Monday, 25 June 2007

In my line of work, we spend a lot of our time writing software that catches bad guys and keeps them out of systems that require protection. So, in the course of building good security and forensics software I often work closely with partner companies that bring something valuable to the table - technology that we might include or integrate with but would not build ourselves. One of the technology areas that adds value to what we do is the business of Internet Protocol (IP) address intelligence and geolocation. The ability to glean a variety of valuable information about any given IP address or block provides the opportunity for both intelligent and - if the partner does their job well - reliable decision making, in a manner not otherwise possible. Imagine your application being able to present information or make decisions based on the actual physical location of a user, or base don the type of connection they are making. In the case of the software I've been involved with creating, IP intelligence is a key capability that helps to enhance the products.

So, for last week's RunAs Radio interview, we sat down with an expert in the field, Bill Varga, who works for a company out of Mountain View, California called Quova - one of the partners I have worked with for a few years now. They do IP geolocation and IP intelligence - and that's their business. They're focused on that market and they're very good at it. IP intelligence is a world that is growing quickly and always generates ideas and thought when brought up for discussion. The applications of IP-related metadata are many, and Bill effectively describes them in our interview. He also discusses some of the new things Quova is doing in the field.

RunAs Radio Show #11 | 6/20/2007 (38 minutes)
Bill Varga Makes Us IP Intelligent

Richard and Greg talk to Bill Varga about what IP (that's Internet Protocol) Intelligence is all about. They also dig into how IP geolocation helps with regulatory compliance and fraud detection. Bill also talks about the new technology Quova (his employer) has developed that can deal with geolocation of satellite and megaproxy IP addresses.

Links: RunAs Radio web site and RSS feed

We welcome your input and ideas for the show - Just email info@runasradio.com and let us know what's on your mind! We might even read your email on the air, and we are always interested to know what you would like to hear about as we book our guests.



Add/Read: Comments [0]
IT Security | RunAs Radio | Tech
Monday, 25 June 2007 07:37:43 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Saturday, 23 June 2007

apple_iphone eWeek has a good summary in their article "Analysts: iPhone Has Neither Security nor Relevance" with a number of links to other resources of the likely security problems introduced by (of not in - we'll see) the iPhone. Certainly the iPhone is not the only device where we have to worry about these types of problems, but let's face it: iPods and other mass storage devices are already too loosely allowed at many companies and organizations, and the hype surrounding the iPhone and the potential excitement of iPod owners can cloud judgement. Read Andrew Storm's article on the topic.

In contrast, Blackberry's enterprise services are well-secured and provide a whole slew of workable and effective controls that the iPhone can't even begin to match up with. In a nutshell, the iPhone is a consumer device that probably doesn't belong in the enterprise - at least not in it's first version. Gartner plans to recommend businesses keep the iPhone out of the enterprise.

Also - sounds like typing on the on-screen keyboard is an index-finger exercise, not for thumb typers. So again, not so much an enterprise device. But we'll see all this stuff for ourselves in just a few days. The iPhone debuts on June 29th.

Note: I think the iPhone is a cool looking device and probably a great consumer item. I'm not knocking the device for consumers, just pointing out it's not appropriate for use in the enterprise. So before anyone starts with "iPhone/Apple-Hater" rhetoric, you can just stop. :)



Add/Read: Comments [1]
IT Security | Mobile | Tech
Saturday, 23 June 2007 13:44:00 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Sunday, 17 June 2007

Kent Newsome started a "help me rebuild my feed list" project recently, and I was pinged to contribute a short list.

This is an update on my swivel feeds experiment, in which I ask bloggers I read to help me rebuild my reading list.  I've had a great response so far, and my new reading list is coming together nicely, with a diverse and interesting mix of bloggers.

A good list has formed and when all is said and done he plans to create an OPML list to share.

Here are my five (or so) blogs for the recommendation list. I've tried to find ones that I would recommend highly but which are not already on Kent's list (there is one repeat though). Also, ones where the author published often. They're all listed for their own individual reasons, and no - not all of them are tech-related. Three of these people I have met in person, one I have interacted with on the 'net, and one I have only read. All get my attention in FeedDemon.

  • Rory Blyth - Often described in the past as a train wreck in progress, mostly his blog is just plain real - sometimes very much so. And he's a great writer.
  • Trevin Chow - A Microsoftie I know and appreciate, he's worked on a number of cool products and projects.
  • Adam Gaffin - He writes quick and topical links at computerworld.com on pretty much a daily basis.
  • Scott Adams - Yes, the author of Dilbert and a couple very good books. Scott's blog is incredibly smart and funny and smart and sarcastic and smart and ... Well, just go read it. I'd be shocked if you were not to become a regular.
  • Scott Hanselman - Yeah, he's already on Kent's list but let's face it, Scott's top notch and his blog bears repeating.

