a6-0cf40762424c http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,7c5b7c73-4426-4dbf-92a6-0cf40762424c.aspx http://www.greghughes.net/rant/CommentView,guid,7c5b7c73-4426-4dbf-92a6-0cf40762424c.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=7c5b7c73-4426-4dbf-92a6-0cf40762424c 3

Jason Cross hits the nail on the head. It's not the hardware, it's not the software, it's not even the company. It's something else completely.

Bad apples (pun intended) can truly spoil the barrel.

I have to say, based on my own experiences and as a Mac user since the very first one came out (yes, that one) when I was a kid, I agree with Jason's points. Well-said and fairly-put.

Now you go read it. Someone needs to say these things, and Jason did. Good for him.



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. The Worst Thing About Macs... http://www.greghughes.net/rant/PermaLink,guid,7c5b7c73-4426-4dbf-92a6-0cf40762424c.aspx http://www.greghughes.net/rant/TheWorstThingAboutMacs.aspx Thu, 11 Oct 2007 13:56:25 GMT <p> Jason Cross <a href="http://www.extremetech.com/article2/0,1558,2193639,00.asp?kc=ETRSS02129TX1K0000532" target="_blank">hits the nail on the head</a>. It's not the hardware, it's not the software, it's not even the company. It's something else completely. </p> <p> Bad apples (pun intended) can truly spoil the barrel. </p> <p> I have to say, based on my own experiences and as a Mac user since the very first one came out (yes, <em>that</em> one) when I was a kid, I agree with Jason's points. Well-said and fairly-put. </p> <p> <a href="http://www.extremetech.com/article2/0,1558,2193639,00.asp?kc=ETRSS02129TX1K0000532" target="_blank">Now you go read it</a>. Someone needs to say these things, and Jason did. Good for him. </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=7c5b7c73-4426-4dbf-92a6-0cf40762424c" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,7c5b7c73-4426-4dbf-92a6-0cf40762424c.aspx Random Stuff Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=449027e1-1691-48f5-bc65-e7f633c2fb51 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,449027e1-1691-48f5-bc65-e7f633c2fb51.aspx http://www.greghughes.net/rant/CommentView,guid,449027e1-1691-48f5-bc65-e7f633c2fb51.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=449027e1-1691-48f5-bc65-e7f633c2fb51 16

Updated: If you're wondering how this was resolve by Apple in my particular case, you can read about it here.

Ugh, this just had to happen.

I went to an Apple Store up in Bellevue, Washington yesterday before the nerd dinner and picked up a couple things, namely a Jawbone Bluetooth headset (which is awesome, more on that later), a touch-screen glass protector and a leather holster for my iPhone.

Don't buy the leather holster. Long story short, it's too tight, there's no way you can keep a good grip on the phone when you try to pry it out of the holster on your waist, and when it does come out you'll be lucky if it doesn't have some real velocity and inertia behind it. Like I said, you'll be lucky if.

I wasn't that lucky.

As I left the hotel today a text message chimed in and I went to pull the phone from the holster. It was hard to pull on, and when it finally gave way it came out fast, bounced off the palm of my hand, down my leg and to the floor. Actually, it didn't really hit that hard. Nowhere near as hard as every other phone I have ever had.

But the metal case that encloses the iPhone is apparently pretty soft. As in, it bends easily. The "power" button (that one on the upper right top edge) is now stuck and won't operate because even though the fall was broken and slowed, the soft-ish metal bent just enough to tweak the opening where the plastic button sticks though. So, now it's effectively jammed. Argh.

I was near the Apple Store (same one) when this happened and so I went there to see what I will have to do to get it fixed, but the wait for one of their "experts" was like three hours, and I had to dive into Seattle traffic to make the trip back home to Portland. So, I'll cal Apple or take it to the local store in the next day or so.

I'd recommend a couple things based on this experience. Again, don't use the leather holster, it's just a poor design, and one that a friend of mine has has loosened up over the month he has had it, but to the point where it no longer properly holds the phone (it went from tight to too loose, go figure). Also, if you're prone to dropping phones, go straight out and get one of the rubber armored slip-on cases. I sure wish I had chosen that instead of the holster. Hopefully this will help someone avoid a problem and the expense I am sure to be faced with when I get this thing fixed.



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. iPhone not too durable if dropped http://www.greghughes.net/rant/PermaLink,guid,449027e1-1691-48f5-bc65-e7f633c2fb51.aspx http://www.greghughes.net/rant/iPhoneNotTooDurableIfDropped.aspx Fri, 14 Sep 2007 03:11:44 GMT <p> <em><strong>Updated:</strong> If you're wondering how this was resolve by Apple in my particular case, <a href="http://www.greghughes.net/rant/HowAppleTrulyWonMeOverMyIPhoneServiceStory.aspx">you can read about it here</a>.</em> </p> <p> Ugh, this just <em>had</em> to happen. </p> <p> I went to an Apple Store up in Bellevue, Washington yesterday before the nerd dinner and picked up a couple things, namely a Jawbone Bluetooth headset (which is awesome, more on that later), a touch-screen glass protector and a leather holster for my iPhone. </p> <p> <em>Don't buy the leather holster.</em> Long story short, it's too tight, there's no way you can keep a good grip on the phone when you try to pry it out of the holster on your waist, and when it does come out you'll be lucky if it doesn't have some real velocity and inertia behind it. Like I said, you'll be lucky <em>if</em>. </p> <p> I wasn't that lucky. </p> <p> As I left the hotel today a text message chimed in and I went to pull the phone from the holster. It was hard to pull on, and when it finally gave way it came out fast, bounced off the palm of my hand, down my leg and to the floor. Actually, it didn't really hit that hard. Nowhere near as hard as every other phone I have ever had. </p> <p> But the metal case that encloses the iPhone is apparently pretty soft. As in, it bends easily. The "power" button (that one on the upper right top edge) is now stuck and won't operate because even though the fall was broken and slowed, the soft-ish metal bent just enough to tweak the opening where the plastic button sticks though. So, now it's effectively jammed. Argh. </p> <p> I was near the Apple Store (same one) when this happened&nbsp;and so I went there to see what I will have to do to get it fixed, but the wait for one of their "experts" was like three hours, and I had to dive into Seattle traffic to make the trip back home to Portland. So, I'll cal Apple or take it to the local store in the next day or so. </p> <p> I'd recommend a couple things based on this experience. Again, don't use the leather holster, it's just a poor design, and one that a friend of mine has has loosened up over the month he has had it, but to the point where it no longer properly holds the phone (it went from tight to too loose, go figure). Also, if you're prone to dropping phones, go straight out and get one of the rubber armored slip-on cases. I sure wish I had chosen that instead of the holster. Hopefully this will help someone avoid a problem and the expense I am sure to be faced with when I get this thing fixed. </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=449027e1-1691-48f5-bc65-e7f633c2fb51" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,449027e1-1691-48f5-bc65-e7f633c2fb51.aspx Mobile Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=9ea8301f-7b40-4acc-aad4-f62783312912 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,9ea8301f-7b40-4acc-aad4-f62783312912.aspx http://www.greghughes.net/rant/CommentView,guid,9ea8301f-7b40-4acc-aad4-f62783312912.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=9ea8301f-7b40-4acc-aad4-f62783312912 6

I'm quickly learning the pain of running a 64-bit OS on my new laptop. Of course, that's the version of Windows Vista Ultimate it came with, what with all the processors being sold these days are 64-bit and all.

I went to install iTunes (which installed with a message explaining it would not be able to copy CDs) and activate the new iPhone, and what do you think I see?

   image

Crap. You have got to be kidding me.

Apparently this is a well-known issue. Except that I didn't know and on the box it says, "Windows Vista" is supported, without any mention of version or 32-bit vs 64-bit. reading the fine print details of the release notes one finds a buried mention of no support for 64-bit Windows. Hmph.

Now I have to decide what to do - return the phone out of pure spite, or sync it to a different computer... Sorry, but "lame" is the only word that comes to mind here. Fanboys will undoubtedly spew vitriol at that statement, but it's still lame.

Ideas anyone? Will a 32-bit OS running in a virtual machine work for me maybe?



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Another unfortunate 64-bit Windows programming decision - you can't activate the iPhone http://www.greghughes.net/rant/PermaLink,guid,9ea8301f-7b40-4acc-aad4-f62783312912.aspx http://www.greghughes.net/rant/AnotherUnfortunate64bitWindowsProgrammingDecisionYouCantActivateTheIPhone.aspx Thu, 06 Sep 2007 18:51:20 GMT <p> I'm quickly learning the pain of running a 64-bit OS on my new laptop. Of course, that's the version of Windows Vista Ultimate&nbsp;it came with, what with all the processors being sold these days are 64-bit and all. </p> <p> I went to install iTunes (which installed with a message explaining it would not be able to copy CDs) and activate the new iPhone, and what do you think I see? </p> <p> &nbsp;&nbsp; <img style="BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px" height=129 alt=image src="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/Anotherstupid64bitWindowsprogrammingdeci_A6AC/image_1.png" width=391 border=0> </p> <p> Crap. You have <em>got</em> to be kidding me. </p> <p> Apparently this is a <a href="http://www.google.com/search?hl=en&amp;rls=com.microsoft%3A*&amp;q=not+activate+the+iPhone+64-bit+vista&amp;btnG=Search" target=_blank>well-known issue</a>. Except that I didn't know and on the box it says, "Windows Vista" is supported, without any mention of version or 32-bit vs 64-bit. reading the fine print details of the release notes one finds a buried mention of no support for 64-bit Windows. Hmph. </p> <p> Now I have to decide what to do - return the phone out of pure spite,&nbsp;or sync it to a different computer... Sorry, but "lame" is the only word that comes to mind here. Fanboys will undoubtedly spew vitriol at that statement, but it's still lame. </p> <p> Ideas anyone? Will a 32-bit OS running in a virtual machine work for me maybe? </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=9ea8301f-7b40-4acc-aad4-f62783312912" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,9ea8301f-7b40-4acc-aad4-f62783312912.aspx Mobile Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=fd8bf616-ca17-4c97-bc65-b6b66c96b5ea http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,fd8bf616-ca17-4c97-bc65-b6b66c96b5ea.aspx http://www.greghughes.net/rant/CommentView,guid,fd8bf616-ca17-4c97-bc65-b6b66c96b5ea.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=fd8bf616-ca17-4c97-bc65-b6b66c96b5ea

Well, I just discovered that I am missing at least one blog entry from the past. I know it's missing because I specifically went looking for it today. I also linked to it in the past from another entry that still exists on this blog. It's just gone. Weird. Also not good. Makes me wonder what else might be missing. I have an idea what might have caused this, but that doesn't help solve the issue. I may have to go back and find some old site content backups and figure out when it disappeared, and probably enumerate all of my posts from the old backups and compare them to what's online now. from there I can make repairs.

Ugh, that just sounds like so much fun... A use for my copious spare time, I guess. Not. Heh.

If you happen to find a link to something here that doesn't work (it will probably redirect you to the main home page), please let me know the original URL and the topic or place you found the link.

Thanks.



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Missing blog entry(ies)? http://www.greghughes.net/rant/PermaLink,guid,fd8bf616-ca17-4c97-bc65-b6b66c96b5ea.aspx http://www.greghughes.net/rant/MissingBlogEntryies.aspx Mon, 27 Aug 2007 20:48:08 GMT <p> Well, I just discovered that I am missing <em>at least one</em> blog entry from the past. I know it's missing because I specifically went looking for it today.&nbsp;I also&nbsp;linked to it in the past from another entry that still exists on this blog. It's just gone. Weird. Also not good. Makes me&nbsp;wonder what else might be missing. I have an idea what might have caused this, but that doesn't help solve the issue. I may have to go back and find some old site content backups and figure out when it disappeared, and probably enumerate all of my posts from the old backups and compare them to what's online now. from there I can make repairs. </p> <p> Ugh, that just sounds like so much fun... A use for my copious spare time, I guess. Not. Heh. </p> <p> If you happen to find a link to something here&nbsp;that doesn't work (it will probably redirect you to the main home page), please let me know the original URL and the topic or place you found the link. </p> <p> Thanks. </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=fd8bf616-ca17-4c97-bc65-b6b66c96b5ea" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,fd8bf616-ca17-4c97-bc65-b6b66c96b5ea.aspx Random Stuff Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=7b71ce80-037f-4a74-94d9-78fdcfb6ea91 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,7b71ce80-037f-4a74-94d9-78fdcfb6ea91.aspx http://www.greghughes.net/rant/CommentView,guid,7b71ce80-037f-4a74-94d9-78fdcfb6ea91.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=7b71ce80-037f-4a74-94d9-78fdcfb6ea91

CIO Magazine online has a great new article detailing the top ten thing you should never write in an email, as well as some other communication tips for business-types. It's decent advice and worth a read, for sure.

Here are the top-ten items (be sure to read the original story as well for the full meal deal):

Don’t Do That! 10 E-Mail No-Nos

1. Negative comments regarding your firm's executives. Too easy for someone else to forward accidentally.

2. Performance criticism. Seems more "official" than when spoken, causing people to worry too much.

3. Bonus or salary matters. Company plans may change.

4. Racial or gender slurs. Enough said.

5. Details relating to product liabilities. Court trail, anyone?

6. Lies about your company's rivals. Another ticket to legal trouble.

7. Office dish. If people want to spread their own news, let them.

8. Sloppy writing. Your image is at stake, even if you're hacking away on a BlackBerry .

9. Sarcastic humor. Without inflection or visual cues, it's risky.

10. Private matters. Don't e-mail details on any part of your life that you wouldn’t want to see in the newspaper.

Source: Dianna Booh

Been bit before? What else do you think should you never, ever put into an email?



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. 10 Things You Should Never Put in Email http://www.greghughes.net/rant/PermaLink,guid,7b71ce80-037f-4a74-94d9-78fdcfb6ea91.aspx http://www.greghughes.net/rant/10ThingsYouShouldNeverPutInEmail.aspx Thu, 26 Jul 2007 20:25:54 GMT <p> <a href="http://www.cio.com/article/125602/_Things_You_Should_Never_Put_in_E_Mail_and_Other_Communication_Tips/1" target="_blank">CIO Magazine online has a great new article</a> detailing the top ten thing you should <em>never</em> write in an email, as well as some other communication tips for business-types. It's decent advice and worth a read, for sure. </p> <p> Here are the top-ten items (be sure to read the <a href="http://www.cio.com/article/125602/_Things_You_Should_Never_Put_in_E_Mail_and_Other_Communication_Tips/1" target="_blank">original story</a> as well for the full meal deal): </p> <blockquote> <p> <em>Don’t Do That! 10 E-Mail No-Nos </em> <p> <em><strong>1. Negative comments regarding your firm's executives.</strong> Too easy for someone else to forward accidentally.</em> <p> <em><strong>2. Performance criticism.</strong> Seems more "official" than when spoken, causing people to worry too much.</em> <p> <em><strong>3. Bonus or salary matters.</strong> Company plans may change.</em> <p> <em><strong>4. Racial or gender slurs.</strong> Enough said.</em> <p> <em><strong>5. Details relating to product liabilities.</strong> Court trail, anyone?</em> <p> <em><strong>6. Lies about your company's rivals.</strong> Another ticket to legal trouble.</em> <p> <em><strong>7. Office dish.</strong> If people want to spread their own news, let them.</em> <p> <em><strong>8. Sloppy writing.</strong> Your image is at stake, even if you're hacking away on a </em><a href="http://www.cio.com/article/125602/subject/BlackBerry+Mobile+Devices"><em>BlackBerry</em></a><em>.</em> <p> <em><strong>9. Sarcastic humor.</strong> Without inflection or visual cues, it's risky.</em> <p> <em><strong>10. Private matters.</strong> Don't e-mail details on any part of your life that you wouldn’t want to see in the newspaper.</em> <p> <em>Source: Dianna Booh</em> </p> </blockquote> <p> Been bit before? What else do you think should you never, ever put into an email? </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=7b71ce80-037f-4a74-94d9-78fdcfb6ea91" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,7b71ce80-037f-4a74-94d9-78fdcfb6ea91.aspx Management Random Stuff Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=95381308-504c-4b70-8cd8-71eaf492c1fd http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,95381308-504c-4b70-8cd8-71eaf492c1fd.aspx http://www.greghughes.net/rant/CommentView,guid,95381308-504c-4b70-8cd8-71eaf492c1fd.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=95381308-504c-4b70-8cd8-71eaf492c1fd 2

IMG_0307Went out this evening for a hour or so ride with a friend on the dirt bike and ATV. Had a great time, but I need to remember when I come to a sudden end of a road, the front brake is not the first one to grab. I can't believe I did that.

Ouch. Thank God for helmets and gloves. Sorry for the detailed picture. A reminder's a reminder. And it's a knee, if you're trying to figure that out.

I've had one past motorcycle mishap that resulted in injury, which involved a deer in the roadway. This one was just me being stupid. I also had a ATV screw up once that I got a bit of a bruise on, and that's about it. This time, a couple bruised and beat up knees, some scrapes on my chest and a sore, sprained wrist are pretty much all the injuries I walked away with (plus a bit of a sprained ego, I suppose), which is excellent considering I went over the bars and straight into the packed gravel road. I did what I learned in sports as a kid - walked it off and got back on. And took it really easy the rest of the ride, heh.

Anyhow, I am posting this embarrassing moment to serve as a reminder to me and to others not to be a sloppy idiot on a motorcycle. The rear brake is down there by your right foot. Right foot good. Right hand bad.

