In matters concerning IT security, John Pescatore of Gartner is supposedly an expert. That may be so, but he evidently does not know the first thing about logistics.
According to this story, DaimlerChrysler Financial Services Canada lost a data backup tape when they sent it via UPS courier to a credit agency. Apparently, the tape was not encrypted - at least Chrysler have not confirmed so.
The story concludes with Pescatore's comments that Chrysler should have bought more insurance on the shipment, because "You can get higher levels of insurance on any items you’re sending, so if it's lost, stolen or damaged, you can get some financial payments back". More proof that these Management Consultant types don't have a clue what they're talking about: insurance does not guarantee delivery - the package would still be routed through the same hubs on its way to its destination; it does not give the package "special treatment" or "special handling instructions". Also, unlike the physical medium it travels on, the data itself cannot be insured - and even if it was, this copy has still gone astray.
This is the same guy who said that "Organisations should aim to spend less of their IT budgets on security". So, by buying more insurance for a shipment - instead of investing in encryption technology - an organisation is increasing its costs and, in the process, not decreasing the likelihood that sensitive personal data will fall into the wrong hands.
As someone once said... words to the effect of "Better to keep quiet and be thought of a fool, rather than to open your mouth and remove all doubt."
Way to go, Gartner!
2008-05-04
Posted by MiXBSD at 12:45 0 comments
2008-05-03
First there was the campaign for .nyc - a totally pointless call for yet another TLD for the City of New York. We have enough TLD's already - we don't need to pollute the namespace any further with city TLD's. If .nyc or .berlin get their way, who has the right to claim .bristol? The original one in the UK? Or Bristol, TN? Or Bristol, NB? The arrogance of these cities to think that they have the right to pollute the DNS namespace with this nonsense is astounding.
Now there's a story that Spamazon is suing NY State because of a new tax law that allows NY State to force online retailers to collect sales tax at the point of sale for goods shipped to NY residents. Normally, I wouldn't support Amazon (they're on my boycott list, generically, for being email spamtards) but I have to admit that Amazon are in the right here. Only an arrogant State Legislature would pass a law requiring a business in another state to collect taxes on the State's behalf.
It's also disappointing to read that this legislation was originally proposed by former New York Governor Eliot Spitzer. I had a lot of respect for the man - even when he was caught with his trousers down - due to his stance on spammers and telescum like Xentel Inc.
Still, this doesn't score as high in the hubris stakes as Judge Charles Kocoras of the IL courts, who suffers from a superiority complex: he was the one who returned a default judgement against Spamhaus, who don't even have a presence in the US.
Posted by MiXBSD at 22:30 0 comments
Labels: domains, Rant, spam, spammers, telejunkers
2008-04-26
Here's a current list of who I'm boycotting. Company names will be added on a per-incident basis and once added, they're highly unlikely to be removed (yeah, sometimes it's right and proper to hold a grudge).
- Company-specific:
- Sony and all its divisions.
- Creative Labs
- Dell Computers
- Generically:
- Any company that does business with Phorm.
- Any company that solicits business (or any organisation who solicits funding) through unsolicited advertising channels (eg. email spam, telemarketing).
Last updated: 2008-05-28
Posted by MiXBSD at 14:00 0 comments
2008-03-16
Funny how certain things come around on an almost-yearly basis. Virtually a year to the day, I was trying to get Festival to work in AstLinux without luck (actually, trying to get AstLinux to recognise my SB Live sound card was the real challenge).
Having some spare time to myself, I was Googling around to see what other flavours of Linux were being used with Asterisk and chanced upon some Ubuntu pages. Since my hobby servers are quite low-spec, I installed Ubuntu 2.6.15-51-server.
Soundcard was detected - I heard it pop when the box booted up and went through device initialisation. I did an apt-get install of Asterisk (haven't re-configured it yet) and got the Festival package and it worked right out of the "box"!
Very easy to install, although this is another Linux distro that seems to mess around with weird video modes, causing the console login prompt to be hidden off the bottom of the screen.
The only real gripe I had, was that after unhooking my hobby box from my monitor and putting it back downstairs in the basement, I found that I couldn't SSH into it. Turns out that even if you install the server (not desktop) version of Ubuntu, SSHD is not installed by default. Seems a bit silly to me - how else is one meant to access the server? So I took the monitor downstairs, apt-get installed openssh-server from the CD and everything's fine now.
