When I wrote my column on treet (like spam only in blogs) I would have though that the morons who distribute this stuff would have got the message. Hello! I'm hostile to your business model. Lo and behold! They are at it again. This time it's a doozy.
The latest unwanted garbage in the comments section of my blog promises to help you earn a degree in two weeks. The "degrees" that you can "earn" run the gamet from a simple BA to a PHD. Take note, not a B.A. or Ph.D. Now, my bachelors took 4 years to accomplish and my wife's Ph.D. took something like an additional 6 years. Since I know we are not slow learners (most people with doctorates aren't) I can only assume that Ph.D. and PHD are not the same thing.
If you have the wherewithal to get an Internet connection going and bother to read through blogs, are you really that below average in intelligence? I doubt it. Who then is actually calling this number? So, I said to myself,"How about me?". I called.
The message only identified them as "The University". No other name. Like "The Village" in the old TV show "The Prisoner". I was expecting to hear "For Number 2, press 2. For Number 6, press 6. For number 1... that would be telling". If you haven't seen the show then that's too bad. Go find it. Watch it. Love it.
Anyway, all I was able to get was an answering machine. Always a bad sign. The messaged asked for two phone numbers and an e-mail. That's much more information than most answering machines ask for. Hmmm... I tried again. The message said that you could dial your party's extension at anytime and it would connect you. Liars! I tried an old voice mail trick. Usually if you dial a "0", "*" or "#" you get an operator. Nope. 0 repeats the opening message, # doesn't register, and the number 1 just cuts to the answering machine. Hmmm again... Any other number is ignored (despite the fact that some of them had to be extensions) and * asks for a PIN code. That indicates that it's a cheap answering machine not a professional PBX. In any event, you can't do anything but leave a voice mail and there's no way I'm doing that. Especially with a "university" that doesn't have a name. I don't need the guys in black boots coming for me in the night.
All the while I kept wondering, who could possible think this is for real? That got me thinking. Who actually responds to these things? Do the marketers of these phony degrees actually think that my gentle readers are this stupid and gullible? Is anyone this gullible? Phishing I get. Some of those phishing e-mails look very real. I can see how even a smart person could get caught by a phisher. But this? It simply doesn't make sense.
A quick google of the number shows that this same message has been planted like a kudzu in many other blogs, mostly technology-oriented ones. That makes it even more puzzling. Technology people tend to be educated and intelligent. Even if they needed additional degrees, they couldn't possibly be scammed by this. Once again, treet is a waste of time in ways that spam and phishing aren't. That makes it seem just that much more stupid. A traditional con man or grifter has to pick their mark carefully. If the mark is suspicious, too smart, or even too experienced, then the scam won't work. I can't imagine anyone capable of operating a computer being that inexperienced, gullible, or just plain dumb.
This simply confirms my initial hypothesis. The people that treeters are trying to scam are not the stupid ones here. It's the treeters themselves that are dumb. So, if any of you treeters are out there, contact me. I'm dying to know how you make money at this. Even Bill Gates, who seems to be able to make money at almost anything, probably would be interested. Oh, and I have a bridge in Brooklyn that you might be interested in. Real cheap. Trust me.
Showing posts with label security. Show all posts
Showing posts with label security. Show all posts
Monday, May 15, 2006
Wednesday, April 12, 2006
Security Built into Tape Drives
While I'm on the subject of security (see previous post), I did want to mention encryption and tape drives. Okay, I can hear lots of you out there (the few who read this anyway) saying, "who cares?" Tapes are going the way of Homo Neanderthalensis - a dead branch on the evolutionary tree. While it's true that disk-based backup systems are spreading like nuclear ambitions in the third world, tape is by no means history. If nothing else, there will always be the need to move data offsite, either to archive or as primary backup. Tape is, for the foreseeable future, the best way to do that. It's fast enough and cheap enough and for many, that's enough.
The problem with tape is that it has a tendency to, shall we say, wander off. Sometimes it simply gets lost in transit for a few days (thank you ABN-AMRO Mortgage for adding a special kicker to everyone's already heightened sense of paranoia). Other times it gets lost permanently. You can ask Iron Mountain about that. Tapes that go on walkabout often have help from us humans types as well. Sometimes it's just stupid human tricks but other times it's theft with a purpose.