Right foot, right foot, right, foot right foot, right f...

Doh!



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Note to self... http://www.greghughes.net/rant/PermaLink,guid,95381308-504c-4b70-8cd8-71eaf492c1fd.aspx http://www.greghughes.net/rant/NoteToSelf.aspx Sun, 08 Jul 2007 07:29:55 GMT <p> </p> <p> <img style="border-right: 0px; border-top: 0px; margin: 0px 0px 0px 15px; border-left: 0px; border-bottom: 0px" height="240" alt="IMG_0307" src="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/Notetoself_483/IMG_0307_1.jpg" width="180" align="right" border="0">Went out this evening for a hour or so ride with a friend on the dirt bike and ATV. Had a great time, but I need to remember when I come to a sudden end of a road, the front brake is not the first one to grab. I can't believe I did that. </p> <p> Ouch. Thank God for helmets and gloves. Sorry for the detailed picture. A reminder's a reminder.&nbsp;And it's a knee, if you're trying to figure that out. </p> <p> I've had one past motorcycle mishap that resulted in injury, which involved a deer in the roadway. This one was just me being stupid. I also had a ATV screw up once that I got a bit of a bruise on, and that's about it. This time, a couple bruised and beat up knees, some scrapes on my chest and a sore, sprained wrist are pretty much&nbsp;all the injuries I walked away with (plus a bit of a sprained ego, I suppose), which is excellent considering I went over the bars and straight into the packed gravel road. I did what I learned in sports as a kid - walked it off and got back on. And took it <em>really</em> easy the rest of the ride, heh. </p> <p> Anyhow, I am posting this embarrassing moment to serve as a reminder to me and to others not to be a sloppy&nbsp;idiot on a motorcycle. The rear brake is down there by your right foot. Right foot good. Right hand bad. </p> <p> Right foot, right foot, right, foot right foot, right f... </p> <p> Doh! </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=95381308-504c-4b70-8cd8-71eaf492c1fd" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,95381308-504c-4b70-8cd8-71eaf492c1fd.aspx Personal Stories Random Stuff Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=7620d0a8-77a1-44ba-ac25-30d8ea771f9e http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,7620d0a8-77a1-44ba-ac25-30d8ea771f9e.aspx http://www.greghughes.net/rant/CommentView,guid,7620d0a8-77a1-44ba-ac25-30d8ea771f9e.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=7620d0a8-77a1-44ba-ac25-30d8ea771f9e 1

Okay now people, those of us who grew up elsewhere in snow and ice know what it means to drive in it (and have a bunch of reasons not to). I mean, I learned to drive in three feet of snow ferchrysake... There are times when you just have to restrain yourself. So, if you live in a city where it gets icy once or twice a year, and if the only way you can drive halfway decently is if its dark and cloudy but completely dry on the ground (you know, when even direct sunlight makes you lose control), then please please please please... just don't leave the house when there is snow or ice on the ground. Especially in a vehicle. That nice AWD car or four wheel drive SUV won't help you one little bit as soon as you touch the brakes... But it will dent. There is no force field.

Evidence to support my argument is available by clicking the pretty picture. Please review. TYVM:


(photo from King5 News)

"Elementary teacher Derek Porter witnessed 15 different car
collisions on icy roads outside his Portland apartment
Tuesday morning and caught several on home video."



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Ice and Snow Bad. Portland drivers worse... http://www.greghughes.net/rant/PermaLink,guid,7620d0a8-77a1-44ba-ac25-30d8ea771f9e.aspx http://www.greghughes.net/rant/IceAndSnowBadPortlandDriversWorse.aspx Wed, 17 Jan 2007 07:05:18 GMT <p> Okay now people, those of us who grew up elsewhere&nbsp;in snow and ice know what it means to drive in it (and have a bunch of reasons not to). I mean, I learned to drive in three feet of snow ferchrysake... There are times when you just have to restrain yourself. So, if you live in a city where it gets icy once or twice a year, and if the only way you can drive halfway decently is if its dark and cloudy but completely dry on the ground (you know, when even direct sunlight makes you lose control), then please please please <em>please</em>... just don't leave the house when there is snow or ice on the ground. Especially in a vehicle. That nice AWD car&nbsp;or four wheel drive SUV won't help you one little bit as soon as you touch the brakes... But it will dent. There is no force field. </p> <p> Evidence to support my argument is available by clicking the pretty picture. Please review. TYVM: </p> <p align="center"> <a href="http://www.king5.com/sharedcontent/VideoPlayer/videoPlayer.php?vidId=114054&amp;catId=231" target="_new" atomicselection="true"><img style="margin: 0px 0px 5px 15px" src="http://www.greghughes.net/rant/content/binary/WindowsLiveWriter/Andyouthoughtyoudseenitall_14242/snowportlandhomevideo%5B3%5D.jpg"></a> <br> <em><font size="1">(photo from <a href="http://www.king5.com/sharedcontent/VideoPlayer/videoPlayer.php?vidId=114054&amp;catId=231" target="_blank">King5 News</a>)</font></em> </p> <p align="center"> <em><font size="2">"Elementary teacher Derek Porter witnessed 15 different car <br> collisions on icy roads outside his Portland apartment <br> Tuesday morning and caught several on home video."</font></em> </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=7620d0a8-77a1-44ba-ac25-30d8ea771f9e" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,7620d0a8-77a1-44ba-ac25-30d8ea771f9e.aspx Random Stuff Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=99fdbd6f-3589-4a2e-aefd-6762aef547b8 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,99fdbd6f-3589-4a2e-aefd-6762aef547b8.aspx http://www.greghughes.net/rant/CommentView,guid,99fdbd6f-3589-4a2e-aefd-6762aef547b8.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=99fdbd6f-3589-4a2e-aefd-6762aef547b8

I'm in the process of moving my email for the greghughes.net domain to a new mail server, and I've realized - once again - just how complicated spammers have made our lives. Especially from a technical standpoint.

PTR records in DNS and RBL records on services that no one ever heard of and which have no set rules to determine what gets on the list or how to engage them in getting off a list. What a mess. Luckily I am not on any RBL lists (with the exception of one idiotic one that everyone seems to be on, and which I certainly hope no one ever uses). But I have friends and acquaintances who have been in that boat before and it's not fun.

But the biggest pain with moving a mail server has to be DNS propagation and the wrenches people throw into it. Enough time has passed that all locations should be pointing to the new mail server, because the old DNS records have expired. Yet there are a significant number of (large and prominent) email and Internet service providers (including my own) that are apparently caching longer than the record provides. Fun. That means I am checking two mail servers (and that's a bit of a challenge, let me tell you), and that I cannot send email to pretty much anyone until the planets align and the name server records line up.

Even my web site still has a few bots and spiders and other systems munging through it. I wonder if they'll notice when I turn it off?

One other thing I have observed. The spammers also don't respect caching of DNS records, but in the opposite manner. Instead of caching a record for too long, they completely ignore the cache settings to make sure they can flood your new mail server with as much crap as possible, as quickly as possible.

Ah, gotta love it!



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Email migration pain http://www.greghughes.net/rant/PermaLink,guid,99fdbd6f-3589-4a2e-aefd-6762aef547b8.aspx http://www.greghughes.net/rant/EmailMigrationPain.aspx Mon, 01 Jan 2007 18:47:54 GMT <p> I'm in the process of moving my email for the greghughes.net domain to a new mail server, and I've realized - once again -&nbsp;just how complicated spammers have made our lives. Especially from a technical standpoint. </p> <p> PTR records in DNS and RBL records on services that no one ever heard of and which have no set rules to determine what gets on the list or how to engage them in getting off a list. What a mess. Luckily I am <em>not</em> on any RBL lists (with the exception of one idiotic one that everyone seems to be on, and which I certainly hope no one ever uses). But I have friends and acquaintances who have been in that boat before and it's not fun. </p> <p> But the biggest pain with moving a mail server has to be DNS propagation and the wrenches people throw into it. Enough time has passed that all locations should be pointing to the new mail server, because the old DNS records have expired. Yet there are a significant number of (large and prominent) email and Internet service providers (including my own)&nbsp;that are apparently caching longer than the record provides. Fun. That means I am checking two mail servers (and that's a bit of a challenge, let me tell you), and that I cannot send email to pretty much anyone until the planets align and the name server records line up. </p> <p> Even my web site still has a few bots and spiders and other systems munging through it. I wonder if they'll notice when I turn it off? </p> <p> One other thing I have observed. The spammers <em>also</em> don't respect caching of DNS records, but in the opposite manner. Instead of caching a record for too long, they completely <em>ignore</em> the cache settings to make sure they can flood your new mail server with as much crap as possible, as quickly as possible. </p> <p> Ah, gotta love it! </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=99fdbd6f-3589-4a2e-aefd-6762aef547b8" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,99fdbd6f-3589-4a2e-aefd-6762aef547b8.aspx Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=0095ea5d-4e06-40cc-bd58-6f4c548eb446 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,0095ea5d-4e06-40cc-bd58-6f4c548eb446.aspx http://www.greghughes.net/rant/CommentView,guid,0095ea5d-4e06-40cc-bd58-6f4c548eb446.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=0095ea5d-4e06-40cc-bd58-6f4c548eb446 2

Some things just bug me. Sometimes I write them down. :)

For example - What is it that makes the concept of putting stuff into the overhead bins on airplanes so freakin' complicated? People just don't seem to get it, despite the repeated intercom begging performed by the flight attendants to put rollaways in wheels first, wheels first, WHEELS FREAKIN' FIRST.

Even worse, there's a subset of people who, when asked to move their bag to the optimal position in order to accommodate others, can get downright indignant. What is it with these people? Move your bag, sit down and shuddup already. They didn't build that bin - or this whole airplane - just for you. Jeez.

I dunno why this bugs me so much. I guess it's because the underlying message from such people is that they don't really care how their behavior, stuff or actions affect others. We have enough of that kind of problem already in this day and age. We really don't need it when a couple hundred people are jammed into a metal tube with wings and a couple engines hanging off a few bolts hurtling said flying torpedo through the air at a few hundred miles an hour.

Okay, I feel a little better now. Heh.



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Angry People and the Overhead Bins http://www.greghughes.net/rant/PermaLink,guid,0095ea5d-4e06-40cc-bd58-6f4c548eb446.aspx http://www.greghughes.net/rant/AngryPeopleAndTheOverheadBins.aspx Mon, 23 Oct 2006 01:51:35 GMT <p> </p> <p> Some things just bug me. Sometimes I write them down. :) <p> For example - What is it that makes the concept of putting stuff into the overhead bins on airplanes so freakin' complicated? People just don't seem to get it, despite the repeated intercom begging performed by the flight attendants to put rollaways in wheels first, <em>wheels first</em>, <em>WHEELS FREAKIN' FIRST</em>. <p> Even worse, there's a subset of people who, when asked to move their bag to the optimal position in order to accommodate others, can get downright indignant. What is it with these people? Move your bag, sit down and shuddup already. They didn't build that bin - or this whole airplane -&nbsp;just for you. Jeez. <p> I dunno why this bugs me so much. I guess it's because the underlying message from such people is that they don't really care how their behavior, stuff or actions affect others. We have enough of that kind of problem already in this day and age. We really don't need it&nbsp;when a couple hundred people are jammed into a metal tube with wings and a couple engines hanging off a few bolts&nbsp;hurtling&nbsp;said flying&nbsp;torpedo through the air at a few hundred miles an hour. <p> Okay, I feel a little&nbsp;better now. Heh. </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=0095ea5d-4e06-40cc-bd58-6f4c548eb446" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,0095ea5d-4e06-40cc-bd58-6f4c548eb446.aspx Random Stuff Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=efdabbdd-4987-4594-9a66-00e0131ad66d http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,efdabbdd-4987-4594-9a66-00e0131ad66d.aspx http://www.greghughes.net/rant/CommentView,guid,efdabbdd-4987-4594-9a66-00e0131ad66d.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=efdabbdd-4987-4594-9a66-00e0131ad66d 8

Vista_logoWell, honestly, it's about time.

Bloggers are all over the story, and are espousing a variety of opinions, but I have wondered for years when Microsoft would finally crack down on software thieves and simply not allow their software to run unless it was legitimately licensed. I'm responsible for cutting a big check each year to Microsoft to pay for the software we use at the company I work at. It costs me more, in effect, because others are taking without paying.

So, Windows Vista will detect piracy and take action. In Microsoft's words:

"Collectively termed the Microsoft Software Protection Platform, the new technologies will introduce improvements in how Microsoft software activates, is validated online and behaves when tampering or hacking is detected."

Thinking about this from a security guy's perspective, one thing bothers me: Turning off the anti-malware capabilities on unlicensed copies? Are you kidding me? That means the rest of the world falls victim to everyone out there that's running pirated Windows? Please, please, please change this one - Microsoft might be a victim, but no need to invite the rest of the world into that club. And it looks like Richi Jennings agrees with me on that one. That's just poor prioritization. Hopefully someone will rethink the approach in that specific area...

Elsewhere, Ed Bott at ZDNet has written a very good piece describing the changes and his thoughts on the matter. He has some important point, ones that Microsoft should make sure they have thought completely through and have a plan for - especially where it comes to Volume License customers. Those are the people you don't want to aggravate, for sure.

Among Bott's comments:

Microsoft denies that this is a "kill switch" for Windows Vista, even giving it a separate question and answer in its mock interview announcing the program. Technically, they're right, I suppose. Switching a PC into a degraded functionality where all you can do is browse the Internet doesn't kill it; but it's arguably a near-death experience. The accompanying white paper describes the experience in more detail:

By choosing "Access your computer with reduced functionality," the default Web browser will be started and the user will be presented with an option to purchase a new product key. There is no start menu, no desktop icons, and the desktop background is changed to black. The Web browser will fully function and Internet connectivity will not be blocked. After one hour, the system will log the user out without warning. It will not shut down the machine, and the user can log back in. Note: This is different from the Windows XP RFM experience, which limits screen resolution, colors, sounds and other features. [emphasis added]

My head practically exploded when I read this sentence describing the new, improved punishment regimen: "Windows Vista will have a reduced functionality mode but one that is enhanced." Enhanced reduced functionality? Orwell would be proud.

Snarky as ever, Engadget reports:

Well, Microsoft has fired the first salvo in this war on pirates -- according to The Associated Press, the Redmond crew will be taking "much harsher steps to curtail piracy" than in years past. First, the company will "deny access" to some of the "most anticipated features," including Windows Aero, the new GUI. Then, Vista will start issuing ransom demands (we're not kidding about this part), demanding that a legitimate copy be bought within 30 days, or else. What would such consequences entail? How about limiting Web access to an hour at a time? Further, what about not being able to open documents from the desktop or "run other programs such as Outlook e-mail software" ? However, the article goes on to say: "Microsoft said it won't stop a computer running pirated Vista software from working completely, and it will continue to deliver critical security updates." So for those of you keeping score, Microsoft wants to make using your computer as miserable as possible, while keeping it as "safe" as possible, ok?

People out there will whine and complain and say it's not fair, that it's all a bunch of red tape and people will be inconvenienced (and they might be right about that one point), and a million other things that go along with the typical victim mentality (sorry guys, but possession of stolen goods is illegal, even if it's inconvenient, and possessing stolen stuff unknowingly doesn't make the goods any less stolen). And Microsoft needs to make sure that legitimate users are not impacted in a truly meaningful and workable way. But the fact of the matter is that Microsoft is right on this one. In fact, it seems to me that if I ran a company that created software for use by consumers and businesses, and if I wanted to make sure it was being legitimately used and paid for, I'd just keep it from working at all if it was obviously stolen.

But the politics of huge-mega-corporation-attacked-by-angry-mob is a multi-billion-dollar business, apparently.

Glad to see they're finally doing something about it, though.

