Digital Signatures - Value Added Taxes - Password Security

Have I mentioned lately how much I love my job.

I know how lucky I am.  Most people go to work and during their day they focus on a small set of projects or a distinct range of tasks.  Which is great; people team up, do what they have to do and as a result they are productive.

In my position too I have a specific set of responsibilities, but in order to do them I have get to dive into areas of knowledge and educate myself in order to provide web application(s) that are more useful to those who need them.

For example, this morning I started by watching some refresher courses on Photoshop on Lynda.com with my morning coffee.

From there I had to brush-up on some regulation changes as they pertain to digital signature and how those changes might affect the application and our users (whitepaper to follow).

Following that I had to respond to some security concerns of one of our customers, and then I bounced to study the differences between the Value Added Tax laws between Canada, the Euopean Union in general and Italy.

And it's only 1 p.m.

I'll spend the afternoon writing code for the 4.0 release of our current software offering taking into account suggestions sent in from customers and the input from our advisory council.

I love the ability to challenge myself, learn about things I didn't know before and applying that knowledge into a tool that other use to do their range of projects and dedicated tasks. If I and my team do this right their projects will be a little less cumbersom and their tasks less 'tasking'.

Did I mention I loved my job?

Unfinished Fiber Optic Systems

I use to work for a company called SIECOR (now called Corning Cable Systems) out of their Hickory, NC location.

I worked for their field engineering division. After companies would buy the fiber optic cable we would follow along later and splice the cables together and put on the connectors once the cable was strung.

This was a great job, but a lot of work and even more travel. We did jobs that took months to complete in Ohio, California, New York, all over.  These were networks for intelligent traffic systems, cable TV networks, even college campuses like UC Davis.

I must say that here around Long Island, NY there is way too many of the situations in the image above where the minimum number of splices were made to do the local ‘drop’ (terminate a fiber or two) and the excess cable is just rolled and left to the elements.

With regards to the technology, there is nothing wrong with this. These cable systems need lots of excess to counter cables that break or to expand on the capabilities of the network at a later date. But there are better ways of doing this.

Notice the little loop mechanism next to the large loop of loose cable. We called these ‘snowshoes’ and is an excepted way to hang the excess cable slack. You slide the two ends closer together and you’ll get the slack you need.

The large loop is susceptible to excess weight during snowfalls, ice will form creating an additional hazard; it is just unprofessional and quite frankly irresponsible for the company who put in this network.

I sure hope that over the summer I’ll be able to see all these loops of slack cleaned up in some way.

Corning Cable Systems | Americas Home

Early Morning Yesterday



Memorial Day 2012

Dawn had just broke.

The sun was pushing back the clouds that had covered our town for the past three or four days. It was up far enough to lighten the sky, but not so far as to turn off the lamps.

The streets are still quite.

Monday; only a few would be stiring today, after all - it is a holiday.

Memorial Day.

In just a little while there will be marching bands and boy scouts, little league teams and the woman's auxaliary all participating in making some noise.

But for now; for this moment of dawn it's quite.

Time for me to remember Vincent and Shawn; Robert (Bobby) and Paul; and all those others.

Memorial Day 2012



Modern Shotgun Wedding - True Story

For the Record (this is a true story) 

I’m in kind-of an odd mood tonight; what I’m about to tell you is 100% the truth, albeit it may seem odd to some.

It is the mid-1980s.

I’m on recruiter duty in Roseville, CA.

Those who know the military will tell you; those who get picked for either recruiter or drill-sergeant duty are the top 5% of their peer group. I had gotten out of drill-sergeant duty just a few months earlier, but I couldn’t get out of recruiter duty.

So off I went. I was in Indianapolis, IN at the time the world series was interrupted by an earthquake. It was only days later that I would be notified that I would be on recruiter duty in my home town of Roseville, CA.

I  was a good non-commissioned officer; my career was on track to be a command sergeant major some day; this assignment screwed everything up in more ways than one.

So there I am, stuck in Recruiter Duty and wanting to be anywhere else.