So the obvious thing to do is to encrypt the data that goes on a tape. While I just finished railing about the need to do that, the truth is that encrypting data can slow down a system and for some people, that's unacceptable. Since everyone should be doing encrypting tapes, shouldn't it be a feature of the tape drive? Something, like parity checking, that happens automatically. Like breathing. And built into the hardware. That way encrypting tapes would be fast and ubiquitous.
Well, it's coming and none-to-soon. Chips that encrypt data quickly have been around for eons. It would seem that this is something that would have been stuck onto a tape drive before. I suppose it adds some small cost and tape drive vendors worry that it will become a checklist feature i.e. something people will expect but not want to pay extra for. Oh well. That's life in the technology game.
So to you tape drive folks. I know you are trying to make money pennies at a time but you are going to have to add this feature. As soon as one of does, all of you will have to. You'll have about a year when you can charge extra for it then, no more. Might as well be the first on your block and win new customers.
The problem with tape is that it has a tendency to, shall we say, wander off. Sometimes it simply gets lost in transit for a few days (thank you ABN-AMRO Mortgage for adding a special kicker to everyone's already heightened sense of paranoia). Other times it gets lost permanently. You can ask Iron Mountain about that. Tapes that go on walkabout often have help from us humans types as well. Sometimes it's just stupid human tricks but other times it's theft with a purpose.
So the obvious thing to do is to encrypt the data that goes on a tape. While I just finished railing about the need to do that, the truth is that encrypting data can slow down a system and for some people, that's unacceptable. Since everyone should be doing encrypting tapes, shouldn't it be a feature of the tape drive? Something, like parity checking, that happens automatically. Like breathing. And built into the hardware. That way encrypting tapes would be fast and ubiquitous.
Well, it's coming and none-to-soon. Chips that encrypt data quickly have been around for eons. It would seem that this is something that would have been stuck onto a tape drive before. I suppose it adds some small cost and tape drive vendors worry that it will become a checklist feature i.e. something people will expect but not want to pay extra for. Oh well. That's life in the technology game.
So to you tape drive folks. I know you are trying to make money pennies at a time but you are going to have to add this feature. As soon as one of does, all of you will have to. You'll have about a year when you can charge extra for it then, no more. Might as well be the first on your block and win new customers.
Monday, April 10, 2006
Encypt Everything!
Encryption is the encoding of information in such a way that it is useless to use. It renders plain text impossible to read. This is a very good thing if:
In all seriousness, there is a lot of information floating around that is not for public consumption. Let's be honest, most of us have a list of passwords around. Those who say they don't either use only one password for everything (dangerous!) or are lying. One of the things I find highly amusing is when companies have extravagant document control processes in place and don't bother to encrypt said documents when they sit on someone's hard drive. So much for watching your assets...
Encryption is an interesting way to secure information. It does nothing to keep the bad folks from getting to your data. Instead, it makes the data unviewable and unuseable. It is no longer worth the hacker's time or energy to try and get at something important. Why go through the effort when you can't read the file? Even if the hacker is lame enough to take something, they can't see it or use it so it doesn't matter. In fact, while some idiot hacker is spending time looking at data that they can't use, your network security wizards are tracking the fool down and reporting him to the FBI. Ha ha ha! You can tell, I don't have a lot of respect for hackers but that's another subject.
It is imperative that mobile devices use encryption. It's just too easy for someone to lose a flash drive or CD. If you are transporting confidential information, encryption is a must. This is especially true for backup tapes. If I have to read one more report of backup tapes being lost and data not encrypted, I'll scream. How many times do we have to get hit in the head before we decide to wear a helmet? Many times apparently.
Every time another company reports losing unencrypted backup tapes it makes us all look like idiots. Earth to IT. Come in please. Encryption is a cheap (or free) feature and a checkbox in the software. If your backups are too slow for encryption then they are too slow period and you need to rethink your backup strategy. It's criminal not to use encryption.
The same is true for desktop files. There are lots of good solutions for encrypting files, either individually or through an encrypted drive. Encrypted drives are the easiest. The software creates a file, makes it look like a disk drive and - voila - encrypts anything sent to it. It is so easy that even your average end-user can figure out how to use it. Of course, you usually need to remember a password. Oooohhhh my gawd! How hard is that?
Many of the solutions are pretty inexpensive too. One software package that I like is TrueCrypt. It works great and it's free open source software. That's right friends - Free! It even comes in Windows and Linux flavors. You mount a file, partition, or entire device (like a flash drive hint-hint) and everything is encrypted. Safe. As in "no worries".