Some Techmeme-tracked discussion on the topic:

Technorati tags: , , , ,


greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Vista anti-piracy features will cripple illegitimate copies - finally http://www.greghughes.net/rant/PermaLink,guid,efdabbdd-4987-4594-9a66-00e0131ad66d.aspx http://www.greghughes.net/rant/VistaAntipiracyFeaturesWillCrippleIllegitimateCopiesFinally.aspx Thu, 05 Oct 2006 14:51:25 GMT <p> <img alt="Vista_logo" hspace="12" src="http://www.greghughes.net/images/Vista_logo.jpg" align="right" vspace="6" border="1">Well, honestly, <a href="http://www.microsoft.com/presspass/features/2006/oct06/10-04SoftwareProtection.mspx" target="_blank">it's about time</a>. </p> <p> Bloggers are all over the story, and are espousing a variety of&nbsp;opinions,&nbsp;but I have <a href="http://www.greghughes.net/rant/HeyMicrosoftGoAheadAndPatchPiratedSoftwareHeresHowToMakeItWork.aspx" target="_blank">wondered for years</a> when Microsoft would finally crack down on software thieves and simply not allow their software to run unless it was legitimately licensed. I'm responsible for cutting a big check each year to Microsoft to pay for the software we use at the company I work at. It costs me more, in effect, because others are taking without paying. </p> <p> So, Windows Vista will detect piracy and take action. In Microsoft's words: </p> <blockquote> <p> <em>"Collectively termed the Microsoft Software Protection Platform, the new technologies will introduce improvements in how Microsoft software activates, is validated online and behaves when tampering or hacking is detected."</em> </p> </blockquote> <p> Thinking about this from a security guy's perspective, one thing bothers me: Turning off the anti-malware capabilities on unlicensed copies? Are you kidding me? That means the rest of the world falls victim to everyone out there that's running pirated Windows? Please, please, please change this one - Microsoft might be a victim, but no need to invite the rest of the world into that club. And it looks like <a href="http://richi.co.uk/blog/2006/10/vista-software-protection-platform.html" target="_blank">Richi Jennings agrees with me on that one</a>. That's just poor prioritization. Hopefully someone will rethink the approach in that specific area... </p> <p> Elsewhere, <a href="http://blogs.zdnet.com/Bott/?p=148" target="_blank">Ed Bott at ZDNet has written a very good piece</a> describing the changes and his thoughts&nbsp;on the matter. He has some important point, ones that Microsoft should make sure they have thought completely through and have a plan for - especially where it comes to Volume License customers. Those are the people you don't want to aggravate, for sure. </p> <p> Among Bott's <a href="http://blogs.zdnet.com/Bott/?p=148" target="_blank">comments</a>: </p> <blockquote> <p> <em>Microsoft denies that this is a "kill switch" for Windows&nbsp;Vista, even&nbsp;giving it&nbsp;a separate question and answer in its mock interview announcing the program. Technically, they're right, I suppose. Switching a PC into a degraded functionality where all you can do is browse the Internet doesn't kill it; but it's arguably a near-death experience. The accompanying white paper describes </em><a></a><em>the experience in more detail: </em> <blockquote> <p> <em>By choosing "Access your computer with reduced functionality," the default Web browser will be started and the user will be presented with an option to purchase a new product key. <strong>There is no start menu, no desktop icons, and the desktop background is changed to black.</strong> The Web browser will fully function and Internet connectivity will not be blocked. <strong>After one hour, the system will log the user out without warning.</strong> It will not shut down the machine, and the user can log back in. Note: This is different from the Windows XP RFM experience, which limits screen resolution, colors, sounds and other features. [emphasis added]</em> </p> </blockquote> <p> <em>My head practically exploded when I read this sentence describing the new, improved punishment regimen:&nbsp;"Windows Vista will have a reduced functionality mode but one that is enhanced." Enhanced reduced functionality? Orwell would be proud.</em> </p> </blockquote> <p> Snarky as ever, <a href="http://www.engadget.com/2006/10/04/microsoft-will-cripple-pcs-running-pirated-copies-of-vista/" target="_blank">Engadget reports</a>: </p> <blockquote> <p> <em>Well, Microsoft has fired the first salvo in this war on pirates -- according to The Associated Press, the Redmond crew will be taking "much harsher steps to curtail piracy" than in years past. First, the company will "deny access" to some of the "most anticipated features," including Windows Aero, the new GUI. Then, Vista will start issuing ransom demands (we're not kidding about this part), demanding that a legitimate copy be bought within 30 days, or else. What would such consequences entail? How about limiting Web access to an hour at a time? Further, what about not being able to open documents from the desktop or "run other programs such as Outlook e-mail software" ? However, the article goes on to say: "Microsoft said it won't stop a computer running pirated Vista software from working completely, and it will continue to deliver critical security updates." So for those of you keeping score, Microsoft wants to make using your computer as miserable as possible, while keeping it as "safe" as possible, ok?</em> </p> </blockquote> <p> People out there will whine and complain and say it's not fair, that it's all a bunch of red tape and people will be inconvenienced (and they might be right about that one point), and a million other things that go along with the typical victim mentality (sorry guys, but&nbsp;possession of stolen goods is illegal, even if it's&nbsp;inconvenient, and&nbsp;possessing stolen stuff&nbsp;unknowingly doesn't make the goods any less stolen). And Microsoft needs to make sure that legitimate users are not impacted in a truly meaningful and workable way. But the fact of the matter is that Microsoft is right on this one. In fact, it seems to me that if I ran a company&nbsp;that created&nbsp;software for use by consumers and businesses, and if I wanted to make sure it was being legitimately used and paid for, I'd just keep it from working <em>at all</em> if it was obviously stolen. </p> <p> But the politics of huge-mega-corporation-attacked-by-angry-mob is a multi-billion-dollar business, apparently. </p> <p> Glad to see they're finally doing <em>something</em> about it, though. </p> <p> Some Techmeme-tracked&nbsp;discussion on the topic: </p> <ul> <li> <cite>Matt Hickey / <a href="http://crunchgear.com/">CrunchGear</a>:</cite> <a href="http://crunchgear.com/2006/10/05/microsoft-readies-vista-for-piracy-wars/">Microsoft Readies Vista for Piracy Wars</a> <li> <cite>Jordan Running / <a href="http://www.downloadsquad.com/">Download Squad</a>:</cite> <a href="http://www.downloadsquad.com/2006/10/04/microsoft-threatens-to-cripple-pirated-vista-pcs/">Microsoft threatens to cripple pirated Vista PCs</a> <li> <cite>Cisco Cheng / <a href="http://gearlog.com/blogs/gearlog/default.aspx">Gearlog</a>:</cite> <a href="http://gearlog.com/blogs/gearlog/archive/2006/10/04/ReducedFM.aspx">Windows Vista: Reduced Functionality Mode</a> <li> <cite>Chron.Com / <a href="http://blogs.chron.com/techblog/">TechBlog</a>:</cite> <a href="http://blogs.chron.com/techblog/archives/2006/10/may_i_see_your.html">May I see your Windows license and registration, ma'am?</a> <li> <cite>Jack Schofield / <a href="http://blogs.guardian.co.uk/technology/">Guardian Unlimited</a>:</cite> <a href="http://blogs.guardian.co.uk/technology/archives/2006/10/04/microsofts_software_protection_platform_wga_will_get_tougher.html">Microsoft's Software Protection Platform — WGA will get tougher</a> <li> <cite><a href="http://www.computerworld.com/blogs/blog">Computerworld Blogs blogs</a>:</cite> <a href="http://www.computerworld.com/blogs/node/3657">Vista's SPP: bastard child of WPA and WGA? (and geek wallets)</a> <li> <cite>Ed Bott / <a href="http://blogs.zdnet.com/Bott">Ed Bott's Microsoft Report</a>:</cite> <a href="http://blogs.zdnet.com/Bott/?p=148">For Vista, WGA gets tougher</a> </li> </ul> <p> <div class="wlWriterSmartContent" id="0767317B-992E-4b12-91E0-4F059A8CECA8:7060227d-b18c-4ed0-9822-53485d8daa0b" contenteditable="false" style="padding-right: 0px; display: inline; padding-left: 0px; padding-bottom: 0px; margin: 0px; padding-top: 0px">Technorati tags: <a href="http://technorati.com/tags/Vista" rel="tag">Vista</a>, <a href="http://technorati.com/tags/Piracy" rel="tag">Piracy</a>, <a href="http://technorati.com/tags/WSPP" rel="tag">WSPP</a>, <a href="http://technorati.com/tags/Windows" rel="tag">Windows</a>, <a href="http://technorati.com/tags/Microsoft" rel="tag">Microsoft</a> </div> > <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=efdabbdd-4987-4594-9a66-00e0131ad66d" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,efdabbdd-4987-4594-9a66-00e0131ad66d.aspx IT Security Safe Computing Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=79d0929d-41e0-428f-b06d-68f70ffcddc5 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,79d0929d-41e0-428f-b06d-68f70ffcddc5.aspx http://www.greghughes.net/rant/CommentView,guid,79d0929d-41e0-428f-b06d-68f70ffcddc5.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=79d0929d-41e0-428f-b06d-68f70ffcddc5 2

Saw this coming a mile away. It's always fascinating when people - or companies - show their true colors.

Apple Computer is sending cease and desist letters, apparently, so a number of companies and organizations that are using the term "pod" in their positioning or names, claiming it causes confusion in the marketplace. Podcast Ready is the latest victim among several.

Give me a break.

The deal is this: It's said Apple has recently applied for coverage from the USPTO to get protection via trademark for the word "pod" in addition to the already protected term "iPod." They've not been granted protection, and I would hope they won't get it. "Podcast" is probably next on their list, at this rate. I see several others have already applied for the term and several variants.

But , after all, it doesn't take a solid legal footing to be a bully, it just takes - well - a bully mentality.

And now, it appears the fight is being taken to the podcasting playground. Despite the fact that Apple didn't invent the term "podcasting," and despite the fact that they adopted - even embraced - the term (and created a whole section and special logo for iTunes, etc.), Apple apparently believes they can Monday-morning-QB this one into the courts - and they must think they can win. One would hope that's not the case, but in California, who knows.

Don't get me wrong - Apple's a company that makes cool stuff and I own a Mac in addition to my PCs. But hey - no one likes a bully, especially when there's really nothing to gain, and a lot of people who could be negatively affected as a result of this move. The idea that the terms "Podcast Ready" and "myPodder" could be confusing in a way that hurts Apple is a stretch. "Podcast" is practically a household term now, and the fact is that Apple didn't jump in until well after it became the defacto standard name and term (despite some heated debates early on around the terminology).

Apple really needs to go find someone or something else to pick on, lest all the other kids on the playground get tired of the black eyes and bruises. Or send some of the lawyers out for a vacation or something. Their judgement is getting clouded.



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Apple on the playground: Don't say &quot;pod&quot; or we'll slap ya http://www.greghughes.net/rant/PermaLink,guid,79d0929d-41e0-428f-b06d-68f70ffcddc5.aspx http://www.greghughes.net/rant/AppleOnThePlaygroundDontSayQuotpodquotOrWellSlapYa.aspx Sat, 23 Sep 2006 17:45:06 GMT <p> Saw this coming a mile away. It's always fascinating when people - or companies - show their true colors. </p> <p> Apple Computer is sending cease and desist letters, apparently, so a number of companies and organizations that are using the term "pod" in their positioning or names, claiming it <a href="http://macnewsworld.com/story/52612.html" target="_blank">causes confusion</a> in the marketplace. <a href="http://blog.wired.com/music/index.blog?entry_id=1561308" target="_blank">Podcast Ready is the latest victim</a> among several. </p> <p> Give me a break. </p> <p> The deal is this: It's said Apple has recently&nbsp;<em>applied</em> for coverage from the USPTO to get protection via trademark for the word "pod" in addition to the already protected term "iPod." They've not been granted protection, and I would hope they won't get it. "Podcast" is probably next on their list, at this rate. I see several others <a href="http://tess2.uspto.gov/bin/showfield?f=toc&amp;state=lmbn2g.1.1&amp;p_search=searchss&amp;p_L=50&amp;BackReference=&amp;p_plural=yes&amp;p_s_PARA1=&amp;p_tagrepl%7E%3A=PARA1%24LD&amp;expr=PARA1+AND+PARA2&amp;p_s_PARA2=podcast&amp;p_tagrepl%7E%3A=PARA2%24COMB&amp;p_op_ALL=ADJ&amp;a_default=search&amp;a_search=Submit+Query&amp;a_search=Submit+Query" target="_blank">have already applied for the term</a>&nbsp;and several variants. </p> <p> But , after all, it doesn't take a solid legal footing&nbsp;to be a bully, it just takes - well - a bully mentality. </p> <p> And now, it appears&nbsp;the fight is being taken to the podcasting playground. Despite the fact that Apple <a href="http://en.wikipedia.org/wiki/Podcasting" target="_blank">didn't invent the term "podcasting,"</a> and despite the fact that they adopted - even <em>embraced</em> - the term (and created a whole section and special&nbsp;logo for iTunes, etc.), Apple apparently believes they can Monday-morning-QB this one into the courts - and they must think they can win. One would hope that's not the case, but <a href="http://en.wikipedia.org/wiki/9th_circuit" target="_blank">in California</a>, who knows. </p> <p> Don't get me wrong - Apple's a company that makes cool stuff and I own a Mac in addition to my PCs. But hey - no one likes a bully, especially when there's really nothing to gain, and a lot of people who could be negatively affected as a result of this move. The idea that the terms "<a href="http://www.podcastready.com/" target="_blank">Podcast Ready</a>" and "<a href="http://www.podcastready.com/download.php" target="_blank">myPodder</a>" could be confusing in a way that hurts Apple is a stretch. "Podcast" is <a href="http://www.oup.com/us/brochure/NOAD_podcast/?view=usa" target="_blank">practically a household term now</a>, and the fact&nbsp;is that&nbsp;Apple didn't jump in until well after it became the defacto standard name and term&nbsp;(despite some heated debates early on around the terminology). </p> <p> Apple really needs to go find someone or something&nbsp;else to pick on, lest all the other kids on the playground get tired of the black eyes and bruises. Or send some of the lawyers out for a vacation or something. Their judgement is getting clouded. </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=79d0929d-41e0-428f-b06d-68f70ffcddc5" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,79d0929d-41e0-428f-b06d-68f70ffcddc5.aspx Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=4e9a4f73-7788-4a07-b5e2-6f643ce57ad8 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,4e9a4f73-7788-4a07-b5e2-6f643ce57ad8.aspx http://www.greghughes.net/rant/CommentView,guid,4e9a4f73-7788-4a07-b5e2-6f643ce57ad8.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=4e9a4f73-7788-4a07-b5e2-6f643ce57ad8 1

Now and then I get to rant.

I am (once again) on an airplane, on my way to some upper Midwest city for the day, heading right back home this evening. You get real perspective on airplanes, you know. Perspective on things like heights and time - and on people, too. People you know you'll never see again. And when one knows they'll never see the people around them ever again, I guess they let their words flow more than they might otherwise. That can be good or bad.

There are two middle-aged guys, poorly dressed in corporate standard attire, in the row in front of me. Like as in one of these guys is wearing one beige dress sock and one navy one. They've been yapping away ever since we got on this flight three hours ago. We should have landed well over an hour ago, but they have these things called, umm, I think they're called 'delays' in the secret vernacular of air travel. Anyhow, no one really understands it, so we just sit in the broken down coach seat and smile like it's comfortable as the flight attendants walk up and down the aisles with forced smiles on their faces. You know, the smile that says 'Isn't this fun, we're all stuck on this thing going nowhere again, and we're gonna be late too, yay!'

Anyhow, at least I got some sleep, which is nice (seriously). But that's not my point.

Now I am back awake, and these same two yahoos (no, I don't mean they work at Yahoo! as that would be a compliment, and as you are about to see I have no compliments for these particular guys) are still going on and on about someone they apparently work for and how SHE (emphasis added to match their conversational emphasis on the fact that their supervisor is apparently female) does this and SHE does that and how SHE expects things and how SHE can't possibly understand. It's really rather amazing to listen to. It makes one want to yell "Shut up!"

They're also apparently very concerned about some presentations that they have to give. But they don't seem concerned at all about the actual content, or the audience, or whether the presentation convinces anyone or informs, or anything useful like that. Instead they're harping on and on about how SHE likes JOHN's presentations better, and how the other day they were afraid that they might not look like good presenters in the room with so-and-so, and what they might be able to do to make such-and-such look bad the next time.

Wow. And all of this where I can hear it, with a computer open to a PowerPoint deck I can clearly read and a company logo I can clearly see. And now one of the guys is opening a girly magazine.

Yahoos, I tell ya. And someone's paying them money to "do work."

Some people are truly amazing. Amazingly pathetic, that is. I'm glad I get to work with quality, decent people in my job. If I had to work with guys like this, I don't know if I could keep my mouth shut. Actually, I know I couldn't. They'd be right out the door, no question.



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Some people... http://www.greghughes.net/rant/PermaLink,guid,4e9a4f73-7788-4a07-b5e2-6f643ce57ad8.aspx http://www.greghughes.net/rant/SomePeople.aspx Fri, 01 Sep 2006 15:49:57 GMT <p> Now and then I get to rant. </p> <p> I am (once again) on an airplane, on my way to some upper Midwest city for the day, heading right back home this evening. You get real perspective on airplanes, you know. Perspective on things like heights and time -&nbsp;and on people, too. People you know you'll never see again. And when one knows they'll never see the people around them ever again, I guess they let their words flow more than they might otherwise. That can be good or bad. </p> <p> There are two middle-aged guys, poorly dressed in corporate standard attire, in the row in front of me. Like as in one of these&nbsp;guys is wearing&nbsp;one beige dress sock and one navy one. They've been yapping away ever since we got on this flight three hours ago. We should have landed well over an hour ago, but they have these things called, umm, I think&nbsp;they're called 'delays' in the secret vernacular of air travel. Anyhow, no one really understands it, so we just sit in the&nbsp;broken down coach seat and smile like it's comfortable as the flight attendants walk up and down the aisles with forced smiles on their faces. You know, the smile that says 'Isn't this fun, we're all stuck on this thing going nowhere again,&nbsp;and we're gonna be late too, yay!' </p> <p> Anyhow, at least I got some sleep, which is nice (seriously). But that's not my point. </p> <p> Now I am back awake, and these same two yahoos (no, I don't mean they work at Yahoo! as that would be a compliment, and as you are about to see I have no compliments for these particular&nbsp;guys) are still going on and on about someone they apparently work for and how SHE (emphasis added to match their conversational emphasis on the fact that their supervisor is apparently female) does this and SHE does that and how SHE expects things and how SHE can't possibly understand. It's really rather amazing to listen to. It makes one want to yell "Shut up!" </p> <p> They're also apparently very concerned about some presentations that they have to give. But they don't seem concerned at all about the actual content, or the audience, or whether the presentation convinces anyone or informs, or anything useful like that. Instead they're harping on and on about how SHE likes JOHN's presentations better, and how the other day they were afraid that they might not look like good presenters in the room with so-and-so, and what they might be able to do to make&nbsp;such-and-such look bad the next time. </p> <p> Wow. And all of this where I can hear it, with a computer open to a PowerPoint deck I can clearly read and a company logo I can clearly see. And now one of the guys is opening a girly magazine. </p> <p> Yahoos, I tell ya. And someone's paying them money to "do work." </p> <p> Some people are truly amazing. Amazingly pathetic, that is. I'm glad I get to work with quality, decent&nbsp;people in my job. If I had to work with guys like this, I don't know if I could keep my mouth shut. Actually, I know I couldn't. They'd be right out the door, no question. </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=4e9a4f73-7788-4a07-b5e2-6f643ce57ad8" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,4e9a4f73-7788-4a07-b5e2-6f643ce57ad8.aspx Random Stuff Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=a647f572-8b73-49d6-b458-a54e219db6c7 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,a647f572-8b73-49d6-b458-a54e219db6c7.aspx http://www.greghughes.net/rant/CommentView,guid,a647f572-8b73-49d6-b458-a54e219db6c7.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=a647f572-8b73-49d6-b458-a54e219db6c7

Proof that cyber-crime is real, Consumer Reports is out with their State of the Net survey. It's pretty much as bad as we all know. From MSNBC:

"...American consumers lost more than $8 billion over the last two years to viruses, spyware and various schemes.