Doing the best I could.

Along comes Mary.

She had dated the guy in my assignment prior to me, but I didn’t know it at the time. We meet, she was lovely. We dated.

Early in the morning she would show up at my apartment on her way to work or boink my brains out.  For a GI that was great.

And this went on for a few months.

I was really in hog’s heaven. Soon, I started dating her in earnest, this included attending church with her on Sunday where her father was the pastor.

One Sunday, when her father preached the evils of premarital sex she went to the front and “confessed” to God and the entire congregation that she had been having premarital sex with me and that she was pregnant.

So there I was; with no regard to me whatsoever she sucker punched me.

I didn’t know she was pregnant.

The next few days was a fire-storm of nothing more explanatory other than ‘crap’.

Her father called my commander. People actually stopped by the recruiter station (where I was the junior NCO) and asked me what my intentions were.

I got called into the commander’s office and asked how I was going to “fix” this; the only way was to marry the girl.

With the pressure of the community and that of my commanding officer – this is about as close to a modern shotgun wedding as one can get.

She left me just a few years; I should have told the Judge the reasons why I married her in the first place.

Denial-of-Service Attacks

There are always stories during the evening news and columns of information in newspapers about attacks on websites.

This seems to alarm a lot of people; so I thought I would take a moment and explain what the most common of these attacks are and how they effect you.

The most pervasive “attack” is called “Denial-of-Service”. This is where someone writes a little program that asks a website to do something over and over again, as such speed that it does not have time to respond to other legitimate requests.

We’ve all been there; in a restaurant waiting on our server to stop by, but he or she is too caught-up with another customer who is monopolizing the server’s time so they can’t respond to the other customers in their area.

This customer who is being the jerk is denying you of service.

This happens mostly to those online services offered by government agencies who have to open their web application up to the general public, so you see this a lot with the IRS, Medicare, things like that.

The entities executing such attacks are not looking to steal any of your information, they are just trying to make a political or social statement.

So if you see this in the news don’t be too overly alarmed.

There are some of these attacks done against free service email addresses and alike, those too are more a pest than a problem. I’ll discuss those in a later post.

For more information about denial-of-service attacks click the link below.

US-CERT Tip ST04-015 - Understanding Denial-of-Service Attacks

Device may inject a variety of drugs without using needles

This news out of MIT is not news.

The military has been using air injectors since I went to basic training back in 1981. We would roll up both of our sleeves and stand in a line. As we moved forward there were individuals standing on both sides of us with these air injectors.

Some guys flinched, when they did the air gun would shoot their load and cut open the guy’s arm.

To this day I have pits on both sides of my shoulders where I got those shots.

These guys from MIT haven’t come up with anything new. In fact they have invented a way to better transmit bacteria from one person to another.

Health Warning: CLICK HERE

The full story from the MIT website is linked below.

Time For Shots

Device may inject a variety of drugs without using needles - MIT News Office

Is Facebook going to buy Opera, make its own browser?

This story that appeared on the Internet over the weekend on sites like The LA Times (link below) and others concerns me.

To date – the programmers of Facebook have not invented anything. What they are really good at is taking established technologies (php, sql, jquery) and applying them to an application.

Like a painter of landscapes. They take tubes of oil paint and apply them to a blank canvas to create a wonderful, inspiring picture.

The painter of the wonderful scene did not weave the canvas, stretch it over a frame they made, applied paints they created with brushes they crafted.  And that’s fine, the final product is what is important.

If Facebook is to buy Opera they are going to have to dive deeper into the nuts-n-bolts of actual programming. They will more closely have to pay attention to the standards of W3, operating systems, guidelines of OWASP and more.

I’m not saying that they can’t do it, I am saying that it isn’t a match to their core capabilities they have demonstrated thus far.

It will be interesting to see how this unfolds.

Is Facebook going to buy Opera, make its own browser? - latimes.com

US hackers take cyber war to al-Qaeda sites

Am I the only one who is a bit alarmed? Not with the fact that the United States government hacked al-Qaeda web sites, but the fact that it was the State Department who did it.