Talking CID is not much of a project anymore, since I bought a pair of Panasonic phones last year and they handle the talking CID themselves. However, now that Festival is working, all I have to do is get Asterisk up and running and those "torture menus" will be good to go!
2008-03-09
Just reading an article about Nokia's plans to incorporate MicroShaft's SilverShite (my medial caps) onto their mobile platforms. Apparently, SilverShite can be used to develop RIA's, but then so can Flash. However, very little RIA's (of any use) are done in Flash - most of the time it's used to generate those annoying banner ads, like "Punch the Monkey" or some other such nonsense. Yet another reason to surf with FireFox with Adblock and NoScript installed.
Per the article, "Among the new functionality, RIA application developers and designers have the ability to better monetize their sites, and extend these applications to the mobile space". In other words, instead of using Flash to make ads, WebDev's can use SilverShite to push ads onto your cell phone.
It seems that everyday, some marketing droid is out to push their ads on you via cost-shifted advertising (AKA spamming). WAP surfing is expensive enough without the ads: on Primus, every 1KB of traffic costs 5¢ on pay-per-use, or the same cost per KB after you've gone over your quota if you're on a $3/month (256KB) or $7/month (1MB) data plan. It's the same rate on Rogers pay-per-use.
At $3/month (currently what I pay Primus) it won't take long to go over 256KB with sites laden with mobile ads. Perhaps they should be called "madverts".
2008-02-03
I recently acquired a second-hand BlackBerry 7290, which was fortunate timing as my Sony-Ericsson T226 was constantly complaining that the SIM card was dislodged, requiring a power-cycle.
The good news is that I didn't pay anything for the BB. Which is just as well, as it has less mobile data functionality than both the T226 (~3 years old, formerly on a Rogers contract) and my old T68i (that I bought in ~2002 and brought with me to Canada).
See, whilst the BB has a bigger screen for websurfing and appears to have GPRS, it won't let me connect to any websites. Why is it I can download pictures and midi files (T226 can use them as ringtones) on Rogers PAYG via WAP on both the T226 and T68i, but can't get jack all on the BlackBerry's GPRS? The BB is locked on the Rogers network, so there's absolutely no reason why GPRS on a BB should be any different to GPRS on a Sony-Ericsson. MidpSSH doesn't work either. Also, on the old Rogers firmware and the new version I installed, both did not have a browser icon, so I had to install OperaMini via desktop manager and USB.
One thing I did notice is that the config on the Sony-Ericssons asks for an APN, APN userid and password, plus an IP address. There's no IP address field on the BB.
My guess is that the BB can't WAP surf and instead relies entirely on BES or BIS for its MDS. Since BES/BIS costs more and is only available on contract, it seems that the BlackBerry is over-rated, at least for non-business use. In fact, that begs the next question: why does my BB show "GSM", then "GPRS" with the signal strength, if it can't do anything on GPRS?
Okay, I can't download pictures via WAP, so I try using the desktop manager. Nope, that doesn't work either, as it doesn't allow me to specify pictures to upload - all I can do is backup the entire device to one big file.
Hmmmm, what about infra-red? No... unlike my ~6 year-old T68i, the BB has no IR connectivity that will enable my laptop to send files to it.
Alright, it has BlueTooth. So I manage to pair the T68i and BB up, but can't do anything once the two are talking to each other. Can't even sync-up address books.
A-ha, what if I send the pics over MMS? No... the BB doesn't even recognise MMS messages and totally ignores them. As a point of comparison, I can MMS in both directions between both Ericssons and the wife's Motorola V220.
The only success I had was to use the directions given in this forum. It does work but it's a heck of a lot of effort.
My advice to anyone considering buying a BlackBerry for personal use: DON'T. I'm sure that with corporate BES or BIS, it's a productivity tool, but as a "standalone" phone/PDA it's useless without a[n over-priced] data plan.
Posted by MiXBSD at 23:15 0 comments
2008-01-23
Reading about Motorola's woes today, it comes as no surprise to see their share price drop by 23%. For the longest time, the market droids at Motorola stuck to the same old tired formulaic nomenclature. Eventually, even the fashion victims (the POSRs) grow weary of 4-letter, missing-vowel names.
LOSRs!
Posted by MiXBSD at 22:55 0 comments
2007-12-01
We've had Rogers cable for our internet connection for at least 6 years.
In the beginning, it was great. I'd tell the AOL-bies to get a proper internet connection, not a Mickey Mouse one.