" Additionally, it shows consumers face a 1-in-3 chance of becoming a cybervictim -about the same as last year."

Thing is, prevention is much less costly than reactively paying for damage already done. You want to prevent the guy from getting into your place? Or do you prefer to let him in but then keep him from walking out the door with your money? Or are you like most people, who are resigned to watching him walk out the door with the prize, throwing your hands up in the air, and blaming someone (anyone, really) else?

How do we convince people, and what will it take?



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. State of the Net: Over $8 billion lost in past two years http://www.greghughes.net/rant/PermaLink,guid,a647f572-8b73-49d6-b458-a54e219db6c7.aspx http://www.greghughes.net/rant/StateOfTheNetOver8BillionLostInPastTwoYears.aspx Wed, 09 Aug 2006 21:57:19 GMT <p> Proof that cyber-crime is real, Consumer Reports is out with their State of the Net survey. It's pretty much as bad as we all know. <a href="http://www.msnbc.msn.com/ID/14242897">From MSNBC</a>: </p> <blockquote dir="ltr" style="MARGIN-RIGHT: 0px"> <p> <em>"...American consumers lost more than $8 billion over the last two years to viruses, spyware and various schemes. </em> </p> <p class=textBodyBlack> <span id=byLine></span><em>" Additionally, it shows consumers face a 1-in-3 chance of becoming a cybervictim -about the same as last year."</em> </p> </blockquote> <p class=textBodyBlack> Thing is, prevention is much less costly than reactively paying for damage already done. You want to prevent the guy from getting into your place? Or do you prefer to let him in but then keep him from walking out the door with your money? Or are you like most people, who are resigned to watching him walk out the door with the prize, throwing your hands up in the air, and blaming someone (anyone, really) else? </p> <p class=textBodyBlack> How do we convince people, and what will it take? </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=a647f572-8b73-49d6-b458-a54e219db6c7" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,a647f572-8b73-49d6-b458-a54e219db6c7.aspx IT Security Safe Computing Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=30acceb4-aa74-48af-9862-cfff4dea6124 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,30acceb4-aa74-48af-9862-cfff4dea6124.aspx http://www.greghughes.net/rant/CommentView,guid,30acceb4-aa74-48af-9862-cfff4dea6124.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=30acceb4-aa74-48af-9862-cfff4dea6124 1


UPDATE -

AOL apologizes (not as if it makes a difference at this point, though):

"This was a screw-up, and we're angry and upset about it. It was an innocent enough attempt to reach out to the academic community with new research tools, but it was obviously not appropriately vetted, and if it had been, it would have been stopped in an instant," AOL, a unit of Time Warner, said in a statement. "Although there was no personally identifiable data linked to these accounts, we're absolutely not defending this. It was a mistake, and we apologize. We've launched an internal investigation into what happened, and we are taking steps to ensure that this type of thing never happens again."


AOL, over on their research wiki site, on Sunday posted an article describing their release of search data collected for more than a half million AOL users over a three month period. They claimed the data was made "anonymous," and that it was being released for research reasons. Problem is, it's not anonymous enough. Each unique user was replaced with a unique random identifier. That means you can see everything that user 336072 searched for. What if someone examined everything you searched for over three months? Even without knowing your name explicitly, do you think they might be able to find out some interesting things? Have you ever done a "vanity" search?

It's just not anonymous enough. I have a copy of the data that I downloaded before it was taken offline, and I've poked around in it a bit, so I know. Not only that, but spammers and search engine "optimizers" out there are going to have a field-freakin-day with this data. No, I won't share it with anyone else. It never should have been released in the first place, so I am not going to add fuel to the fire.

Michael Arrington at TechCrunch wrote about it in his blog entry entitled "AOL Proudly Releases Massive Amounts of Private Data," and updated his post a couple times as AOL mysteriously removed the data file from the web, as well as the page announcing the availability.

Arrington: "AOL must have missed the uproar over the DOJ's demand for "anonymized" search data last year that caused all sorts of pain for Microsoft and Google. That's the only way to explain their release of data that includes 20 million web queries from 650,000 AOL users."

When you consider that AOL search is - get this one - actually Google's search with a different face on it, you can imagine what the emails and phone calls that went flying around between the two companies on Sunday afternoon might have sounded like. Ouch.

Yeah, and so much for the privacy of AOL's users. If you're an AOL user, is that what you signed up for, to be a guinea pig in AOL's poorly-planned foray into academia? I think not. This is identity theft just waiting to happen, that's what this is. Again from Arrington:

"The data includes personal names, addresses, social security numbers and everything else someone might type into a search box. The most serious problem is the fact that many people often search on their own name, or those of their friends and family, to see what information is available about them on the net. Combine these ego searches with porn queries and you have a serious embarrassment. Combine them with "buy ecstasy" and you have evidence of a crime. Combine it with an address, social security number, etc., and you have an identity theft waiting to happen. The possibilities are endless. "

Google says "do no evil" and keeps this kind of data under wraps when challenged in federal court. AOL? Not so much.

Any would-be AOL boycotters better be prepared, though. Last we checked, you can't even cancel your account at AOL without being put through the ringer. Several years ago when I canceled mine it was a several-months-long experience before I was able to decipher enough to get the billing truly stopped. Coming and going, that's how they get ya in Dulles... There's a reason PC Magazine ranked AOL "Number One" in a list of things you'd really rather not be on...

Technorati : , , ,



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. AOL screws the pooch - or at least about 650,000 of their own users http://www.greghughes.net/rant/PermaLink,guid,30acceb4-aa74-48af-9862-cfff4dea6124.aspx http://www.greghughes.net/rant/AOLScrewsThePoochOrAtLeastAbout650000OfTheirOwnUsers.aspx Mon, 07 Aug 2006 10:25:00 GMT <strong> <p> <hr> </p> <p> UPDATE - </strong> <a href="http://news.com.com/2100-1030_3-6102793.html">AOL apologizes</a> (not as if it makes a difference at this point, though):> <blockquote dir=ltr style="MARGIN-RIGHT: 0px"> <p> <em>"This was a screw-up, and we're angry and upset about it. It was an innocent enough attempt to reach out to the academic community with new research tools, but it was obviously not appropriately vetted, and if it had been, it would have been stopped in an instant," AOL, a unit of Time Warner, said in a statement. "Although there was no personally identifiable data linked to these accounts, we're absolutely not defending this. It was a mistake, and we apologize. We've launched an internal investigation into what happened, and we are taking steps to ensure that this type of thing never happens again."</em> </p> </blockquote> <p dir=ltr> <hr> </p> <p> AOL, over on their research wiki site, on Sunday posted an article describing their release of search data collected for more than a half million AOL users over a three month period. They claimed the data was made "anonymous," and that it was being released for research reasons. Problem is, it's not anonymous enough. Each unique user was replaced with a unique random identifier. That means you can see everything that user 336072 searched for. What if someone examined everything <em>you</em> searched for over three months? Even without knowing your name explicitly, do you think they might be able to find out some interesting things? Have you ever done a <a href="http://www.urbandictionary.com/define.php?term=vanity+search">"vanity" search</a>? </p> <p> It's just not anonymous enough. I have a copy of the data that I downloaded before it was taken offline, and I've poked around in it a bit, so I know. Not only that, but spammers and search engine "optimizers" out there are going to have a field-freakin-day with this data. No, I won't share it with anyone else. It never should have been released in the first place, so I am not going to add fuel to the fire. </p> <p> Michael Arrington at TechCrunch wrote about it in his blog entry entitled "<a title="permanent link to aol proudly releases massive amounts of private data" href="http://www.techcrunch.com/2006/08/06/aol-proudly-releases-massive-amounts-of-user-search-data/" rel=bookmark>AOL Proudly Releases Massive Amounts of Private Data</a>," and updated his post a couple times as AOL mysteriously removed the data file from the web, as well as the page announcing the availability. </p> <blockquote dir=ltr style="MARGIN-RIGHT: 0px"> <p> <a href="http://www.techcrunch.com/2006/08/06/aol-proudly-releases-massive-amounts-of-user-search-data/">Arrington</a>: <em>"AOL must have missed the uproar over the DOJ's demand for "anonymized" search data last year that caused all sorts of pain for Microsoft and Google. That's the only way to explain their release of data that includes 20 million web queries from 650,000 AOL users."</em> </p> </blockquote> <p> When you consider that AOL search is - get this one - actually Google's search with a different face on it, you can imagine what the emails and phone calls that went flying around between the two companies on Sunday afternoon might have sounded like. Ouch. </p> <p> Yeah, and <a href="http://www.zoliblog.com/blog/_archives/2006/8/6/2204969.html">so much for the privacy of AOL's users</a>. If you're an AOL user, is that what you signed up for, to be a guinea pig in AOL's poorly-planned foray into academia? I think not. This is identity theft just waiting to happen, that's what this is. Again <a href="http://www.techcrunch.com/2006/08/06/aol-proudly-releases-massive-amounts-of-user-search-data/">from Arrington</a>: </p> <blockquote dir=ltr style="MARGIN-RIGHT: 0px"> <p> <em><em>"The data includes personal names, addresses, social security numbers and everything else someone might type into a search box. The most serious problem is the fact that many people often search on their own name, or those of their friends and family, to see what information is available about them on the net. Combine these ego searches with porn queries and you have a serious embarrassment. Combine them with "buy ecstasy" and you have evidence of a crime. Combine it with an address, social security number, etc., and you have an identity theft waiting to happen. The possibilities are endless.</em></em> " </p> </blockquote> <p> Google says "do no evil" and keeps this kind of data under wraps when challenged in federal court. AOL? Not so much. </p> <p> Any would-be AOL boycotters better be prepared, though. Last we checked, you <a href="http://www.youtube.com/watch?v=xIVZ9b0RgmY">can't even cancel your account</a> at AOL without being put through the ringer. Several years ago when I canceled mine it was a several-months-long experience before I was able to decipher enough to get the billing truly stopped. Coming and going, that's how they get ya in Dulles... There's a reason PC Magazine ranked AOL "<a href="http://www.pcworld.com/article/125772-2/article.html">Number One</a>" in a list of things you'd really rather not be on... </p> <p class=zoundry_bw_tags> <!-- Tag links generated by Zoundry Blog Writer. Do not manually edit. http://www.zoundry.com --><span class=ztags><span class=ztagspace>Technorati</span> : <a class=ztag href="http://technorati.com/tag/AOL" rel=tag>AOL</a>, <a class=ztag href="http://technorati.com/tag/privacy" rel=tag>privacy</a>, <a class=ztag href="http://technorati.com/tag/private%20data" rel=tag>private data</a>, <a class=ztag href="http://technorati.com/tag/release" rel=tag>release</a></span> </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=30acceb4-aa74-48af-9862-cfff4dea6124" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,30acceb4-aa74-48af-9862-cfff4dea6124.aspx IT Security Safe Computing Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=2b6bc592-1e47-4df3-8a9d-c1932be8a53e http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,2b6bc592-1e47-4df3-8a9d-c1932be8a53e.aspx http://www.greghughes.net/rant/CommentView,guid,2b6bc592-1e47-4df3-8a9d-c1932be8a53e.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=2b6bc592-1e47-4df3-8a9d-c1932be8a53e

Tell me what you think, share what you know... In large part, I help catch bad guys for a living. So I have my own perspective and base of experience, but please share yours.

You may already be familiar with the term "phishing" and possibly you have a good idea of what it means. If you're not familiar with the term, you should be. Essentially, bad guys set up fake "phishing" web sites, typically by copying an online banking or other e-commerce site. The bad guys then send out emails or use other means to try to get you to visit the fraudulent web site they've set up, in hopes you'll think it's legitimate and "update" Phishing - click for Univerity of Colorado's takeyour banking or other private information there. In reality you're not communicating with the actual bank or e-commerce company at all, and you're not really updating anything - Rather, you are providing confidential identity and financial information to cyber-criminals. The bad guys then use that information to steal money, defraud you and others, and to create a new identity or leverage yours for their own gain. They're good at what they do, and the fact of the matter is, it works well enough for those who are the best in their "industry" (and it is its own micro-industry, as we'll discuss) to be motivated to make a career of it.

The general technique of convincing you via trickery to give up your private and sensitive information is called "social engineering." Bad guys act in ways that cause you think you're communicating with a legitimate business, but in reality you're being defrauded of information and - in turn - your financial and identity assets. More recently even myspace.com and similar sites have been faked, so we know these criminals are creative and go after us where we live. Whether it's a phone call from someone who sounds like a legitimate business person or a web site that looks like it's the real thing, it's all social engineering - tricking you into believing you're communicating information to a legitimate person or business when you're not.

You've likely seen emails show up in your in-box that pretend to be from ABC Bank or XYZ Credit Union. Beware any email that request information from you. The emails typically say something has happened to your account or that they;re verifying information, and you need to update your information by clicking a link to go to the bank's web site. But those emails are fakes, and so are the sites that load when you click the link. They're sent (well, spammed really) to anywhere from a few thousand to millions of people at once. Even when only a very small percentage of victims actually take the bait (hence the term phishing, eh?) , the bad guys win and come out ahead - big time.

Unfortunately, people do take the bait. I see it every single day in my work. Just the other day I dealt with a situation in which someone who provided their information to a phishing site fraudster was ripped off for $19,000. We're talking about serious stuff here... Now, when you lose money it's sometimes recoverable (but not always - you can sometimes be held responsible for giving away security secrets, after all). But if someone steals your private identifying information - things like driver's license numbers, dates of birth, social security numbers and the like - it's bad news. You're in trouble. Recovering from a stolen identity can be nearly - and oftentimes completely - impossible. You can get a couple thousand dollars back if you get tricked into giving up a password, but you can't take back your social security number once someone knows it.

You get the picture.

So, phishing is when someone sends an email and tries to get you to provide your secret information on a web site that looks like a legitimate one, but which is really just a fake copy that some bad guy controls. A lot like walking into what you think is your favorite coffee chain and walking out with a Strychnine latte, really. And on top of that, you paid the bad guy who you thought was your friendly barista $5 for it - and left a tip.

We've covered some of the basics of phishing fraud - just the first thin layer of the problem, actually. Over the course of some future posts, we'll dig a bit deeper into the details of what makes up a phishing campaign and what can be done about it. We'll also discuss pharming, spear-phishing and other cute terms that start with "ph" but which are really just about the farthest thing from cute you can imagine.

There are solid reasons for this madness that plagues the financial service and e-commerce industries. But truly understanding the problem means more than just knowing what phishing emails look like and avoiding fake sites. The fact that the sites are even there in the first place, that the email actually reaches your in-box, that you can't tell a fake site from the real one - all of these things are problems in and of themselves. To truly prevent the problem - and let's face it, prevention is the golden key here - we need to know and understand much, much more.

For instance, do you know why certain banks, credit unions and online retailers are targeted over others? Here's a hint: It's not always about how many customers they have to target or how big a name the bank is, although that can be a factor. Many of the biggest targets are credit unions with just a few thousand customers. And do you know what the phishers actually do with the information they fraudulently trick you into providing?

Do you have any idea who the bad guys are?

That's a taste of what we'll be discussing here over the next few weeks. I'll publish some of my thoughts on these topics and more. Not the secret stuff that lets us catch them, but the information consumers and institutions can use to help combat the problem. It's an opportunity to learn and share information. If you have ideas, thoughts or comments about the phishing problem, or online fraud in general, please leave a comment on this entry, or write about it on your own blog, or alternatively you can email me (but please use the comments if it's safe and reasonable to do so in order to provide the benefit to others - I tend to get a lot of emails that would be much better from a community standpoint if they were posted instead as comments). I'll leverage my own thoughts as well as the thoughts of others like you to help build parts of the future discussion. With hat tips all along the way, of course.