This news was released during a press conference by none other than our Secretary of State; the person who we will be turning to to perhaps conduct peace negations if the opportunity arises.

 

Even if the US is going to take on the tactics of hacking enemy web sites to sway public opinion or to perform some kind of counter intelligence this function it should be done by members of the US military, perhaps the Signal Corps who employ a special operations section just for this purpose. (as was the case here)

Never should our State Department engage in activities other than those with peaceful intentions.

I understand and support actions against those who wish to put my head on a stick, but there needs to be some kind of separation between conducting war and obtaining peace.

US hackers take cyber war to al-Qaeda sites

What You Look'n At?

What You Look'n At?

Mama wasn't sure about having her young out in the first place. It was the first warm Saturday since the hatchlings had emerged and she knew they couldn't stay in the nest much longer.

Still, she was uneasy.

 

 

The trip from the nest underneath the bushes below the young oak tree was uneventful. Heck, it was only about sixty or seventy feet, but still a distance for the ones who's first trip out was this one.

 

 

Before the initial swim for the day some rest was in order from their trip so she settled in the sunlight of the new spring to recharge.

 

 

All of a sudden along comes this tall, two legged creature starts looming. Unsure of it's intentions she decided she needed to keep one eye focused, but unwilling to alarm the young'ns from their needed rest.

 

 

Eventually the creature moved off.

Legal Considerations - Social Media

President of LT Online talks about social media implications on corporations after chairing a round table discussion with the General Counsel of Go Daddy, Delta Air Lines and Walgreens.

Really Bad Picture Needs a Caption

I'm watching baseball playing with images on my PC.

By all rights this photo is bad... beyond "soft".

I'm thinking "Digging For Home"... what caption would you put on it?

Digging For Home

Hackers Could Impersonate You – Here Is Proof

Here is a real-world example of how individuals can call a service provider and pretend they are you in order to gain access to home, accounts and more.

In this case a person called the hosting service for a web application the processed credit card payments and pretended to be the owner. The service accepted the verbal request to change the account credentials so the imposter could access the source code and database.

How does this apply to your life?

• Could I call your bank and pretend I am you?
• How about your home alarm service?

All I would need to know are simple things about you. Your name, date of birth, zip code; things I could find out very easily.

The burden is on the service provider. Do they allow telephonic inquiries about your account? Can I add account users over the phone?

While this event happened to a company – the principal could be applied to any one of us.

Hackers Impersonate Web Billing Firm's Staff To Spill 500,000 Users' Passwords And Credit Cards - Forbes

Anonymous Leaks Data & People Loose Perspective

We need to keep things in perspective here.

Some hacker got through to a US Department of Justice server that did nothing more than collect statistical data on the visitors to the site.

Information like what website referred them, their general geographical location, screen size; things that all websites collect so they can better understand their audience.

But because this was a US Department of Justice server the individuals who decide what the news is thought they would generate a few more readers if they clanged a few diner pots together and tapped into the fears of individuals who don’t understand computers and the Internet.

After all, what kind of damage is 1.7 GB of visitor information to a web site going to really provide someone? The average screen size or type of web browsers they had?

On the pretibial scale of 1 – 10 this information leak is a 1. But it makes for a provocative headline; don’t fall for it.

Anonymous hacks Bureau of Justice, leaks 1.7GB of data | ZDNet

Memorial Day 2012; Where Is Your Focus?

For the most part I'm a veteran of a period of our history identified as "The Cold War".

This experience gives me an appreciation for those who went before me and those who followed who gave their life to preserve the freedoms I have.

As we move towards this holiday weekend I would ask everyone to take a few moments and adjust their focus from the holiday aspect to the intent of the day which is to honor the men and women who have died to preserve freedom.

It is nice that communities set-up a statue and put names of these heros on a wall, but how often do we look at the statues and not the names?