Of course, I subscribe to a lot more than those five, but they are among the ones I look at and read new content on nearly every day.



Add/Read: Comments [2]
Blogging | Random Stuff
Sunday, 17 June 2007 11:39:46 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Thursday, 14 June 2007

image Over the past several years I realize I am spending less often. Not sure I am spending less, heh, but at least not as many times in any given, oh, month or whatever. Last week I broke down after much consternation over a few months and picked up one of the Xbox 360 HD-DVD drives. I took it home and hooked it up and popped in the HD version of King Kong.

As many have written similarly in the past, the picture and sound are pretty incredible. But, since I have an older DLP projector (an InFocus X1), I am not getting the full fidelity of a HD image.

So, long story short, even on the X1 the quality is noticeably and substantially better than standard DVDs. But it's  not what it can be, so I find my self leaning toward a decision point: I need a new projector. I don't want a flat screen, I don't think. I have a 120-inch (or more) diagonal image on the wall now, and I like it that way. One room is there just for the theater-like experience. It's not my living room, in other words.

 There are a number of newer 1080p projectors out there now, as it turns out, and they don't cost a zillion bucks anymore. I have been researching newer models and have found a couple that look interesting. But I figured there might be some readers of this here site that would have some experience and input.

imageHere is what I have found so far - what do you think, and what am I missing?

Any ideas anyone?

UPDATE (July 28, 2007): Epson also has a real contender out that I am considering in their PowerLite Home Cinema 1080 model.



Add/Read: Comments [5]
Tech
Thursday, 14 June 2007 13:12:00 (Pacific Standard Time, UTC-08:00)
#  Trackback

The FBI is contacting more than one million computer owners and operators whose computers have been victimized and taken over by fraudsters and other criminals who have installed "bots" which they then use to launch distributed criminal computer attacks and fraud scams.

“The majority of victims are not even aware that their computer has been compromised or their personal information exploited,” said FBI Assistant Director for the Cyber Division James Finch. “An attacker gains control by infecting the computer with a virus or other malicious code and the computer continues to operate normally. Citizens can protect themselves from botnets and the associated schemes by practicing strong computer security habits to reduce the risk that your computer will be compromised.”

So, if the FBI calls you might want to cooperate. But - exercise some common sense and a little caution: if you get a call or contact, be sure to confirm it's actually the FBI. The classic technique used by scammers is to take commonly used communication methods and closely mirror or duplicate them in order to make you think you're providing sensitive data to a legitimate business or agency, when in fact it's the bad guy in disguise. So verify, verify, verify.

The FBI press release is here. Snipped from the press release, an important warning about being wary of potential malicious information requests:

"The FBI will not contact you online and request your personal information so be wary of fraud schemes that request this type of information, especially via unsolicited emails. To report fraudulent activity or financial scams, contact the nearest FBI office or police department, and file a complaint online with the Internet Crime Complaint Center, www.ic3.gov."



Add/Read: Comments [0]
IT Security | Safe Computing | Tech
Thursday, 14 June 2007 08:43:02 (Pacific Standard Time, UTC-08:00)
#  Trackback

RunAs Radio Show Number Ten is now online. While at Tech Ed US 2007 in Orlando last week, we sat down to chat with Isaac Roybal for the RunAs audio podcast, a Microsoft Product Manager on the Windows Server team working on the next version of Internet Information Services - IIS7.

Put simply, IIS7 includes a large number of significant improvements and enhancements for both developers and for the IT pros and hosting providers that have to implement, support, secure and maintain the servers. Tons of great information and interaction around IIS7 is available at the new community web site, IIS.NET. Many of the improvements and changes to IIS are listed on that site, as well. You can download Windows Server Beta 3 and go live with IIS7 now, and Microsoft has a program for doing so. If nothing else, you should be starting your lab work so you can plan, get familiar and see what the future of IIS holds.

RunAs Radio Show #10 | 6/13/2007 (41 minutes)
Isaac Roybal Shows Us IIS7

Isaac Roybal is a Product Manager on the Windows Server team who is deeply involved in Web Workload, especially IIS 7. Isaac digs into the details of the new management features in IIS 7, now available as part of Windows Server 2008 Beta 3. His responsibilities cover all things Web related with Windows Server and has been involved with IT for over ten years. Five of those years have been with Microsoft.

Links: RunAs Radio web site and RSS feed

We welcome your input and ideas for the show - Just email info@runasradio.com and let us know what's on your mind! We might even read your email on the air, and we are always interested to know what you would like to hear about as we book our guests.



Add/Read: Comments [0]
IT Security | RunAs Radio | Tech
Thursday, 14 June 2007 08:23:18 (Pacific Standard Time, UTC-08:00)
#  Trackback