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Let's talk about Phishing Scams - more devious than you probably know http://www.greghughes.net/rant/PermaLink,guid,2b6bc592-1e47-4df3-8a9d-c1932be8a53e.aspx http://www.greghughes.net/rant/LetsTalkAboutPhishingScamsMoreDeviousThanYouProbablyKnow.aspx Sat, 29 Jul 2006 06:04:12 GMT <p> <em>Tell me what you think, share what you know... In large part, I help catch bad guys for a living. So I have my own perspective and base of experience, but please share yours.</em> </p> <p> You may already be familiar with the term "<a href="http://www.colorado.edu/its/security/awareness/phishing/">phishing</a>" and possibly you have a good idea of what it means. If you're not familiar with the term, you should be. Essentially, bad guys set up fake "phishing" web sites, typically by copying an online banking or other e-commerce site.&nbsp;The bad guys then send out emails or use other means to try to get you to&nbsp;visit the fraudulent web site they've set up,&nbsp;in hopes you'll think&nbsp;it's legitimate&nbsp;and "update" <img alt="Phishing - click for Univerity of Colorado's take" src="http://www.greghughes.net/images/phishing.jpg" align="right" border="0" hspace="12" vspace="12">your banking or other private information there. In reality you're not communicating with the actual&nbsp;bank or e-commerce com<a href="http://www.colorado.edu/its/security/awareness/phishing/"></a>pany at all, and you're not really <em>updating </em>anything - Rather, you are providing confidential identity and financial&nbsp;information to cyber-criminals. The bad guys then use that information to steal money, defraud you and others, and to create a new identity&nbsp;or leverage yours for their own gain. They're good at what they do, and the fact of the matter is, it works well enough for those who are the best in their "industry" (and it is its own micro-industry, as we'll discuss) to be motivated to make a career of it. </p> <p> The general technique of convincing you via trickery&nbsp;to&nbsp;give up your private and sensitive information&nbsp;is&nbsp;called "social engineering." Bad guys act in ways that cause you think you're&nbsp;communicating with a legitimate business, but in reality you're being defrauded of information and - in turn - your financial and identity assets.&nbsp;More recently even myspace.com and similar sites have been faked, so we know these criminals are creative and go after us where we live.&nbsp;Whether it's a phone call from someone who sounds like a legitimate business person or a web site that looks like it's the real thing, it's all social engineering - tricking you into believing you're communicating information to a legitimate person or business when you're not. </p> <p> You've likely seen emails show up in your in-box that pretend to be from ABC Bank or XYZ Credit Union. Beware any email that request information from you. The emails typically say something has happened to your account or that they;re verifying information,&nbsp;and you need to update your information by clicking a link to go to the bank's web site. But those emails&nbsp;are fakes, and so are the sites that load when you click the link. They're&nbsp;sent (well, spammed really)&nbsp;to&nbsp;anywhere from a few thousand to <em>millions</em> of people at once. Even when&nbsp;only a very small percentage of victims actually&nbsp;take the bait&nbsp;(hence the term <em>phishing</em>, eh?) , the bad guys win and come out ahead -&nbsp;big time. </p> <p> Unfortunately, people <em>do</em> take the bait. I see it every single day in my work. Just the other day I dealt with a situation in which someone who provided their information to a phishing site fraudster was ripped off for $19,000. We're talking&nbsp;about serious stuff here... Now, when you lose money it's sometimes recoverable (but not always - you can sometimes be held responsible for giving away security secrets, after all). But if someone steals your private identifying information&nbsp;- things like driver's license numbers, dates of birth, social security numbers and the like - it's bad news.&nbsp;You're in trouble. Recovering from a stolen identity can be nearly - and oftentimes&nbsp;completely -&nbsp;impossible. You can get a couple thousand dollars back if you get tricked into giving up a password, but you can't take back your social security number once someone knows it. </p> <p> You get the picture. </p> <p> So, phishing is when someone sends an email and tries to get you to provide your secret information on a web site that looks like a legitimate one, but which is really just a fake copy that some bad guy controls. A lot like walking into what you <em>think</em> is your favorite coffee chain and walking out with a Strychnine latte, really. And on top of that, you paid the bad guy who you thought was your friendly barista $5 for it - and left a tip. </p> <p> We've covered some of the basics of phishing fraud&nbsp;- just the first thin layer of the problem, actually.&nbsp;Over the course of some future posts, we'll dig a bit deeper into the details of what makes up a phishing campaign and what can be done about it. We'll also discuss pharming, spear-phishing and other cute terms that start with&nbsp;"ph" but which are really just about the farthest thing from cute you can imagine. </p> <p> There are solid reasons for this madness that plagues the financial service and e-commerce industries. But truly understanding the problem means more than just knowing what phishing emails look like and avoiding fake sites. The fact that the sites are even <em>there </em>in the first place, that the email actually <em>reaches</em> your in-box, that&nbsp;you can't tell a fake site from the real one - all of these things are problems in and of themselves. To truly prevent the problem - and let's face it, <em>prevention</em> is the golden key here - we need to know and understand much, much more. </p> <p> For instance, do you know <em>why</em> certain banks, credit unions and online retailers&nbsp;are targeted over others? Here's a hint: It's not always about how many customers they have to target or how big a name the bank is, although that can be a factor. Many of the biggest targets are credit unions with just a few thousand customers. And do you know what the phishers actually <em>do</em> with the information they fraudulently trick you into providing? </p> <p> Do you have any idea <em>who</em> the bad guys are? </p> <p> That's a taste of what we'll be discussing here over the next few weeks. I'll publish some of my&nbsp;thoughts on these topics and more. Not the secret stuff that lets us catch them, but the information consumers and institutions can use to help combat the problem. It's an opportunity to learn and&nbsp;share information. If you have ideas, thoughts or comments about the&nbsp;phishing problem, or online fraud in general,&nbsp;please leave a comment on this entry, or write about it on your own blog, or alternatively you can email me (but please use the comments if it's safe and reasonable to do so in order to provide the benefit to others - I tend to get a lot of emails that would be much better from a community standpoint if they were posted instead as comments). I'll leverage my own thoughts as well as the thoughts of others like you&nbsp;to help build parts of the future discussion. With hat tips all along the way, of course. </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=2b6bc592-1e47-4df3-8a9d-c1932be8a53e" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,2b6bc592-1e47-4df3-8a9d-c1932be8a53e.aspx IT Security Safe Computing Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=67e68145-4faf-4b60-b7ec-18c4adc13236 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,67e68145-4faf-4b60-b7ec-18c4adc13236.aspx http://www.greghughes.net/rant/CommentView,guid,67e68145-4faf-4b60-b7ec-18c4adc13236.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=67e68145-4faf-4b60-b7ec-18c4adc13236 2

Honestly, I can't tell you how tired of the typical, average, mundane, same-old PowerPoint presentation I have become. 99 percent of the time, as soon as any given PowerPoint presentation starts, I can feel the bile and boredom start to slosh and boil in my gut - in part because I sit through so darn many presentations, but even more so because most presentations - well - they just suck.

There's nothing quite like a slide deck with all the bulleted words the presenter that will be coming right out of the speakers mouth, if your intent is to say to your audience, "Hey, you're an idiot, so let me read this to you." Who's the idiot, really? There's nothing more redundant than reading and listening to the same thing. Or even worse, a zillion words on the screen and the speaker is talking about something else entirely. You lost me at "Hello."

So more and more I feel like I'm wasting my time. "Read to me, speak at me, bore me with bullets ad nauseum." Please, don't.

Don't get me wrong - I know people don't do this on purpose, they're trying hard and - well - it's the way everyone else does it, right? I also know I'm being a bit harsh (in order to make a point, really). It's just that for most every presentation anymore it doesn't matter all that much what it's actually about, because it's so much like everyone else's. PowerPoint is PowerPoint is PowerPoint, and it's tiring.

If you sell a product, or an idea, or some thing, you don't want it to be just like everyone else's do you? Apply that rule to your presentation style - How do you differentiate yourself from the crowd?

We actually love the crowd, of course, because it's easy to stand out when everyone else is doing the same thing. But it's worth risking having to work harder at it if a few people will revisit their presentations and get out of the common PowerPoint traps.

Anyhow, I got to a point where I was also hating giving presentations with PowerPoint (which I do quite often), not because of the PowerPoint application itself, but because of the fact that all my presentations seemed to be basically the same, and all the templates out there seem to encourage it: Long bulleted lists, points to read aloud, graphs and charts and nasty nasty nasty clip-art. Seriously, using clip-art should be a felony. No, really. Seriously. Like as in prison.

So, a couple weeks ago I took a chance on a presentation I gave at a conference, and went all Lessig-ish with it. A couple words on each screen to punctuate the salient points, a plain white background with big, readable black letters centered on the screen, and the rest was all talk. No handouts (and believe me that was a real surprise for the attendees - but it's not like they walked out or rioted or anything). It took some concentrated effort to create the new presentation. Not rocket-science level effort, mind you - but extra work it was. Time well spent.

And - get this - it worked. The audience was engaged and the conversation (which is what it's all about - exchanging thoughts and ideas, as opposed to making a speech, right?) was interesting, for everyone including me. You could tell the format and style was something new for the audience, for sure, but the looks on people's faces were certainly fun to watch. And the thing is, they actually had looks on their faces. Gone was the blank gaze. Everyone in the room was looking at me as I spoke, and that means making a connection. They'd glance at the screen momentarily and then look back to me for the information, not the other way around. We actually looked in each others' eyes. Now, it's not that I have some kind of problem where I desperately need that kind of attention - it's just that it's clear as day that direct, personal communication is much noticeably more effective and meaningful.

The questions from the crowd at the session were good - They were thoughtful, and the audience was obviously tuned in. Not that my audiences aren't tuned in in general - quite the opposite. But in this presentation you could sense the difference - One could feel the connection and involvement noticeably more.

After the conference, we sent my spartan slides, along with the relatively detailed speaker notes printed on the page below each slide, in PDF form to anyone who attended and wanted it. Gotta provide those handouts at some point, you know... Unless it's caught on video or something.

One of the best and most effective presenters I know personally, Scott Hanselman (it's my week to link to Scott, heh), called it "Existential Presentation." I assume by that he means free, individual, unique, possibly even rebellious. I can see that. 

Personally, being the practical and somewhat-less-eloquent guy I am, I see it as a kind of resurrection of some form of miraculous goodness from the hell of a bloated and obese PowerPoint existence. Ah, existence. I get it, Scott!

Anyhow -- What do you think?

P.S.  Great resources for presenters and presentation authors (hey - you do write your own presentations, right???):

  • Presentation Zen Blog (which has been subscribed in my aggregator for quite some time)
  • Garr Reynolds presentation tips
  • Scott Hanselman's Tips for a Successful Microsoft Presentation (great stuff)

From the comments, Jim Holmes points out a couple more great ones:

and Shane Perran also has some excellent suggestions:

  • Steve Jobs - Simply brilliant when it comes to presentation. That goes for most of the Apple design/marketing team
  • www.guykawasaki.com - Guy Kawasaki - A one time Apple guy turned VC and absolute master of presentation
  • sethgodin.typepad.com - Seth Godin - Author of the ever popular Purple Cow and another master presenter and storyteller
  • www.alertbox.com - Jakob Neilson - While wildly hard-nosed about design, he knows content usability like no other - mostly web oriented, there is a lot of carry over

Those are all good ones, and most all those blogs I subscribe to (and the rest I just did, heh). Presentation is about content, style, design, personality, conversation... All important components.



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Existential Presentation - PowerPoint on a diet http://www.greghughes.net/rant/PermaLink,guid,67e68145-4faf-4b60-b7ec-18c4adc13236.aspx http://www.greghughes.net/rant/ExistentialPresentationPowerPointOnADiet.aspx Fri, 21 Jul 2006 22:51:58 GMT <p> Honestly, I can't tell you how tired of the typical, average, mundane, same-old&nbsp;PowerPoint presentation I have become. 99 percent of the time, as soon as any given&nbsp;PowerPoint presentation starts, I can feel the bile and boredom start to slosh and boil&nbsp;in my gut - in part because I sit through so darn many presentations, but even more so because most presentations - well - they&nbsp;just suck. </p> <p> There's nothing quite like a slide deck with all the bulleted words the presenter&nbsp;that will be coming right out of the speakers mouth,&nbsp;if your intent is to say to your audience, "Hey, you're an idiot, so let me read this to you." Who's the idiot, <em>really?</em> There's nothing more redundant than reading and listening to the same thing. Or even worse, a zillion words on the screen and the speaker is talking about something else entirely. You lost me at "Hello." </p> <p> So more and more I feel like I'm wasting my time. "Read to me, speak at me, bore me with bullets ad nauseum." Please, don't. </p> <p> Don't get me wrong - I know people <em>don't</em> do this on purpose, they're trying hard and - well - it's the way everyone else does it, right? I also know I'm being a bit harsh (in order to make&nbsp;a point, really). It's just that&nbsp;for most every presentation anymore&nbsp;it doesn't matter all that much what it's actually about, because it's so much&nbsp;like everyone else's. PowerPoint is PowerPoint is PowerPoint, and it's tiring. </p> <p> If you sell a product, or an idea, or some thing, you don't want it to be just like everyone else's do you? Apply that rule to your presentation style - How do you differentiate yourself from the crowd? </p> <p> We actually love the crowd, of course, because it's easy to stand out when everyone else is doing the same thing. But it's worth risking having to work harder at it if a few people will revisit their presentations and get out of the common PowerPoint traps. </p> <p> Anyhow, I&nbsp;got&nbsp;to a point where I was&nbsp;also hating <em>giving</em> presentations with PowerPoint (which I do quite often), not because of the PowerPoint application itself, but because of the fact that all my presentations seemed to be basically the same, and all the templates out there seem to encourage it: Long bulleted lists, points to read aloud, graphs and charts and nasty nasty nasty clip-art. Seriously, using clip-art should be a <em>felony</em>. No, really. Seriously. Like as in <em>prison</em>. </p> <p> So, a couple weeks ago I took a chance on a presentation I gave at a conference, and went all <a href="http://presentationzen.blogs.com/presentationzen/2005/10/the_lessig_meth.html">Lessig-ish</a>&nbsp;with it. A couple words on each screen to punctuate the salient points, a plain white background with big, readable black letters centered on the screen,&nbsp;and the rest was all talk. No handouts (and believe me&nbsp;<em>that</em> was a real surprise for the attendees -&nbsp;but it's not like they walked out or rioted or anything). It took some concentrated effort to create the new presentation. Not rocket-science level effort, mind you - but extra work it was. Time well spent. </p> <p> And - get this - it worked. The audience was engaged and the conversation (which is what it's all about - <em>exchanging </em>thoughts and ideas, as opposed to making a speech, right?) was interesting, for everyone including me. You could tell the format and style was something new for the audience, for sure, but the looks on people's faces were certainly fun to watch. And the thing is, they actually had looks on their faces. Gone was the blank gaze. Everyone in the room was looking at me as I spoke, and that means making a connection. They'd glance at the screen momentarily and then look back to me for the information, not the other way around. We actually <em>looked in each others' eyes</em>. Now, it's not that I have some kind of problem where I desperately need that kind of attention -&nbsp;it's just that&nbsp;it's clear as day&nbsp;that direct, personal&nbsp;communication is much noticeably more effective and meaningful. </p> <p> The questions from the crowd at the session were good -&nbsp;They were thoughtful, and the audience was obviously tuned in. Not that my audiences aren't tuned in in general - quite the opposite. But in this presentation you could sense the difference - One could feel the connection and involvement noticeably more. </p> <p> After the conference, we sent my spartan slides, along with the relatively detailed speaker notes printed&nbsp;on the page below each slide, in PDF form to anyone who attended and wanted it. Gotta provide those handouts at some point, you know... Unless it's caught on video or something. </p> <p> One of the best and most effective&nbsp;presenters I know personally, <a href="http://www.hanselman.com/blog">Scott Hanselman</a> (it's my week to link to Scott, heh), called it "Existential Presentation."&nbsp;I assume by that he means free, individual, unique, possibly even rebellious. I can see that.&nbsp; </p> <p> Personally, being the practical and somewhat-less-eloquent guy I am, I see it as a kind of resurrection of some form of miraculous goodness from the hell of a bloated and obese&nbsp;PowerPoint existence.&nbsp;Ah, existence. I get it, Scott! </p> <p> Anyhow -- What do you think? </p> <p> <em>P.S.&nbsp; Great resources for presenters and presentation authors (hey - you <u>do</u> write your own presentations, right???): </em> </p> <ul> <li> <a href="http://presentationzen.blogs.com/"><em>Presentation Zen Blog</em></a><em> (which has been subscribed in my aggregator for quite some time)</em> <li> <em>Garr Reynolds presentation tips</em> <li> <em>Scott Hanselman's Tips for a Successful Microsoft Presentation (great stuff)</em> </li> </ul> <p> From the comments, <a href="http://frazzleddad.com/">Jim Holmes</a> points out a couple more great ones: </p> <ul> <li> Dick Hardt - <a href="http://www.identity20.com/media/OSCON2005">http://www.identity20.com/media/OSCON2005</a>&nbsp;<em>(which is a great presentation on top of his great style)</em> <li> Cliff Atkinson's "Beyond Bullet Points" is a good book, and his companion site - <a href="http://beyondbulletpoints.com/">http://beyondbulletpoints.com</a> - has had lots of good info in the past</li> </ul> <p> and <a href="http://www.graphicalwonder.com/">Shane Perran</a> also has some excellent suggestions: </p> <ul> <li> Steve Jobs - Simply brilliant when it comes to presentation. That goes for most of the Apple design/marketing team <li> <a href="http://www.guykawasaki.com/">www.guykawasaki.com</a> - Guy Kawasaki - A one time Apple guy turned VC and absolute master of presentation <li> <a href="http://sethgodin.typepad.com/">sethgodin.typepad.com</a>&nbsp;- Seth Godin - Author of the ever popular Purple Cow and another master presenter and storyteller <li> <a href="http://www.alertbox.com/">www.alertbox.com</a> - Jakob Neilson - While wildly hard-nosed about design, he knows content usability like no other - mostly web oriented, there is a lot of carry over</li> </ul> <p> Those are all good ones, and most all those blogs I subscribe to (and the rest I just did, heh). Presentation is about content, style, design, personality, conversation... All important components. </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=67e68145-4faf-4b60-b7ec-18c4adc13236" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,67e68145-4faf-4b60-b7ec-18c4adc13236.aspx Random Stuff Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=a69e7a13-3393-4747-b932-13f938c06cc7 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,a69e7a13-3393-4747-b932-13f938c06cc7.aspx http://www.greghughes.net/rant/CommentView,guid,a69e7a13-3393-4747-b932-13f938c06cc7.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=a69e7a13-3393-4747-b932-13f938c06cc7 3 Stupid lawsuit of the week: Look-alike sues Michael Jordan and Nike for $832 million http://www.greghughes.net/rant/PermaLink,guid,a69e7a13-3393-4747-b932-13f938c06cc7.aspx http://www.greghughes.net/rant/StupidLawsuitOfTheWeekLookalikeSuesMichaelJordanAndNikeFor832Million.aspx Fri, 07 Jul 2006 06:41:02 GMT <p> Just when you thought you'd seen it all, well - you'll just have to check this one out for yourself (from <a href="http://www.kgw.com/news-local/stories/kgw_070606_news_jordan_lookalike.314c6e50.html">KGW.com</a>). </p> <p> Straight from the Portland Bureau of Ridiculousness... </p> <blockquote dir="ltr" style="MARGIN-RIGHT: 0px"> <p> <em>A Northeast Portland man is suing basketball superstar Michael Jordan and Nike founder Phil Knight for a combined $832 million. Allen Heckard filed the suit himself, June 29th in Washington County Court. Heckard says he&rsquo;s been mistaken as Michael Jordan nearly every day over the past 15 years and he&rsquo;s tired of it. </em> </p> <div align="center"> <div class="vitstoryimagecenter" style="WIDTH: 320px"> <p align="right"> <em><img height="230" alt="" src="http://www.kgw.com/news-local/stories/L_IMAGE.10c152b4e38.93.88.fa.d0.3150f8e1.jpg" width="320" border="0" />&nbsp;<br /> kgw.com</em> </p> </div> </div> <p> <em>&ldquo;I'm constantly being accused of looking like Michael and it makes it very uncomfortable for me,&rdquo; said Heckard. </em> </p> <p> <em>Heckard is suing Jordan for defamation and permanent injury and emotional pain and suffering. He&rsquo;s suing Knight for defamation and permanent injury for promoting Jordan and making him one of the most recognized men in the world.</em> </p> </blockquote> <p> Uhhh... Yeah, right. <a href="http://www.kgw.com/news-local/stories/kgw_070606_news_jordan_lookalike.314c6e50.html">You can read the whole story here</a>. And roll your eyes like me. Rolling eyes is so much fun. What an idiot. </p> <p> My favorite quote from the story: </p> <blockquote dir="ltr" style="MARGIN-RIGHT: 0px"> <p> <em>Some might wonder how he decided to sue Knight and Jordan for $416-million each. "Well, you figure with my age and you multiply that times seven and ah, then I turn around and ah I figure that's what it all boils down to."</em> </p> </blockquote> <p dir="ltr"> Wow. Scary thing is he might get&nbsp;a few bucks tossed at him&nbsp;to go away. Or if we're lucky he'll lose hard and get stuck with the defendants' attorney's fees. You think he considered that possibility? </p> <p dir="ltr"> What an idiot. Sorry, but there are times when you just have to come out and say it. </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=a69e7a13-3393-4747-b932-13f938c06cc7" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,a69e7a13-3393-4747-b932-13f938c06cc7.aspx Random Stuff Things that Suck http://www.greghughes.net/rant/Trackback.aspx?guid=18739897-b0fc-41b0-8b03-d6c6703f2f9e http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,18739897-b0fc-41b0-8b03-d6c6703f2f9e.aspx http://www.greghughes.net/rant/CommentView,guid,18739897-b0fc-41b0-8b03-d6c6703f2f9e.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=18739897-b0fc-41b0-8b03-d6c6703f2f9e 5

