Author and IT Consultant since 1986

Google is seeking one or more communities in which to develop an experimental broadband high-speed fiber network. Google is interested in hearing from state, county, and municipal agencies in order to determine where to develop this network.  I’ve been trying to raise community awareness of this for several days.  So far, I don’t think I’m getting through to anybody.

Below is a copy of an email I’ve been sending to community leaders.  On February 16th I sent it to the Michigan Works Association, The Genesee County Board of Commissioners, the Genesee FreeNet, and the Economic Development arm of the Genesee Regional Chamber of Commerce.  I also placed a call to the Genesee FreeNet (of which I’m a charter member) to make sure they got the email.

The message to the Regional Chamber of Commerce was to a generic office email address, and it bounced as undeliverable.  So the next day I sent the same email to various office-holders of that organization, including the CEO and 3 vice presidents of economic development.

At the time of this writing (evening of February 19th) I have received no reply.  I intend to send out more emails, and to follow some of these up with phone calls.

The letter:

Greetings from a hopeful Genesee County citizen. This email is meant to bring awareness to the fact that Google is seeking one or more communities in which to develop an experimental broadband high-speed fiber network. Google is interested in hearing from state, county, and municipal agencies in order to determine where to develop this network.

I believe Genesee County is the ideal place for Google to build out this infrastructure. Not only do we have the talent and drive to help Google achieve its goals, but we understand the economic and cultural importance of a connected community. For example, we founded the Genesee FreeNet over 15 years ago, and it still exists because of the knowledge and generosity of its volunteers and members.

I know there have been efforts by insightful groups of people to develop community-wide broadband access in the past. Perhaps this initiative from Google can serve as a springboard toward realizing that worthy goal.  Time is unfortunately short. Google is asking for input between now and March 26th before making its decision. Please visit the site, watch the short video and read the introduction Google has prepared. We then need to bring to bear all powers of persuasion possible, to convince Google of the wisdom of investing in Genesee County.

Google Fiber for Communities:

http://www.google.com/appserve/fiberrfi

–
Joe Poniatowski
Charter Member, Genesee FreeNet

If you can think of anyone else who can help make Genesee County the site of an exciting new model of high-speed interconnectivity, either pass this information on to them or send me their contact information and I’ll do it.

Rumors have been circulating for months that facebook would begin charging a monthly fee for usage beginning some time in 2010.  The idea that the site, beloved by millions of members, might no longer be free carried so much momentum that hundreds of thousands of facebook users have joined groups protesting any such move.

Facebook spokespeople have repeatedly denied the rumor, stating that ”We have no plans to charge users for Facebook’s basic services.”   Note that this wording doesn’t say that they will never charge for anything, or that the definition of “basic service” may be subject to change, but it does refute the idea that facebook would begin charging a monthly fee.

This is just another example of the gullibility of the masses when it comes to the Internet.  The whole notion that facebook would begin charging money appears to have originated with this hoax email.  Rule of Thumb – any email message that intends to incite fear, raise awareness of impending disaster, promises some reward for forwarding it, or nearly any other message meant for mass distribution should be checked out.  Snopes.com is a good starting place.

Encrypting with TrueCrypt

In an earlier post I wrote about some of the free encryption options for PC users.  One of the products I talked about was TrueCrypt, and others agree with me that it is a good option for data encryption.  I decided to take it a step further, and wrote a How-To article using TrueCrypt.  It’s a pretty detailed beginner’s guide to creating encrypted volumes on a Windows PC.  Performing the same operations in Linux wouldn’t be that different, since the interfaces are very similar.

Free Virtualization Options

One of my Suite101 articles covers the Benefits of Virtualization on PCs.  The benefits are summarized here:

• Run Alternative Operating Systems
• Safer Internet Browsing and Banking
• Software Testing on VMs
• Customized VMs for Multiple Users
• Snapshots for Easy Backup and Restore

Again deciding that an easy to follow beginner’s guide was warranted, I wrote a Tutorial for getting Linux running in a Virtual Machine on Windows, using VirtualBox.

Encryption and Virtualization for Configuration Management

Both of these technologies can play an important role in config management.  Configuration files containing server information, passwords, etc. are often necessary in the deployment of applications.  Leaving them in plain-text is an invitation for disaster.  Sooner or later, someone who shouldn’t will see the information and gain unauthorized access.  This doesn’t even have to be someone with malicious intent in order to be dangerous.  Some of the worst mis-haps in the tech industry have been caused by well-meaning employees who had more access than their role and expertise warranted.

Virtualization too has it’s advantages for a configuration manager.  If you can create VMs to represent the target servers and workstations, then you can develop, test, and tweak your deployment methods – particularly with respect to automation – without risking any real environment.

These ideas and articles just scratch the surface of the usefulness of encryption and virtualization.  The latter, especially, has a lot to offer in the workplace, including disaster recovery, remote control, backup and restore, etc.   Both technologies can increase the security and reliability of configuration management practices.

ABC’s new revamp of the sci-fi show “V” is set to debut in November. It has all the earmarks of a good science fiction drama series: aliens from outer space, strong characters, mysteries, and the underlying question, “are they as benevolent as they seem, or is there some underlying evil purpose they’re hiding?”

So, why am I not excited about it? I love science fiction, after all. The answer lies within ABC’s history. These same traits were present in an earlier ABC show, “Invasion.” Invasion was the first series to appear on TV in years that I was actually committed to watching every week. I, like millions of other fans, were shocked by ABC’s announcement canceling the show. Apparently, Invasion hadn’t done a good enough job of retaining the massive audience garnered by Lost, which it immediately followed. Even though it outperformed many other shows in ratings, rather than shift time slots and cancel something else, they canned Invasion.