Take a moment and adjust your focus. Incorporate a few of the names into your moments of reflection.

Hawk

So I'm at the park yesterday playing with my new camera and took this picture of a hawk circleing really high.

Took this with a 300x zoom, wasn't sure how it would turn out.

Cut it down - I think it would make a nice background for the top banner on a website. If you need something that is wider than this let me know.

IAVA - CNN: Paul Rieckhoff

 

Once again CNN has turned to Paul Rieckhoff of Iraq and Afghanistan Veterans of America (IAVA) as expert in the field of military experience.

Here is a quote from the current interview about National Guard soldiers returning and looking for employment:

“Before 9-11 National Guard units almost never deployed, didn’t go to combat, and for the most part you had one weekend a month and two weeks in the year. Now you have National Guard units which have been deployed three times for a year. They’re not weekend warriors, they are full-time warriors now.”

I believe Mr. Rieckhoff needs to look at the number of soldiers who were deployed during the Korean and Viet Nam conflicts and research what happened to the National Guard units in the 1940’s before he sells veterans of his father’s and grandfather’s era.

If you are going to speak with authority on a subject better know that subject. The soldiers who server in the National Guard need assistance in finding employment; this I agree with.

Don’t miss quote history in order to make yourself sound more important.

I have a number of other issues with IAVA, this Rieckhoff fella is number one on the list.

One Man Boat Race

I purchased a new camera this week and have viewed some of the online courses on Lynda.com in photography and thought I would go out this weekend and try some of the things the courses pointed out.

I had always been intrested in the hobby. For a short period of time I was an Army Journalist (71Q) and then worked for the Taylorsville Times for a couple of years where we had to take and develop the photos for the stories Lee Sharpe sent us out to cover.

I wanted something of intrest to take pictures of so I go onto the Internet to the Eisenhour Park calendar of events and saw that the model boat club was going to have a race.

I thought great, fathers with sons, model boats, a nice spring morning. Should prove to be a nice subject to play around with exposure times, shutter speed, all those things I had viewed on the instructional videos.

At dawn I start headed toward the park. I wanted to get the sun rising and actually got a few neat shots with the beams of the early morning light reflecting off train tracks, burning the dew off the grass on a golf course and some others I'll post later.

But the boat race was a bit dissapointing.

Only one guy showed up.  So I guess at the end of the day I got pictures of the winning boat.

You gotta be kidding me.....

Now the news comes that hackers have stolen fake money.

Fake money....

This is a service where people purchase 'coins' that are used to trade for other goods and services. A fake economy.

According to the WhoIs search from Network Solutions this attempt to corner the internet economy is one K.K. Tibanne of Shibuya (Toyko) Japan.

Along with the fake coinage user's names, emails and trade history were taken. According to Computer World the passwords were all encrypted, but it said nothing about the credit card accounts of those who had purchased the online trading money.

Not-for-Nutt'n; sorry the user's information was taken, but I'm not getting too excited over this. If their application security was this bad it is a good thing they were taken down.

Computer World Story

LifeLock - Government Sanctioned Rackateering

LifeLock is not really a company that is always monitoring your identity. About all it can do is query the credit reporting companys for inquiories made against your social security number. I have a service through my bank (USAA) which will do the same thing for a lot less money then LifeLock.

I really think with the comericials they are really playing on individuals fears, which I hate more than any other sales tactic.

Refrence on other information: Click Here

Consider for a moment the small print that appears on the bottom of the screen during their comercial. No commentary here, judge for yourself....

• No one can prevent all identity theft
• Checking and savings account takeover alerts require LifeLock Ultimate membership
• Network does not cover all transactions and scope may vary
• No one can prevent all identity theft
• Guarantee applies only if you become an ID theft victim because of a failure in our identity theft service. Restrictions apply. See LifeLock.com for details. Due to New York State law restrictions this LifeLock service guarantee cannot be offered to residents of New York.

Organizations which play of individual's fears in order to make money is nothing short of rackateering. LifeLock.com is the MOB operating as a corporation.