The headline reads: "Credit card security rules to get update."

I see that and I think to myself, "Hey, cool."

Then I read the story.

What it should have said: "Credit card security rules that make perfect sense and protect your identity are about to be flushed right down the toilet because companies say it's too hard."

Now, that's not so cool.

Why is that? Industry requirements that were put in place not too long ago that required companies to encrypt sensitive information are going to be removed. Yes, you read that right - Removing the already established requirement to encrypt the data that is most sensitive and valuable. I'm not one who typically leans in the direction of government mandated standards, but in the absence of private self-regulation and in this particular case...

From CNET's News.com:

While security stands to benefit from a broader, another proposed change to the security rules may hurt security of consumer data, critics said. The new version of PCI will offer merchants more alternatives to encryption as a way to secure consumer data.

"Today, the requirement is to make all information unreadable wherever it is stored," Maxwell said. But this encryption requirement is causing so much trouble for merchants that credit card companies are having trouble dealing with requests for alternative measures, he said.

In response, changes to PCI will let companies replace encryption with other types of security technology, such as additional firewalls and access controls, Maxwell said. "There will be more-acceptable compensating and mitigating controls," he said.

The Payment Card Industry (PCI) security standard was developed to improve the security of applications processing credit card transactions. In the best-practices world of layered security, we deploy security in multiple locations and in different parts of the lifecycle. We even get redundant, especially in areas that matter the most.

To think that more firewalls can protect data in a way that makes it unnecessary to encrypt is ridiculous. Encryption protects data from theft when other layers are compromised. It keeps data safe even from internal theft (and trust me, that's at least as common as external theft, often even more so). It means - if done correctly - that even is a server is stolen from a datacenter,  the bad guys still cannot get at the information that's stored in a secured form on the machine. Keeping people out is important, but encryption is about the bad guys that already got in. So let's can the firewall arguments, although perimeter security is still a critical thing to deploy.

Scanning software to make sure you cover the threats and reduce the chance of successful attack is a good thing - but having people analyze it with eyeballs is significantly better. Scanning software only finds the low hanging fruit that is exposed on the outside layers and only finds the things we already know about. It provides no mechanism for creative scrutiny and under-layer analysis. It doesn't account for finding the new threats and vulnerabilities. Those things take active brains and connected eyeballs. It's what I don't know how to detect that will kill me in this case. It's the holes I can't see today, but which will be all too obvious tomorrow. So let's drop the "build secure software" argument as an alternative to encryption, although it's still an important thing to do.

Ultimately, cutting out the data encryption requirements will make it easier for companies that do transactions - by trading off the security of sensitive, personal information. It comes at our expense. It's a bad idea. And you should do something about it.

It's not easy to do 99% of what makes up my job, and it's not always fun. Security is hard. It's not really supposed to be easy. But I do it because it's necessary and right. The identity of users is the proverbial gold and crown jewels of this real-life game. It's not about protecting institutional assets - it's all about protecting individual people's identities.

To be concise: Removing the encryption requirement is a fundamentally bad idea that will hurt real people in the real world. Especially in this day and age of identity theft and with the endless news stories covering data loss and theft where the data is vulnerable specifically because it's not encrypted, I'm rather shocked by the decision. It's another example of where doing what's right falls victim to doing what costs less and reduces complaints.

It's time to stand up for what's right for security. First of all, as a business you should not be storing any personal information that's not absolutely necessary and that I have not specifically told you I want you to store for me.  Protection of the personal information you do store is your responsibility, but I own it. Encryption of my sensitive information in your systems should be a requirement, not a nice-to-have or a convenience-based suggestion.

Period.



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Visa and Mastercard prepare to take one giant step backward - and your identity will be at risk http://www.greghughes.net/rant/PermaLink,guid,18739897-b0fc-41b0-8b03-d6c6703f2f9e.aspx http://www.greghughes.net/rant/VisaAndMastercardPrepareToTakeOneGiantStepBackwardAndYourIdentityWillBeAtRisk.aspx Sun, 02 Jul 2006 00:05:10 GMT <p> The <a href="http://news.com.com/2100-1029_3-6072594.html">headline</a> reads: "Credit card security rules to get update." </p> <p> I see that and I think to myself, "Hey, cool." </p> <p> Then I read the story. </p> <p> What it <em>should</em> have said: "Credit card security rules that make perfect sense and protect your identity are about to be flushed right down the toilet because companies say it's too hard." </p> <p> Now, that's <em>not</em> so cool. </p> <p> Why is that? Industry requirements that were put in place not too long ago that required companies to encrypt sensitive information are going to be <em>removed</em>. Yes, you read that right - Removing the already established requirement to encrypt the data that is most sensitive and valuable. I'm not one who typically leans in the direction of government mandated standards, but in the absence of private self-regulation and in this particular case... </p> <blockquote dir="ltr" style="margin-right: 0px;"> <p> <em><a href="http://news.com.com/2100-1029_3-6072594.html">From CNET's News.com</a>:</em> </p> <p> <em>While security stands to benefit from a broader, another proposed change to the security rules may hurt security of consumer data, critics said. The new version of PCI will offer merchants more alternatives to encryption as a way to secure consumer data. </em> </p> <p> <em>"Today, the requirement is to make all information unreadable wherever it is stored," Maxwell said. But this encryption requirement is causing so much trouble for merchants that credit card companies are having trouble dealing with requests for alternative measures, he said. </em> </p> <p> <em>In response, changes to PCI will let companies replace encryption with other types of security technology, such as additional firewalls and access controls, Maxwell said. "There will be more-acceptable compensating and mitigating controls," he said.</em> </p> </blockquote> <p> The Payment Card Industry (PCI) security standard was developed to improve the security of applications processing credit card transactions. In the best-practices world of layered security, we deploy security in multiple locations and in different parts of the lifecycle. We even get redundant, especially in areas that matter the most. </p> <p> To think that more firewalls can protect data in a way that makes it unnecessary to encrypt is ridiculous. Encryption protects data from theft when other layers are compromised. It keeps data safe even from internal theft (and trust me, that's at least as common as external theft, often even more so). It means - if done correctly - that even is a server is stolen from a datacenter,&nbsp; the bad guys still cannot get at the information that's stored in a secured form&nbsp;on the machine. Keeping people out is important, but encryption is about the bad guys that already got in. So let's can the firewall arguments, although perimeter security is still a critical thing to deploy. </p> <p> Scanning software to make sure you cover the threats and reduce the chance of successful attack&nbsp;is a good thing&nbsp;- but having people analyze it with eyeballs is significantly better. Scanning software only finds the low hanging fruit that is exposed on the outside layers and only finds the things we already know about. It provides no mechanism for creative scrutiny and under-layer analysis. It doesn't account for finding the new threats and vulnerabilities. Those things take active brains and connected eyeballs. It's what I don't know how to detect that will kill me in this case. It's the holes I can't see today, but which will be all too obvious tomorrow. So let's drop the "build secure software" argument as an alternative to encryption, although it's still an important thing to do. </p> <p> Ultimately, cutting out the data encryption requirements <em>will</em> make it <em>easier</em> for companies that do transactions -&nbsp;by trading off the&nbsp;security of sensitive, personal information. It comes at our expense. It's a bad idea. And you should do something about it. </p> <p> It's not easy to do 99% of what makes up my job, and it's not always fun. Security is hard. It's not really supposed to be easy. But I do it because it's necessary and right. The identity of users is the proverbial gold and crown jewels of this real-life game. It's not about protecting institutional assets -&nbsp;it's all about protecting individual people's identities. </p> <p> To be concise: Removing the encryption requirement is a fundamentally bad idea that will hurt real people in the real world. Especially in this day and age of identity theft and&nbsp;with the endless news stories covering data loss and theft where the data is vulnerable specifically because it's not encrypted,&nbsp;I'm rather shocked by the decision. It's another example of where doing what's right falls victim to doing what costs less and reduces complaints. </p> <p> It's time to stand up for what's right for security. First of all, as a business you should not be storing any personal information that's not absolutely necessary and that I have not specifically told you I want you&nbsp;to store for me.&nbsp; Protection of the personal information you do store is your responsibility, but I own it. Encryption of my sensitive information in your systems should be a <em>requirement</em>, not a nice-to-have or a convenience-based suggestion. </p> <p> Period. </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=18739897-b0fc-41b0-8b03-d6c6703f2f9e" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,18739897-b0fc-41b0-8b03-d6c6703f2f9e.aspx IT Security Safe Computing Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=6e6f3388-3d70-4ee7-81e5-0567d04d3a6c http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,6e6f3388-3d70-4ee7-81e5-0567d04d3a6c.aspx http://www.greghughes.net/rant/CommentView,guid,6e6f3388-3d70-4ee7-81e5-0567d04d3a6c.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=6e6f3388-3d70-4ee7-81e5-0567d04d3a6c 3 Identity Theft - A list of data breaches, why I'm shocked and angry, and why you should be, too... http://www.greghughes.net/rant/PermaLink,guid,6e6f3388-3d70-4ee7-81e5-0567d04d3a6c.aspx http://www.greghughes.net/rant/IdentityTheftAListOfDataBreachesWhyImShockedAndAngryAndWhyYouShouldBeToo.aspx Tue, 06 Jun 2006 06:06:00 GMT <p> A coworker <a href="http://www.wired.com/news/wireservice/0,71079-0.html?tw=wn_index_15">sent me a link to a news article</a> today, yet another one about a data breach from - you guessed it - a stolen laptop. This one was an auditor working for Ernst &amp; Young and doing an audit of Hotels.com, and apparently the auditor (and I can't believe this) left it in his or her car and it was broken into and stolen. </p> <p> So now, <em>thousands</em> of Hotels.com customers' personal data - meaning names, addresses and credit card information of about 243,000 people - is potentially in the hands of someone who could use it improperly. Oh, and by the way, <em>my name is certainly on that list</em>. </p> <p> Up until today I was frustrated to no end with these events. </p> <p> Now it's personal. Now I'm <em>angry</em>. </p> <p> And get this: The theft occurred in February and Ernst &amp; Young didn't notify Hotels.com until <em>the first week of May</em>. What??? And on top of <em>that</em>, customers were not notified until a few days ago. You've got to be kidding me... </p> <p> <em><strong>This post contains some useful&nbsp;information about data breaches,&nbsp;packaged with a bit of a rant by yours truly about information security - or the serious lack thereof - in US companies and institutions.</strong> As a reminder, what I post here is my own opinion and not that of my employer or anyone else. I work in information and cyber security, and I care - a lot - about these issues.</em> </p> <p> There's a major attitude problem - let's call it a lackadaisical mentality -&nbsp;out there and it's <em>high time someone did something about it</em>. Lazy security means lots of helpless victims, and we're so far behind the 8-ball as a country it's downright scary. There's a fundamental "people problem" at the root of this, and no matter how much technology we throw at it, the analog physical and human components need to be addressed before any of the technical issues can be resolved. </p> <p> The Privacy Rights Clearinghouse maintains <a href="http://www.privacyrights.org/ar/ChronDataBreaches.htm">an online chronology of data breaches</a> with descriptions of each event, outlining any known data breaches that have occurred since February, 2005. </p> <p> All told, as of the time I write this, there are <strong>84,797,096</strong> individuals whose identities are known to have been included in these data breaches. Banks, universities, health care providers, insurance companies, corporations, credit card providers... Lord only knows about the ones that have <em>not</em> been reported. Ugh, it's depressing. It's also ridiculous. </p> <p> What bothers me the most is how often the term "stolen laptop" shows up in the list. What <em>in the world</em> are people doing with sensitive information stored on computers that can <em>walk out the doors</em> of all of these heavily regulated companies and institutions? It's insane from a security management perspective. </p> <p> But then again, let's take a look at just how many US banks, universities, health care providers, insurance companies, corporations and&nbsp;credit card providers are certified under some kind of recognized information security management standard. Let's take the big standards - BS 7799-2 and ISO 27001 - for example. </p> <p> BS 7799-2:2002 (in this case, the "BS" stands for "British Standards") has long been the recognized standard for overall security management, and the new ISO/IEC 27001:2005 international standard is basically BS 7799-2:2002 in an updated form. It's also related to ISO 17799, since we're throwing around fancy names. Ultimately it's all the same stuff, just renamed and reassigned. The 27001&nbsp;standard represents a systematic approach to managing sensitive information so that it remains secure. It encompasses people, processes and IT systems.&nbsp;&nbsp;It is used to determine and evaluate a company's security management framework and is internationally recognized as the gold standard for security. </p> <p> If a company doesn't have a security management framework in place, not only is it unaware of what's happening in it's own walls, it doesn't really know whether or not&nbsp;it knows much of anything. Yeah, that's confusing. What you <em>don't know</em> is what will most likely kill you. Either way, it's <em>negligent</em> in this day and age not to be formally on top of information security, and that involves not just firewalls and technology, but risk assessments, people, processes, and an over-reaching management framework to ensure all the bases are covered. </p> <p> Did he say "negligent?" <em>Yes, negligent.</em> And I mean it. </p> <p> It's a lot of work to achieve and maintain the 7799/27001 certification and to hold up to ongoing audits, to be sure (just ask me or my coworkers about it some day, we <em>live</em> it), but it's <em>not</em> rocket science and for gosh sakes, IT'S IMPORTANT. And it's not about the actual certificate, it's about all the things that go into the process of&nbsp;getting the certificate and keeping it. </p> <p> So, if you had to hazard a guess, how many agencies, institutions and companies in the United States do you think&nbsp;have this important and recognized certification? </p> <p> Be prepared to be disappointed. Especially when compared to the number of certified organizations&nbsp;in other countries, like say Japan and India and Korea. Or pretty much any other developed country, for that matter. It's really quite pathetic. </p> <p> Of the 2600+ organizations on the certificate register, there are only&nbsp;<em>seven</em>&nbsp; (yes, that's "7") companies or organizations <em>in the entire United States</em> certified under ISO 27001, and only 39 have been certified in the US&nbsp;under BS 7799-2 and ISO 27001 <em>combined</em>. Keep in mind, there's overlap on the lists, as a number of companies (like ours) have converted from the British Standard cert to the ISO 27001 model, meaning we've been certified twice. </p> <p> This table shows how many organizations are certified under either ISO 27001 or BS 7799-2 as of June 5, 2006. The term "organization" can mean any one of several things: companies, portions or divisions&nbsp;of companies, agencies, or various other other entities. I've left off most of the countries that have only one certified organization to save space. </p> <p> <table class="MsoNormalTable" style="BORDER-RIGHT: 1pt inset; BORDER-TOP: 1pt inset; MARGIN-LEFT: 35.15pt; BORDER-LEFT: 1pt inset; WIDTH: 436px; BORDER-BOTTOM: 1pt inset; HEIGHT: 187px; mso-cellspacing: 2.2pt; mso-padding-alt: 0cm 0cm 0cm 0cm" cellspacing="3" cellpadding="0" width="436" border="1"> <tbody> <tr style="HEIGHT: 13.85pt; mso-yfti-irow: 0; mso-yfti-firstrow: yes"> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND: #ccffcc; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 110.9pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 13.85pt" valign="top" width="148"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Japan</span> <span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"><?xml:namespace prefix ="" o /> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 44.15pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 13.85pt" valign="top" width="59"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">1602</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 13.85pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="149"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"><?xml:namespace prefix ="" st1 /> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Brazil</span> </st1:country-region>&nbsp;</st1:place> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 13.85pt" valign="top" width="22"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">9</span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 13.85pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="183"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Slovenia</span> </st1:country-region>&nbsp;</st1:place> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 13.85pt" valign="top" width="58"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: #383838; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">2</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> </tr> <tr style="HEIGHT: 12pt; mso-yfti-irow: 1"> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND: #ccffcc; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 110.9pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="148"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">UK</span> </st1:country-region>&nbsp;</st1:place> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 44.15pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="59"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">244</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 12pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="149"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Sweden</span> </st1:country-region> </st1:place> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="22"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">8 <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 12pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="183"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">South Africa</span> </st1:country-region> </st1:place> <span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="58"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: #383838; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">2</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> </tr> <tr style="HEIGHT: 12pt; mso-yfti-irow: 2"> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND: #ccffcc; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 110.9pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="148"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">India</span> </st1:country-region>&nbsp;</st1:place> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 44.15pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="59"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">186</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 12pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="149"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Spain</span> </st1:country-region> </st1:place> <span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="22"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">7</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 12pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="183"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Armenia</span> </st1:country-region> </st1:place> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="58"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">1<o:p></o:p> </span> </p> </td> </tr> <tr style="HEIGHT: 12pt; mso-yfti-irow: 3"> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND: #ccffcc; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 110.9pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="148"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Taiwan</span> </st1:country-region>&nbsp;</st1:place> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 44.15pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="59"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">92</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 12pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="149"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Turkey</span> </st1:country-region> </st1:place> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja"></span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="22"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">7</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 12pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="183"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Bahrain</span> </st1:country-region> </st1:place> <span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="58"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: #383838; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">1</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> </tr> <tr style="HEIGHT: 12pt; mso-yfti-irow: 4"> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND: #ccffcc; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 110.9pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="148"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Germany</span> </st1:country-region> </st1:place> <span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 44.15pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="59"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">57</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 12pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="149"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Iceland</span> </st1:country-region> </st1:place> <span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="22"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">6</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <span style="BACKGROUND: fuchsia; mso-highlight: fuchsia"> <o:p></o:p> </span></span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 12pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="183"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Chile</span> </st1:country-region> </st1:place> <span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="58"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: #383838; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">1</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> </tr> <tr style="HEIGHT: 12pt; mso-yfti-irow: 5"> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND: #ccffcc; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 110.9pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="148"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Italy</span> </st1:country-region>&nbsp;</st1:place> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 44.15pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="59"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">42</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 12pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="149"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Greece</span> </st1:country-region>&nbsp;</st1:place> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="22"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">5</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 12pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="183"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Egypt</span> </st1:country-region> </st1:place> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja"></span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="58"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: #383838; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">1 </span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> </tr> <tr style="HEIGHT: 12pt; mso-yfti-irow: 6"> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND: #ccffcc; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 110.9pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="148"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <font color="#804040"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja"><font color="#800000"><strong>USA</strong></font></span> </st1:country-region> &nbsp;</font> </st1:place> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; WIDTH: 44.15pt; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="59"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <strong><font color="#800000"><span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">39</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"><font face="Verdana"> <o:p></o:p> </font></span></font></strong> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 12pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="149"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Kuwait</span> </st1:country-region> </st1:place> <span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="22"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">4</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BACKGROUND-POSITION: 0% 50%; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; BACKGROUND-ATTACHMENT: scroll; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; BACKGROUND-REPEAT: repeat; HEIGHT: 12pt; BACKGROUND-COLOR: #ccffcc" valign="top" width="183"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <st1:place w:st="on"> <st1:country-region w:st="on"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">Lebanon</span> </st1:country-region> </st1:place> <span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> <td style="BORDER-RIGHT: 1pt outset; PADDING-RIGHT: 5.4pt; BORDER-TOP: 1pt outset; PADDING-LEFT: 5.4pt; PADDING-BOTTOM: 0cm; BORDER-LEFT: 1pt outset; PADDING-TOP: 0cm; BORDER-BOTTOM: 1pt outset; HEIGHT: 12pt" valign="top" width="58"> <p class="MsoNormal" style="LINE-HEIGHT: 130%; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto"> <span lang="EN-GB" style="FONT-SIZE: 8pt; COLOR: black; LINE-HEIGHT: 130%; FONT-FAMILY: verdana; mso-ansi-language: en-gb; mso-fareast-language: ja">1</span><span lang="EN-GB" style="mso-ansi-language: en-gb; mso-fareast-language: ja"> <o:p></o:p> </span> </p> </td> </tr> </tbody> </table> </p> <p> And of the&nbsp;US companies, agencies and organizations on that list,&nbsp;<em>only one </em>of them is a bank (and even then it's&nbsp;only the information security team's component of the business). <em>None</em> of them are credit unions. <em>None</em> of them are insurance companies. <em>None</em> of them are health care providers. <em>One</em> of them is a university. <em>A couple</em> are government agencies - and not the same ones that have been in the news lately, that's for sure. </p> <p> If you think about it (or search for it, for that matter), how often do you hear about information disclosure <em>outside</em> the United States? Sure, it happens, but seemingly not nearly as often. And why is it, I wonder,&nbsp;that in Japan there are so many certifications? ISO 9000 (the gold standard for manufacturing) is huge there, as well.&nbsp; </p> <p> The fact of the matter is that overall,&nbsp;companies and institutions in the US don't take security nearly seriously enough. </p> <p> So - It's time to do something about this. Now, not tomorrow. It's already much too late, so we need to get moving. We're already in triage mode, friends. </p> <p> What to do? To start, if you do business with <em>any company that handles sensitive individual data</em>, ask them about their security certifications. And don't accept just a SAS-70 certification as covering the bases&nbsp;- it only covers operations of the datacenter and has practically nothing to do with the rest of the company. Also, make sure you know <em>specifically</em> what any issued certifications actually cover - this is called the "scope" of the certification. Is it the entire company (usually it's not so you have to ask), or is it just a department or division? If the company is not formally certified, do they have a security management framework and a standard they follow? </p> <p> Also, this is formal security management we're talking about. Don't accept lame responses like "we're covered under HIPPA" or "we get audited for Sarbanes-Oxley so that's all covered..." Sorry, that doesn't come close to cutting it. Neither of those auditing standards require a company to have a security management system in place, and neither come close to covering what's needed to ensure proper security standards are met outside of their narrowly focused scopes. </p> <p> Get educated. Find out what needs to change. Demand change. Question systems that put the secrets in the hands of people who don't have a personal stake in the game. Do business wherever possible only with companies that are cognizant enough of security to formalize their program on a standard framework and which preferably have external certification of the results of that effort.&nbsp;I'm not kidding here.&nbsp;And yes -&nbsp;it can be done. </p> <p> Unless you have a better idea (and feel free to share - comment away), that's what it will really take to create change - Market forces. We certainly can't count on the government to do anything about it - they'll just come up with vague, useless legal acts that almost always miss the mark and cost the business sector billions (take SARBOX for example). Individual action and demanding that companies get serious - and that they do so in a manner where they can be formally reviewed and held accountable - is the best real-world way to force change. </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=6e6f3388-3d70-4ee7-81e5-0567d04d3a6c" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,6e6f3388-3d70-4ee7-81e5-0567d04d3a6c.aspx IT Security Safe Computing Things that Suck http://www.greghughes.net/rant/Trackback.aspx?guid=615e305c-8fe7-4e7b-b1f0-3964b37826a7 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,615e305c-8fe7-4e7b-b1f0-3964b37826a7.aspx http://www.greghughes.net/rant/CommentView,guid,615e305c-8fe7-4e7b-b1f0-3964b37826a7.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=615e305c-8fe7-4e7b-b1f0-3964b37826a7 3