Then Rogers started messing around with their network. Suddenly, DNS would stop working for hours at a time; email servers wouldn't work, or would take forever to send messages; stupid re-branding to "Rogers Yahoo!" etc. So, I installed my own SMTP and caching-DNS servers. Then Rogers started blocking port 25 outbound. So now I have to use webmail. Then Rogers starts frequently moving me around their IP space. I called them 3 years ago and they said they planned to introduce static IP's "sometime in the near future". Never happened.
"Their network, their rules", you may say. True. But when their own advertising states that their service is suitable for transferring large files, then they have no business traffic-shaping my connection to throttle BitTorrent.
This was the final straw. Aside from the fact that their internet connection prices are actually expensive, even after a bundled discount, I refuse to be screwed over any longer.
So, I am moving over to Caneris, a local DSL provider that is hobby-server and BitTorrent friendly. And, unlike Rogers, who didn't get a clue when I told them I don't like to be randomly moved around their IP space every so often, Caneris offers static IP addresses.
Another advantage to moving my internet away from Todgers (not a typo) is that I have one less reason to call them whenever my internet is down and have to speak to that god-awful voice-activated IVR system. On behalf of all the Rogers customers who have to spend ages on the phone talking to a deaf computer before even getting through to one of Rogers' inept script-monkey CSR's, thank you Ted Rogers.
It seems that there is an exodus right now too.
And it's not going to stop there: the next move away from Rogers will be to port my PAYG cell account away (probably to Primus Wireless, but not decided yet).
So, perhaps my blog title is not quite correct. It's not so much "goodbye", it's more like "good riddance".
Posted by MiXBSD at 14:30 0 comments
Labels: Caneris, customer service, DSL, internet, Rant, Rave, Rogers
2007-11-30
Following on from a post I made on Who Called Us, that proves my theorem of never trusting a company that uses numbers in place of words in their company name, it suddenly occurred to me that I might be able to coin a new term: "numeric homophone".
Unfortunately, someone else beat me to it, hence the unique single Google search result (or Googlewhack). Of course, by the time this blog post gets archived by Google, the term will no longer be a Googlewhack! <edit>After posting this opinion, Google archived this blog in 7 minutes!</edit>
I could've coined this term back in 2006, when I opined on the Sony Root-kit Fiasco. Oh well!
<edit>Hmmm, after looking at the Googlewhack website, it seems that the term is not a true Googlewhack if the search result is from two words enclosed in quotes. Seems like a silly rule to me, as quotes makes the search specific, as opposed to finding links that contain the words "numeric" and "homophone" in any order on the sites. As the Wikipedia article says, most Googlewhacks are nonsense words.
What's also strange is that when I removed the quotes, I actually got a search result for the words "numeric" and "homophone" right next to each other. In theory, these search results should have come back when quotes were used. In fact, this appears to be a bug, as the two words are sequential, but only inside a PDF file.</edit>
Posted by MiXBSD at 12:45 0 comments
Labels: Googlewhack, Rave
2007-11-09
For the Google archive, I am quoting a transcript of a telejunker's toll-free announcer:
<quote>
[1 second burst of music] You have reached our automated information system. You're probably calling one of our toll-free numbers that appeared on your display phone. Fund-raising efforts are now well under way and we will be calling you back to explain the programs we have for this year. Calling you is the most cost-effective way to reach our goal. If you prefer, contact our Customer Information Centre at [1-8xx-xxx-xxxx]. They will be glad to provide you with any further information. Those phones are staffed 9AM to 9PM Eastern Time. Goodbye for now.
</quote>
More information on this telejunker-for-hire can be found here (just follow the links, or search here or here).
If you've been contacted by a "charity" such as The Fraternal Order of Police ["FOP"] or a State Troopers' organisation, chances are you've been tele-spammed by Xentel DM, AKA Xentel Inc (in the US). Be aware that most of the organisations that Xentel calls on behalf of do not have charitable (tax deductable) status and even then, Xentel keeps ~80% or more of the donations.
Unfortunately, Xentel exploits/abuses a loophole in the law that allows non-profit organisations to harass scam call anyone, even if you have registered for the DNC list. The fact that Xentel makes millions of dollars a year in profit, doesn't seem to matter to either the FCC or the CRTC. It seems that only the state AG's do any real job of spanking these telespammers.
Posted by MiXBSD at 23:10 0 comments
Labels: Rant, spammers, telejunkers, telemarketers, Xentel