I joined the multitude of viewers who cried “foul!” We sent letters and emails, signed petitions, and even tried to influence the Sci Fi channel (now called “SyFy”) when they briefly considered picking up the show from ABC. In desperation, we begged ABC to at least film a special final episode, closing the loop on some of the unanswered questions that the series left dangling. All for naught. Our protests fell on deaf ears, our petitions ignored, our emails unanswered (except for the occasional canned response).

Been There, Done That
So why should I get all fired up over this new series? Just to have the ABC execs yank the rug out from under me again? No thanks. I’ll stick to watching the occasional episode of heroes on NBC, and watching on-demand versions of Stargate Universe and (yes, I admit it) Warehouse 13 on SyFy.

One common objection people cite when discussing a switch from Windows to GNU/Linux (or FreeBSD, OpenBSD, etc.) is the fact that none of their programs work there. They’ve been led to believe that the programs they’re using are the only ones they can use, usually because of a work or school requirement.  Sometimes, they just don’t want to have to learn to use new software.  The fact is, most of the free software available for Linux also runs on Windows.  Another point is the fact that most of the productivity / office software available for free can import and export files usable by Microsoft Office, or offer even higher degrees of compatibility.

To ease the transition from Windows to Linux, users can start implementing the open-source alternatives to commercial software while staying within the Windows operating system.  As they master each piece of software, they can adopt the next one, until they’ve completely weaned themselves from the commercial variants. [click to continue...]

I previously reported that I had become a contributing writer on Suite 101. For my first article, I decided to summarize some of the Best Free Encryption options available for computer users.  I covered the pros and cons of Encrypting File System (EFS), TrueCrypt, and GnuPG.  Here’s the quick rundown:

• EFS: OK for Windows users who aren’t using a home / basic edition of Windows.  Can’t encrypt on removable devices.
• TrueCrypt: Good for encrypting not only sections of the hard drive (or entire partitions), but also removable media like thumb drives, CDs, etc.  Encrypted emails possible, but not ideal.
• GnuPG: Best for end-to-end encryption of data at rest and in transit (via email or IM).  Most complex to set up, but messages can only be decrypted and read by the intended recipient.

For download links and full details, please check out the entire article.

Various security vendors are reporting a significant drop in the percentage of emails comprising phishing attacks lately.  For example, Kaspersky Labs noted a 37% drop from 1st quarter to 2nd quarter this year.  They attribute the drop to better security tools like spam filters, and anti-phishing technology showing up in the latest browsers.  I’d like to think it also has something to do with the Internet’s user base getting smarter about phishing and other types of on-line fraud.

The news is welcome, to be sure.  The trouble is, the cyber criminals aren’t just giving up because phishing has become less profitable.  Most of them are turning to more sophisticated “crimeware” in order to swindle you out of your hard-earned money.   If they can’t trick you into giving them your bank account number and passwords, then they’ll try to get them by using key-loggers and banking trojans.  And these tools are getting more sophisticated all the time.

Recently, security and hacker sites alike are a-buzz about a new botnet control framework called ‘Fragus.’  The features it advertises include encryption (to defeat signature-based anti-malware software),  a sophisticated control interface, customizable exploits, and real-time statistics showing the size and distribution of an operator’s botnet.  Zombie computers controlled by the operator not only are prone to deeper infection as the operator sends more trojans, viruses, etc., but they become conduits, used by the controller to spread the botnet to non-infected PCs.

So, while we can celebrate the drop in spam emails, just remember to keep your security tools up to date, and remain vigilant.  The war against cybercrime is still heating up.

Save 10% on Kaspersky AntiVirus 2010 Instantly!
Instant savings on KAV 1 pc, one year license Digital product Offer Expires 12/04/10

Coupon Code: No Code Needed!

The Apache Foundation shut down several servers last Friday when administrators discovered rogue processes running on one of their machines that serves websites. Investigation revealed that a compromised SSH key on a 3rd party hosting provider allowed attackers to access an account. From there, they were able to create files on an Apache Foundation server, and these files were then propagated to the web servers by automated processes.

A briefing on apache.org gives an overview of the method of attack and the steps administrators took to remove the malicious processes. The page includes the following statements:

“To the best of our knowledge at this time, no end users were affected by this incident, and the attackers were not able to escalate their privileges on any machines.
While we have no evidence that downloads were affected, users are always advised to check digital signatures where provided.“

The Apache admins were able to restore from backup to their web servers, and bring the site back online.  They report that some servers remain offline for further investigation, but that most site functionality has been restored.

The Apache Foundation deserves some applause for being open about the attack and the steps they took to combat it.

One take-away from this incident: protect your private keys.

I’ve been considering joining Suite 101 for a while now, after reading lots of comments on different writers’ forums.  Some found it difficult to join, some found it hard to get articles through the stringent editorial standards, but most agreed that the residual earnings were much better there than on other sites like Associated Content or Helium.

Well, I took the plunge, applied, and was accepted the same day.  I submitted an article the next day.  The second day I received notice that my article was “great” but needed a few revisions.  Namely:

• Break the paragraphs up – ideally close to 75 words
• Add keywords to the subsection headings
• Remove the few occurrences of 2nd person form (“you” and “your”).

Once I made the changes and re-submitted, within one day the article was published.  Now I just have to come up with 9 more articles in the next 3 months, and watch the money start rolling in.  That’s a joke.  But I will report back here whether the articles do indeed earn better on Suite than they do on the other venues where I’m published.