Okay, Dork fightclubI just have to say something here. I can't help myself. Like CBS hasn't already done enough to ruin things for us in its own studios, now it's reporters are taking it to the streets, too.

You know, Fight Club used to be cool, one of the best movies of the last several years for sure, then these guys have to go and freakin' ruin it.

Grrr...

Let me put it this way: This is to Fight Club as "What are YOU doing???" is to "WAZZZZUUUUUUP?!?!?!?"

Someone should go find these guys and kick some @*$ for real for breaking the first rule. Where's Tyler when you need him? Not to mention what this does for the image of software engineers in our world. That's it, might as well just give up now.

Alright, anyhow, back to our regularly scheduled programming...



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. I am Jack's last remaining scrap of self respect and hope http://www.greghughes.net/rant/PermaLink,guid,615e305c-8fe7-4e7b-b1f0-3964b37826a7.aspx http://www.greghughes.net/rant/IAmJacksLastRemainingScrapOfSelfRespectAndHope.aspx Fri, 03 Mar 2006 01:52:00 GMT <p> Okay, <a href="http://cbs5.com/watercooler/local_story_059005903.html"><img alt="Dork fightclub" hspace="12" src="http://www.greghughes.net/images/dork_fight_club_small.jpg" align="right" vspace="6" border="0" /></a>I just <em>have </em>to say something here. I can't help myself. Like CBS hasn't already done enough to ruin things for us&nbsp;in its own studios, now it's reporters are taking&nbsp;it to the streets, too. </p> <p> You know, Fight Club <em>used</em> to be cool, one of the best movies of the last several years for sure, then <a href="http://cbs5.com/watercooler/local_story_059005903.html">these guys</a> have to&nbsp;go and freakin' ruin it. </p> <p> <em>Grrr...</em> </p> <p> Let me put it this way: <a href="http://cbs5.com/watercooler/local_story_059005903.html">This</a> is to Fight Club as "What are YOU doing???" is to "WAZZZZUUUUUUP?!?!?!?" </p> <p> Someone should go find these guys and kick some&nbsp;@*$ for real for <em>breaking the first rule.</em> Where's Tyler when you need him? Not to mention what this does for the image of software engineers in our world. That's it, might as well just give up now. </p> <p> Alright, anyhow, back to our regularly scheduled programming... </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=615e305c-8fe7-4e7b-b1f0-3964b37826a7" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,615e305c-8fe7-4e7b-b1f0-3964b37826a7.aspx Random Stuff Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=88bda824-2ac0-4445-9814-ab3f3faabe79 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,88bda824-2ac0-4445-9814-ab3f3faabe79.aspx http://www.greghughes.net/rant/CommentView,guid,88bda824-2ac0-4445-9814-ab3f3faabe79.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=88bda824-2ac0-4445-9814-ab3f3faabe79 1

I've been heard on occasion to suggest that it might be a good (or at least interesting) idea to turn off email in the workplace and to resort to more personal means of communication, like say in-person. Or on the phone. Anything that's not written.

Why? Because, it can be so hard to really understand what someone is saying, and especially difficult (if not impossible) to tell what they mean. When you're talking about business relationships, it's hard to believe one can make good, solid decisions based on conversations as limited as email.

Now there's some research that supports my hair-brained suggestions:

According to recent research published in the Journal of Personality and Social Psychology , I've only a 50-50 chance of ascertaining the tone of any e-mail message. The study also shows that people think they've correctly interpreted the tone of e-mails they receive 90 percent of the time.

"That's how flame wars get started," says psychologist Nicholas Epley of the University of Chicago, who conducted the research with Justin Kruger of New York University. "People in our study were convinced they've accurately understood the tone of an e-mail message when in fact their odds are no better than chance," says Epley.

One thing's for sure: Simply knowing what the results of this research tell us could make a difference in daily email communication practice.

Does your place of work ever discuss email communication, its pitfalls, and etiquette? Now that's a topic that's worth some face time.

(via wired.com )



