Category: News & Trends

Technology Makes You A Target

Lock IconLike most professionals, I have taken countless courses on data privacy and computer security. After a while, the online courses and training scenarios all end up sounding the same. In 2017, the size and scope of technology breaches has increased and at the same time we are learning that our financial and private data is being compromised in more places than we can count. From our local store at the mall, to our financial institutions, the reality is that technology is making everyone a target. By news accounts, you can’t trust anyone. Your bank, your healthcare insurance, your webmail provider, the IRS, your payroll provider, have all been compromised and this all before we even learned about the Equifax breach. Target is a good example of a company that invests heavily in technology and implemented security protocols better than most companies, however they still became a victim and were compromised. The reality is that security is not ever going to be easy. The best way to implement security is by using a layered approach, with multiple levels of restrictions. Secure your network, secure your devices, secure your software with updates, use strong passwords, and backup your data in multiple ways. This becomes a lot of work for individuals. The frustration is that even if you do everything right, you are still going to be compromised. The best possible outcome is that you will not be an easy target and that you limited what was taken from you.

CCleaner

CCleaner is one of my trusted utilities, on Windows computers. I use it quite often and install it on all of my Windows machines. Recently, their security was compromised and malware was added to their installer. Reading carefully through all the reports, I determined that on two machines the version had not been updated and multiple scans by different anti-virus tools came up clean. On a third machine, a laptop, the machine had been compromised. On this particular computer, I did not have any real data that was of importance, and this was the laptop that I had setup with a custom Windows setup that allows me to restore Windows to a fresh state. This allowed me to restore the machine in less than an hour and I no longer had to worry about malware on that computer.

However, this was a wake up call in regards to my other machines. I need to implement a similar setup for my other computers. There needs to be a strategy for my home Windows Server, my kids computers, and what about my Mac computers? This all came about because I trusted an application that I have been using for years.

iOS Devices

For the most part, I have not had to worry too much about the Apple ecosystem, when it comes to iOS. Apple has been pretty good about keeping malware out of the App Store, not perfect by any means, but good. All I have had to do is keep iOS updated with the latest version that is available for the device and not install too many third party apps. I also keep an iTunes backup for my iPhone and iPad. I do not put too much faith in the cloud, so my iCloud data is pretty slim.

Android

There are not any Android devices in my home. We are pretty much Apple, Windows, and Linux. My criticism of Android is that there are way too many exploits and security compromises when it comes to the platform. The devices are not updated very often and prior Android versions are very vulnerable to all types of attacks. This is an area where Apple has managed to do better due to the faster upgrade cycle and walled garden that is the App Store. My best advice for Android users is the same as iOS users: upgrade your OS and do not install too many third party apps.

Linux

I do not use Linux as a desktop, so my concerns with Linux is typically with servers. Linux is becoming a bigger target these days. Part of the problem is that Linux is a collection of software that is patched together from multiple sources. These sources are all vulnerable. The other issue with Linux in general is that it requires a certain level of admin expertise, which is different from most consumer software. For Linux, I keep a backup of an original setup, so if I misconfigure or break something, I can restore to that setup. For the data, I backup separately and keep multiple copies of that. Scanning tools for Linux tend to be free, but there are commercial versions which you can purchase. If you are using Linux for business purposes, Redhat is highly recommended.

Facebook, Amazon, & Clouds

I find it hard to reconcile individual security and Facebook usage. To me the more you use Facebook, the bigger a target you become. I see people updating their Facebook account with their physical location all the time. This is great information to have, if you are a thief and want to break into someone’s house. The problem with Facebook, Amazon, and cloud platforms like iCloud is that these services communicate with your mobile phone and the data that they send back and forth is very susceptible to being breached. Your phone is literally a beacon that keeps signaling all the time. You can prevent some of this by turning off Bluetooth, Wireless, and not installing third party apps, however for everything you turn off or disable, the phone becomes less connected, less functional. A must have is some sort of VPN, that you can enable when connecting to free wireless networks.

There really is not a good way to be private or have layered security when it comes to the mobile phone. The phone is a beacon at this point, and you are the target.

Identity

Since the Equifax breach, I have been reading about what possible avenues people have to protect themselves, now that everyone is compromised, and the only advice that I found that seemed plausible was to change your name. It is possible to legally change your name and to escape some of the repercussions of the Equifax breach. Unfortunately it has come to this.

Filed under: News & Trends

The US Bandwidth Problem

Over the last few years, I have become somewhat of a politician, when it comes to speaking about the Internet and the undeniable bandwidth problem we have in the US. The difficulty I ran into multiple times was that it is hard to convince people that not having enough bandwidth is a problem at all. Bandwidth is something that most people just don’t think about. It is like breathing, you never realize you need air, until you are deprived of it. It has only been within the last couple of years that people are starting to wake up to the limitations of low performing internet connections. This has been brought on by consumer usage of more internet connected devices, from the smart phone to the iPad. As these devices tap into more and more of the wireless capacity of home routers and cell phone towers, they begin to push the limitations of the land line technology that usually provides the internet connection. This includes T-1 lines, DSL modems, ethernet, and fiber technologies.

The problem then becomes two-fold. We have a capacity issue for individual consumers wanting to communicate and for our institutions and businesses that want to provide better services. With low performing internet, we end up with schools that can’t use technology to teach our children, businesses that can’t provide the type of services that we want to buy, and innovative healthcare solutions that we can’t adopt. My concern is not being able to watch YouTube without the buffering message, it is instead the elderly person who could receive in-home diagnostic care without having to go to the hospital if only broadband was available.