So, there are no more excuses left. Either encrypt or be made the fool. And let's be honest, who wants to have to say to the CEO "Um, sir. About those backup tapes..."
- You have sensitive information you don't want anyone to see. Some examples might be contracts, design drawings, new product information, or bookmarks of web sites that your wife would not approve of.
- Really believe that someone might be able to see this sensitive information.
- It is even remotely possible any one who could see your sensitive information would care enough to look at it.
In all seriousness, there is a lot of information floating around that is not for public consumption. Let's be honest, most of us have a list of passwords around. Those who say they don't either use only one password for everything (dangerous!) or are lying. One of the things I find highly amusing is when companies have extravagant document control processes in place and don't bother to encrypt said documents when they sit on someone's hard drive. So much for watching your assets...
Encryption is an interesting way to secure information. It does nothing to keep the bad folks from getting to your data. Instead, it makes the data unviewable and unuseable. It is no longer worth the hacker's time or energy to try and get at something important. Why go through the effort when you can't read the file? Even if the hacker is lame enough to take something, they can't see it or use it so it doesn't matter. In fact, while some idiot hacker is spending time looking at data that they can't use, your network security wizards are tracking the fool down and reporting him to the FBI. Ha ha ha! You can tell, I don't have a lot of respect for hackers but that's another subject.
It is imperative that mobile devices use encryption. It's just too easy for someone to lose a flash drive or CD. If you are transporting confidential information, encryption is a must. This is especially true for backup tapes. If I have to read one more report of backup tapes being lost and data not encrypted, I'll scream. How many times do we have to get hit in the head before we decide to wear a helmet? Many times apparently.
Every time another company reports losing unencrypted backup tapes it makes us all look like idiots. Earth to IT. Come in please. Encryption is a cheap (or free) feature and a checkbox in the software. If your backups are too slow for encryption then they are too slow period and you need to rethink your backup strategy. It's criminal not to use encryption.
The same is true for desktop files. There are lots of good solutions for encrypting files, either individually or through an encrypted drive. Encrypted drives are the easiest. The software creates a file, makes it look like a disk drive and - voila - encrypts anything sent to it. It is so easy that even your average end-user can figure out how to use it. Of course, you usually need to remember a password. Oooohhhh my gawd! How hard is that?
Many of the solutions are pretty inexpensive too. One software package that I like is TrueCrypt. It works great and it's free open source software. That's right friends - Free! It even comes in Windows and Linux flavors. You mount a file, partition, or entire device (like a flash drive hint-hint) and everything is encrypted. Safe. As in "no worries".
So, there are no more excuses left. Either encrypt or be made the fool. And let's be honest, who wants to have to say to the CEO "Um, sir. About those backup tapes..."
Tuesday, March 14, 2006
Treet! Almost as much fun as Spam.
The inspiration for this column came from, of all places, this blog. I occasionally will look through the comments left on this blog, the paucity of which convinces me that I'm only writing this for myself. A few weeks ago, there was a comment posted to the column on ILM. "Hooray!"I said to myself "Someone actually reads my drivel!" Alas, it was someone leaving the blog equivilant of spam.
We all know spam, right? That unwanted junk that shows up in our e-mail boxes full of fabulous offers to make us rich - if we will only help a Nigerian Prince transfer millions to our bank accounts - and to assist us in pleasing our spouse (nudge nudge, wink wink). Some spam is almost worth reading, if for no other reason then the comedy. Most, however, clog up our e-mail like hair and soap in a drain.
So, just as I figured that the bottom feeder purveyors of electronic mucous can't dip any lower, along comes something new - spam in my blog comments. Only, it's not very inventive spam, not particularly enticing, and not even entertaining. It is near-spam. Hence the title's analogy, for we all know that Treet is another company's version of Spam but not real Spam. I'm sure that the vermin infecting my blog think they are being clever by trying to make it look like a real post but they are not fooling anyone. It's like a rat masquerading as a squirral and wondering why everyone is staring at its long naked tail.
What I don't get is what they hope to accomplish. With real spam, you play a numbers game. Spam is so cheap to send out that if only a tiny fraction of the most gullible respond, you've done your job. Granted, your job is about as popular as a Roman tax collector in 5 B.C. but hey! we all have to eat. With treet, you have to hope that I'm (just me) particularly stupid or silly. How many people will actually read the comments in a blog, let alone the comments in a blog about technology from a relatively obscure analyst? Not the millions you need to make spam worthwhile. It seems like a proposition with a low return on investment.