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. Email flames - and why I say email can be bad for biz http://www.greghughes.net/rant/PermaLink,guid,88bda824-2ac0-4445-9814-ab3f3faabe79.aspx http://www.greghughes.net/rant/EmailFlamesAndWhyISayEmailCanBeBadForBiz.aspx Mon, 13 Feb 2006 15:19:07 GMT <p> I've been heard on occasion&nbsp;to suggest that it might be a good (or at least interesting) idea to turn off email in the workplace and to resort to more personal means of communication, like say in-person. Or on the phone. Anything that's <em>not written</em>. </p> <p> Why? Because, it can be so hard to really understand what someone is saying, and especially difficult (if not impossible) to tell what they <em>mean</em>. When you're talking about business&nbsp;relationships, it's hard to believe one can make good, solid decisions based on conversations as limited as email. </p> <p> Now there's some research that supports my hair-brained suggestions: </p> <blockquote dir="ltr" style="MARGIN-RIGHT: 0px"> <p> <em>According to recent research published in the </em><a href="http://www.apa.org/journals/psp"><cite>Journal of Personality and Social Psychology</cite></a><em>, I've only a 50-50 chance of ascertaining the tone of any e-mail message. The study also shows that people think they've correctly interpreted the tone of e-mails they receive 90 percent of the time.</em> </p> <p> <em>"That's how flame wars get started," says psychologist </em><a href="http://gsbwww.uchicago.edu/fac/nicholas.epley"><em>Nicholas Epley</em></a><em> of the University of Chicago, who conducted the research with </em><a href="http://w4.stern.nyu.edu/marketing/facultystaff.cfm?doc_id=4564"><em>Justin Kruger</em></a><em> of New York University. "People in our study were convinced they've accurately understood the tone of an e-mail message when in fact their odds are no better than chance," says Epley.</em> </p> </blockquote> <p> One thing's for sure: Simply knowing what the results of this research tell us could make a difference in&nbsp;daily email communication practice. </p> <p> Does your place of work ever discuss email communication, its pitfalls, and etiquette? Now that's a topic that's worth some face time. </p> <p> <em>(via </em><a href="http://www.wired.com/news/technology/0,70179-0.html?tw=wn_index_2"><em>wired.com</em></a><em>)</em> </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=88bda824-2ac0-4445-9814-ab3f3faabe79" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,88bda824-2ac0-4445-9814-ab3f3faabe79.aspx Tech Things that Suck
http://www.greghughes.net/rant/Trackback.aspx?guid=45fe1b71-61c6-4d12-95f9-3b97d2fd973c http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,45fe1b71-61c6-4d12-95f9-3b97d2fd973c.aspx http://www.greghughes.net/rant/CommentView,guid,45fe1b71-61c6-4d12-95f9-3b97d2fd973c.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=45fe1b71-61c6-4d12-95f9-3b97d2fd973c 2 Om Malik's blog plagiarized - Been there, here's one way to resolve it... http://www.greghughes.net/rant/PermaLink,guid,45fe1b71-61c6-4d12-95f9-3b97d2fd973c.aspx http://www.greghughes.net/rant/OmMaliksBlogPlagiarizedBeenThereHeresOneWayToResolveIt.aspx Tue, 27 Dec 2005 05:21:05 GMT <p> Plagiarism sucks, and Om Malik's <a href="http://gigaom.com/2005/12/25/wholesale-blog-plagiarism-alert/">weblog was apparently being copied verbatim</a>, images and all, and repurposed sans-attribution on another site that was serving up ads and (potentially) making money. I've had this happen to me a few times in the past year or so, and in some cases found the only way to fight it was to quote the DMCA in an email to the host. Lord knows asking Google to hold them accountable for their terms of service did not work in my case - Google just wrote back and said "we can't do anything." Plus the bad guys were repurposing content from a whole slew of other sites. Lazy jerks. </p> <p> By the way - this is really not exactly a trivial deal for many blog authors and publishers. I know when it happens to me, I chase it down and take it seriously. No lawyers needed - I am pretty good at that stuff and have some legal and courtroom experience, so why not put it to use eh? The ads on my site pay for my web hosting and my Internet access each month, and then some, so I have&nbsp;a little more than just an ego&nbsp;interest in what I choose to write and post. </p> <p> Anyhow, below&nbsp;is&nbsp;an email I used last year to resolve a plagiarism problem involving full content from this web site. It's blunt, direct, complete and it worked.&nbsp;Also, note that this letter followed multiple attempts to get the site owner to remove&nbsp;plagiarized content.&nbsp;I'm posting the email letter here simply for the benefit of anyone who might become a victim of blog plagiarism and wants access to some ideas that have worked for others&nbsp;in the past. </p> <p> And by the way - make sure you have a copyright statement and maybe <a href="http://creativecommons.org/licenses/">a Creative Commons license</a> on your main page that states what people can and cannot do with your blog content (mine's at the bottom of every page - it says people can repurpose it with attribution and for non-commercial purposes). It can't hurt to do this, and it helps set reasonable expectations and ground-rules for well-behaved people, while it can also be ammo for the ill-behaved later on... </p> <p> Note that the problem I tackled with the below email was resolved within 4 hours of the email being sent to the hosting provider (the site owner never responded), and it happened a year and a half ago, so please don't go harassing anyone - this is just posted here&nbsp;to help people who might end up in a similar situation. <img src="http://www.greghughes.net/images/smile1.gif"> </p> <p> <em>Where you see the word "(-- edited --)" below, I have removed identifying information to protect the innocent as well as those who complied with the requests to remove the offending content.</em> </p> <p> <em>[via </em><a href="http://tech.memeorandum.com/051226/p22#a051226p22"><em>tech.memeorandum.com</em></a><em>]</em> </p> <blockquote dir=ltr style="MARGIN-RIGHT: 0px"> <p><?xml:namespace prefix = o /> <o:smarttagtype name="PlaceType" namespaceuri="urn:schemas-microsoft-com:office:smarttags"> <o:smarttagtype name="PlaceName" namespaceuri="urn:schemas-microsoft-com:office:smarttags"> <o:smarttagtype name="country-region" namespaceuri="urn:schemas-microsoft-com:office:smarttags"> <o:smarttagtype name="place" namespaceuri="urn:schemas-microsoft-com:office:smarttags" downloadurl="http://www.5iantlavalamp.com/"> <o:smarttagtype name="State" namespaceuri="urn:schemas-microsoft-com:office:smarttags"> <o:smarttagtype name="City" namespaceuri="urn:schemas-microsoft-com:office:smarttags" downloadurl="http://www.5iamas-microsoft-com:office:smarttags"> <o:smarttagtype name="PersonName" namespaceuri="urn:schemas-microsoft-com:office:smarttags" downloadurl="http://www.microsoft.com"> <strong>-------- Original Message --------</strong> <br> </o:smarttagtype> </o:smarttagtype> </o:smarttagtype> </o:smarttagtype> </o:smarttagtype> </o:smarttagtype> </o:smarttagtype> <o:smarttagtype name="PlaceType" namespaceuri="urn:schemas-microsoft-com:office:smarttags"> <o:smarttagtype name="PlaceName" namespaceuri="urn:schemas-microsoft-com:office:smarttags"> <o:smarttagtype name="country-region" namespaceuri="urn:schemas-microsoft-com:office:smarttags"> <o:smarttagtype name="place" namespaceuri="urn:schemas-microsoft-com:office:smarttags" downloadurl="http://www.5iantlavalamp.com/"> <o:smarttagtype name="State" namespaceuri="urn:schemas-microsoft-com:office:smarttags"> <o:smarttagtype name="City" namespaceuri="urn:schemas-microsoft-com:office:smarttags" downloadurl="http://www.5iamas-microsoft-com:office:smarttags"> <o:smarttagtype name="PersonName" namespaceuri="urn:schemas-microsoft-com:office:smarttags" downloadurl="http://www.microsoft.com"> <strong>Subject:</strong>&nbsp; ACTION REQUIRED: Illegal use of copyrighted content by one of your customers for commercial purposes <br> <strong>Date:</strong>&nbsp; Sun, 3 Apr 2005 17:18:51 -0700 <style> st1\:*{behavior:url(#default#ieooui) } </style> </o:smarttagtype> </o:smarttagtype> </o:smarttagtype> </o:smarttagtype> </o:smarttagtype> </o:smarttagtype> </o:smarttagtype> </p> <p class=MsoNormal> <b><font face=Arial color=red size=2><span style="FONT-WEIGHT: bold; FONT-SIZE: 10pt; COLOR: red; FONT-FAMILY: Arial">NOTICE:</span></font></b><b><font face=Arial size=2><span style="FONT-WEIGHT: bold; FONT-SIZE: 10pt; FONT-FAMILY: Arial"> IF YOU ARE THE OWNER, OPERATOR OR HOSTING PROVIDER OF THE “<span id=mail-highlight-id style="BACKGROUND-COLOR: yellow">MICROSOFT-DOTNET-TECHNOLOGY</span>.INFO” DOMAIN, THIS IS A CEASE AND DESIST LETTER REQUIRING YOU TO IMMEDIATELY CEASE REPUBLISHING CONTENT OR ALLOWING/ENABLING CONTENT TO BE REPUBLISHED, WHICH IS SOURCED FROM THE “GREGHUGHES.NET” DOMAIN.<o:p></o:p> </span></font></b> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> <o:p></o:p> </span></font> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><?xml:namespace prefix = st1 />The owner of the web site(s) located on your servers/network at the below IP address and domain name is stealing and republishing - via an automated web-server application that gathers an XML feed - content owned and copyrighted by <st1:personname w:st="on">Greg Hughes</st1:personname> at <a href="http://www.greghughes.net/">http://www.greghughes.net</a>: <o:p></o:p> </span></font> </p> <p class=MsoNormal> <b><font face=Arial size=2><span style="FONT-WEIGHT: bold; FONT-SIZE: 10pt; FONT-FAMILY: Arial"> <o:p></o:p> </span></font></b> </p> <p class=MsoNormal style="TEXT-INDENT: 0.5in"> <b><font face=Arial size=2><span style="FONT-WEIGHT: bold; FONT-SIZE: 10pt; FONT-FAMILY: Arial">216.7.187.20 (<span id=mail-highlight-id style="BACKGROUND-COLOR: yellow">MICROSOFT-DOTNET-TECHNOLOGY</span>.INFO)<o:p></o:p> </span></font></b> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> <o:p></o:p> </span></font> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">The following ARIN information identifies <span style="FONT-WEIGHT: bold">(-- edited --) Holdings, LLC</span> (which is a corporation in <st1:state w:st="on"> <st1:place w:st="on">Colorado</st1:place> </st1:state> ) and <span style="FONT-WEIGHT: bold">(-- edited --).com</span> (which appears to be a possibly defunct operation) as owners of the IP address/block in question:<o:p></o:p> </span></font> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> <o:p></o:p> </span></font> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> <o:p></o:p> </span></font> </p> <blockquote class=Section1 dir=ltr style="MARGIN-RIGHT: 0px"> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Location: United States [City: Loveland, Colorado]</span></font> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">NOTE: More information appears to be available at NET-216-7-186-0-1.</span></font> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">(-- edited --) Holdings, LLC D393LLC-DC-INVERNESS6 (NET-216-7-160-0-1) <br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 216.7.160.0 - 216.7.191.255<br> (-- edited --).com VONOC-216-7-186-0-23 (NET-216-7-186-0-1) <br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 216.7.186.0 - 216.7.187.255<br> &nbsp;<br> # ARIN WHOIS database, last updated 2005-04-02 19:10<br> # Enter ? for additional hints on searching ARIN's WHOIS database.</span></font> </p> </blockquote> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">The person(s) running the web site at <span id=mail-highlight-id style="BACKGROUND-COLOR: yellow">MICROSOFT-DOTNET-TECHNOLOGY</span>.INFO have been contacted in the past via the “contact” form on the web site and told to stop repurposing this content, specifically because they have not obtained permission and because they are profiting from advertising revenue from said web site. <b><span style="FONT-WEIGHT: bold">This activity constitutes theft of intellectual property under copyright laws and the DMCA. The information being sourced is copyrighted as indicated on the web site, and is not in the public domain for re-use.</span></b> The party(ies) associated with <span id=mail-highlight-id style="BACKGROUND-COLOR: yellow">MICROSOFT-DOTNET-TECHNOLOGY</span>.INFO have not responded to repeated contacts and requests to cease use of the copyrighted material.<o:p></o:p> </span></font> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> <o:p></o:p> </span></font> </p> <p class=MsoNormal> <b><font face=Arial size=2><span style="FONT-WEIGHT: bold; FONT-SIZE: 10pt; FONT-FAMILY: Arial">We have sent a CEASE AND DESIST letter to the parties once again today (April 3, 2004) through their web site contact form at <a href="http://www.microsoft-dotnet-technology.info/contact.asp">http://www.<span id=mail-highlight-id style="BACKGROUND-COLOR: yellow">microsoft-dotnet-technology</span>.info/contact.asp</a>. At this time we request that you remove the offending web sites and pages from your servers, as they are clearly in violation of the common acceptable use provisions of the parties to this email:<o:p></o:p> </span></font></b> </p> <p class=MsoNormal> <b><font face=Arial size=2><span style="FONT-WEIGHT: bold; FONT-SIZE: 10pt; FONT-FAMILY: Arial"> <o:p></o:p> </span></font></b> </p> <p class=MsoNormal style="TEXT-INDENT: 0.5in"> <font face=Arial size=2><span style="FONT-WEIGHT: bold; FONT-SIZE: 10pt; FONT-FAMILY: Arial">http://www.<font color=#003300>(-- edited --)</font>.com/acceptable-use.asp#copyright<o:p></o:p> </span></font> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> <o:p></o:p> </span></font> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">IN ADDITION, the same person(s) appear to be sourcing copyrighted material for commercial use from Yahoo!, Search Engine Watch, moreover.com, the Kansas City Public Library, National Geographic News, about.com, and Web Hosting News. Unless the situation is rectified immediately we will also be contacting those persons and companies to advise them of the misuse of the copyrighted property and data.<o:p></o:p> </span></font> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> <o:p></o:p> </span></font> </p> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">The WHOIS information on record for the domain in question is:</span></font> </p> <blockquote class=Section1 dir=ltr style="MARGIN-RIGHT: 0px"> <p class=MsoNormal> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Domain ID:D8436219-LRMS<br> Domain Name:MICROSOFT-DOTNET-TECHNOLOGY.INFO<br> Created On:27-Nov-2004 15:34:17 UTC<br> Last Updated On:27-Nov-2004 15:34:20 UTC<br> Expiration Date:27-Nov-2005 15:34:17 UTC<br> Sponsoring Registrar:R136-LRMS<br> Status:ACTIVE<br> Status:OK<br> Registrant ID:C7727838-LRMS<br> Registrant Name (-- edited --)<br> Registrant Organization:(-- edited --) <br> </span></font><font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Registrant Street1:(-- edited --)<br> Registrant City:(-- edited --)<br> Registrant State/Province:Gujarat<br> Registrant Postal Code:(-- edited --)<br> Registrant Country:IN<br> Registrant Phone:(-- edited --)<br> Registrant (-- edited --)<br> </span></font><font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Admin ID:C7727839-LRMS<br> Admin Name:(-- edited --)<br> Admin Organization:(-- edited --)<br> Admin Street1:(-- edited --)<br> Admin City:Ahmedabad<br> Admin State/Province:Gujarat<br> Admin Postal Code:(-- edited --)<br> Admin Country:IN<br> Admin Phone:(-- edited --)<br> Admin (-- edited --)<br> Billing ID:C7727840-LRMS<br> Billing Name:(-- edited --)<br> Billing Organization:(-- edited --) <br> Billing Street1:(-- edited --)<br> Billing City:Ahmedabad<br> Billing State/Province:Gujarat<br> Billing Postal Code:(-- edited --)<br> Billing Country:IN<br> Billing Phone:(-- edited --)<br> Billing (-- edited --)<br> Tech ID:C7727841-LRMS<br> Tech Name:(-- edited --)<br> Tech Organization:(-- edited --)<br> Tech Street1:(-- edited --)<br> Tech City:Ahmedabad<br> Tech State/Province:Gujarat<br> Tech Postal Code:(-- edited --)<br> Tech Country:IN<br> Tech Phone:(-- edited --)<br> </span></font><font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Tech (-- edited --)<br> Name Server:VOB1.(-- edited --).COM<br> Name Server:VOB2.(-- edited --).COM</span></font> </p> </blockquote> <p class=MsoNormal dir=ltr> <font face=Arial size=2><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><em>(Note: I edited the names and other identifying infomration from the WHOIS record at the request of the person listed in the contact sections of the record becuase they asked me to do so. While the information is accurate as it was originally posted, it serves no useful purpose to keep that person's phone and other information here and the orginal issue was resolved, so I agreed to make the change).</em></span></font> </p> </blockquote><img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=45fe1b71-61c6-4d12-95f9-3b97d2fd973c" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,45fe1b71-61c6-4d12-95f9-3b97d2fd973c.aspx Blogging Random Stuff Tech Things that Suck http://www.greghughes.net/rant/Trackback.aspx?guid=50bd94ea-8330-4af7-81a6-fe353646ddb7 http://www.greghughes.net/rant/pingback.aspx http://www.greghughes.net/rant/PermaLink,guid,50bd94ea-8330-4af7-81a6-fe353646ddb7.aspx http://www.greghughes.net/rant/CommentView,guid,50bd94ea-8330-4af7-81a6-fe353646ddb7.aspx http://www.greghughes.net/rant/SyndicationService.asmx/GetEntryCommentsRss?guid=50bd94ea-8330-4af7-81a6-fe353646ddb7 8

Scott Adams says he recently quit caffeine. It wasn't exactly pleasant for him. Sounds like it still isn't.

I can relate. Except that I have not quit.

I drink coffee like it was, well, water. Like it's going out of style. It's easy to do - there's tons of free coffee everywhere I go. Which means work and home. And church sometimes. Free coffee everywhere.

Coffee is The Devil. So I am not sure why it's at church.

If I don't get my requisite dose of caffeine in the morning, I (seriously) can't see straight. Like as in my vision is blurry and my head hurts. That can't be good.

I stopped smoking a couple years or so ago. I've quit other things before, many years ago. But caffeine, well man oh man... Painful.

For the record, cigarettes was the hardest from a withdrawl perspective. Freakin' BRUTAL. It still is from time to time. I tell people I *stopped* smoking. I don't say I "quit." Nothing is guaranteed, nothing is forever. For today I am stopped, and it's better that way.

I guess I've learned that much fairly well. Heh.

But, back to coffee - It's the one vice I have left remaining in my life, really. I know I shouldn't drink as much as I do, but it just won't let me go. I've tried it - Ringing ears, blurry vision, massive headaches, general lethargy, an *inability* to sleep (seriously), and on top of that no more coffee, which I actually like (and I never actually liked smoking that much).

Argh. Decaf doesn't really appeal to me. All the decaf I've ever had tastes like crapola.

Any ideas?



greghughes.net weblog - copyright 2003-2008 - licensed under a Creative Commons License. I'd quit if it didn't hurt so damn much http://www.greghughes.net/rant/PermaLink,guid,50bd94ea-8330-4af7-81a6-fe353646ddb7.aspx http://www.greghughes.net/rant/IdQuitIfItDidntHurtSoDamnMuch.aspx Sun, 18 Dec 2005 07:01:32 GMT <p> Scott Adams <a href="http://dilbertblog.typepad.com/the_dilbert_blog/2005/12/caffeine.html">says he recently quit caffeine</a>. It wasn't exactly pleasant for him. Sounds like it still isn't. </p> <p> I can relate. Except that I have not quit. </p> <p> I drink coffee like it was, well, water. Like it's going out of style. It's easy to do - there's tons of free coffee everywhere I go. Which means work and home. And church sometimes. Free coffee everywhere. </p> <p> Coffee is The Devil. So I am not sure why it's at church. </p> <p> If I don't get my requisite dose of caffeine in the morning, I (seriously) can't see straight. Like as in my vision is blurry and my head hurts. That can't be good. </p> <p> I stopped smoking a couple years or so ago. I've quit other things before, many years ago. But caffeine, well man oh man... Painful. </p> <p> For the record, cigarettes was the hardest from a withdrawl perspective. Freakin' BRUTAL. It still is from time to time. I tell people I *stopped* smoking. I don't say I "quit." Nothing is guaranteed, nothing is forever. For today I am stopped, and it's better that way. </p> <p> I guess I've learned that much fairly well. Heh. </p> <p> But, back to coffee - It's the one vice I have left remaining in my life, really. I know I shouldn't drink as much as I do, but it just won't let me go. I've tried it - Ringing ears, blurry vision, massive headaches, general lethargy, an *inability* to sleep (seriously), and on top of that no more coffee, which I <em>actually like</em> (and I never actually liked smoking that much). </p> <p> Argh. Decaf doesn't really appeal to me. All the decaf I've ever had tastes like crapola. </p> <p> Any ideas? </p> <img width="0" height="0" src="http://www.greghughes.net/rant/aggbug.ashx?id=50bd94ea-8330-4af7-81a6-fe353646ddb7" /> <br /> <hr /> <font size="1">greghughes.net weblog - copyright 2003-2008 - licensed under a <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">Creative Commons License</a>.</font> http://www.greghughes.net/rant/CommentView,guid,50bd94ea-8330-4af7-81a6-fe353646ddb7.aspx Personal Stories Random Stuff Things that Suck