Last year I spoke to a large audience of educators and mentioned the bandwidth issue. They were able to understand the issue personally because many of them use Netflix at home and have had to deal with streaming problems. Between video streaming and gaming, I think everyone is waking up to the problem. However solutions still seem to be unattainable at this point. Regardless of who do you think is to blame for the lack of affordable broadband solutions, the truth is that we as citizens need to deem this issue important enough to do something about it.

It is disappointing to me that technology wise no one has stepped up and come up with an affordable solution to this issue. Looking back in the past, many companies used proxy servers to provide internet to their offices. The open source Squid Proxy is a good solution for caching internet connections. There seems to be a lack of initiative to create a cheap router with a built-in caching squid proxy. Performance wise, you do need memory and disk space to run squid smoothly, but by far I think the biggest deterrent is the complicated problems that proxies create. With a proxy you do have to deal with some sites not working correctly, and UPnP network devices tend to break.

We are kind of left in this limbo state of having limited internet connections and no real viable solutions. The longer we ignore the problem the longer we stall innovation and deny ourselves improvements in education, business, healthcare, and entertainment.

Filed under: News & Trends

Supporting Web Services

Web Services iconThe calendar is changing yet again on another decade and as we go from 2009 to 2010, it seems only natural to become a bit reflective on all things. Technology is always changing and what seems like life long disputes are now fading into obscurity, and before you know it, you will be sounding like an old timer talking about the old mainframe days of computing. In my case, the old local network model of client and server is where I made my professional career. However that model is dramatically different today. Today, I no longer work on Netware or Windows 2000 file servers and their Windows clients, as much as I work with browsers and the Internet. Instead of supporting a LAN, I mostly support Web Services; a term that describes pretty much anything if you really think about it. I tell most of my non-technical friends that essentially I support web sites, to make sure they are working the way they are suppose to. This is more easily said than having to explain that I spend most of my time trying to figure out where exactly my problem is.

The extraordinary situation is that supporting web services is kind of an unwritten subject matter. You will not be able to walk into Barnes & Noble and find it in the computer books section. Most of the time what you will find will be books that talk about making money with web services, by which they mean running your own website business or using eBay or Amazon to help your business. This is because web services, as we think of web services have not been around all that long. The prior file server and client model, what I call LAN support, has been around for more than two decades and it was properly evangelized by companies like Microsoft, Novell, and IBM.

For years, Microsoft sold and supported training for how to support your basic file server and local clients. You usually ended up with huge thick books and a paper certificate that you could hang on your wall saying you knew how to support Windows. Web services has no such certificate and even if you could point to one, it most likely would be so specialized that it really could not encompass much. For example right now, a web service could mean Apache Web Server connecting to a backend database that is serving up information to a browser on a Macintosh, a Windows machine, a mobile smartphone, or even a GPS device in your car! The technologies that make this happen are varied and when you think about the data it only starts to get more complicated. The iPhone as a platform for web services has been incredibly successful for Apple but even Apple did not foresee most of the web services that the iPhone is now capable of. As Apple has added more sensors to its device and given developers access to their data, it has allowed developers to change the way we think of web services. The iPhone will soon be able to not just tell you where you are, but inform you of what you are actually looking at or even what you should be looking at! Now if you look at it from the point of view of a person who wants to support that technology, where do you exactly start? It certainly is not going to be easy.

Since there is no one company behind the technology that powers web services, it is best to be a good problem solver who knows a little bit of everything and who can properly research problems.

Problem solving is all about being able to break things down to their rudimentary components and to be able to have a grasp on how something works. Experience counts a lot, but only if you develop good skills to begin with. Programmers are very good at breaking things down, so even if you do not see yourself as a developer, it is still important to learn the basics of programming. Languages like JavaScript, PHP, Python, and JAVA can teach you a lot about how to approach problems. Even if you never master a programming language, you can still take away a lot from the experience of just trying to program.

The absolute things to learn are HTML, CSS, and XML. These are the defacto data elements of pretty much all web services and are not at all difficult to learn. HTML is like learning to use different grammar, so pretty much anyone can learn to read and write it. One other subject matter to master for problem solving has to be networking. You must know how networking works, both at the protocol level and at the hardware level. You may not need to master CISCO routing, but you should learn the basics of what routing is, what TCP/IP is and how it works, and you must learn everything you can about HTTP, as this is the most common protocol you will be working with. Remember how I said there was not one book that you could pick up to learn web services? After all this reading, you will probably hate the computer section of the book store.

Once you have acquired some knowledge of the technologies involved, you will need to learn how to research problems. It amazes me how many people do not know how to research. This is the one skill that you need to acquire before you interview for any position. There is nothing more disappointing than to realize a candidate for a position has poor researching skills. If you never took a class on how to utilize Google Search, than pick up a book and learn how to mine Google for all sorts of data. This is an essential skill. No one can possibly know everything and remember you are getting paid to solve problems, so why not get ahead in life by using the immense knowledge out there on Google and other search engines. The other part of research is documentation. Effective people are organized. Find a system of organizing your researched data that makes sense to you, whether this is Outlook, a content management system like a wiki, or just a WordPress blog. Whatever you do, do not rely on your employer or someone else to tell you how to do this. What you will find is that it is a lot easier to stick to a system that works for you than it is to try to work within the limitations of someone else’s system.

Supporting web services is always changing, and so there will always be new browsers to test, new tools to use in your analysis. You will need to devote some small part of your day to reading about these new developments. And who knows maybe someday there will be a good book on how to do all this, but until then you will probably have to do all of the above. Good luck and remember it is just a website, right?

Filed under: News & Trends