Of course, if enticed by the treet, it pays to consider that it is unlikely that people who are spewing it out are not reaching much of an audience and most probably wasting their time. This is much the same way you need to consider what is in real Treet (or Spam) before deciding to eat it. You can't pop open a can of Treet, have lunch, and then complain that you don't like ham. If the method of marketing is this lame, it says something about what any business proposition (or other type of proposition) would be worth. Less than a can of Treet I would think.
So, while not nearly as low or dispicable as black hat hackers, virus makers, con artists, and ancient Roman tax collectors, these treet people are pretty close to the bottom rung of the social ladder. Worse, they are not even good con artists and scammers. I've seen better out of street people in Buffalo, NY.
To end, I would ask that the people who feel the need to dirty up my blog comment space with this trash, stay away. And while you're at it, how about leaving everyone else alone too. Go bother the folks at MSNBC or CNET. At least someone is reading those blogs.
Note: I have nothing against real Treet or Spam or any of the other fine product from Hormel or Armour. I don't eat either but who am I to say what someone finds delightful for lunch. Having eaten cold Spam out of a C-ration can, I can tell you that there were times I was really glad there was Spam. But not spam (small s). In no way do I mean to imply the companies that make these fine products, or the people that eat them are bottom dwelling, blood sucking lampreys. I reserve that for the spam (small s) and treet (small t) folks. Thanks!
We all know spam, right? That unwanted junk that shows up in our e-mail boxes full of fabulous offers to make us rich - if we will only help a Nigerian Prince transfer millions to our bank accounts - and to assist us in pleasing our spouse (nudge nudge, wink wink). Some spam is almost worth reading, if for no other reason then the comedy. Most, however, clog up our e-mail like hair and soap in a drain.
So, just as I figured that the bottom feeder purveyors of electronic mucous can't dip any lower, along comes something new - spam in my blog comments. Only, it's not very inventive spam, not particularly enticing, and not even entertaining. It is near-spam. Hence the title's analogy, for we all know that Treet is another company's version of Spam but not real Spam. I'm sure that the vermin infecting my blog think they are being clever by trying to make it look like a real post but they are not fooling anyone. It's like a rat masquerading as a squirral and wondering why everyone is staring at its long naked tail.
What I don't get is what they hope to accomplish. With real spam, you play a numbers game. Spam is so cheap to send out that if only a tiny fraction of the most gullible respond, you've done your job. Granted, your job is about as popular as a Roman tax collector in 5 B.C. but hey! we all have to eat. With treet, you have to hope that I'm (just me) particularly stupid or silly. How many people will actually read the comments in a blog, let alone the comments in a blog about technology from a relatively obscure analyst? Not the millions you need to make spam worthwhile. It seems like a proposition with a low return on investment.
Of course, if enticed by the treet, it pays to consider that it is unlikely that people who are spewing it out are not reaching much of an audience and most probably wasting their time. This is much the same way you need to consider what is in real Treet (or Spam) before deciding to eat it. You can't pop open a can of Treet, have lunch, and then complain that you don't like ham. If the method of marketing is this lame, it says something about what any business proposition (or other type of proposition) would be worth. Less than a can of Treet I would think.
So, while not nearly as low or dispicable as black hat hackers, virus makers, con artists, and ancient Roman tax collectors, these treet people are pretty close to the bottom rung of the social ladder. Worse, they are not even good con artists and scammers. I've seen better out of street people in Buffalo, NY.
To end, I would ask that the people who feel the need to dirty up my blog comment space with this trash, stay away. And while you're at it, how about leaving everyone else alone too. Go bother the folks at MSNBC or CNET. At least someone is reading those blogs.
Note: I have nothing against real Treet or Spam or any of the other fine product from Hormel or Armour. I don't eat either but who am I to say what someone finds delightful for lunch. Having eaten cold Spam out of a C-ration can, I can tell you that there were times I was really glad there was Spam. But not spam (small s). In no way do I mean to imply the companies that make these fine products, or the people that eat them are bottom dwelling, blood sucking lampreys. I reserve that for the spam (small s) and treet (small t) folks. Thanks!
Subscribe to:
Posts (Atom)
Posts
