Survey: 8 in 10 businesses now using Macs

From Computer World

Nearly 80% of businesses have Macs in-house, nearly double the percentage that said they had users running Mac OS X two years ago, a research firm said today.

"Then, we were talking about onesies and twosies," said Laura DiDio, a research fellow at Yankee Group Research Inc. who conducted a survey of more than 700 senior IT administrators and C-level executives. "Now the number of actual users is very significant. A number of the businesses said that they had 50 or 100 or even several thousand Macs deployed."

In early 2006, when DiDio last polled corporate IT professionals on Mac deployment, 47% said that they had Apple Inc. hardware in their environments.

I think that in South Africa we are still a bit behind the curve as far as these types of adoption rates are concerned, but we can expect that SA will catch up. It's also interesting that one of the reasons given is hardware reliability.

.confusion: ICANN opens up Pandora's Box of new TLDs

From ars technica

By next spring, businesses and other organizations will be able to apply for any top-level domain they can possibly think of, like arstechnica.awesome or google.thegoogle. Joking aside, the Internet Corporation for Assigned Names and Numbers (ICANN) voted today in Paris on a measure that significantly expands the scope of generic Top Level Domains (gTLDs), allowing organizations to apply for almost any domain suffix they can dream up.

Up until now, the rules for TLDs are rather strict and tightly regulated. Beyond the typical .com, .net, and .org, there are only a handful of others TLDs that IP addresses can be registered under, including .tv, .biz, .mobi, and .us. Thanks to today's unanimous vote, however, the list of possible options will skyrocket. "What we're effectively doing is opening up huge amounts of online real estate," ICANN president and CEO Paul Twomey told the Wall Street Journal before the vote took place.

This has the potential to dramatically change the way we use the Internet. One of the primary reasons for the name to number system was to reduce complexity. This brings the complexity right back. At the moment one had a reasonable expectation that the site you wanted ended in .co.za, or .com. Then maybe you could try .net, .org, or .org.za. Now .msn, .mac, .apple, .ipod, .sex,, even .etc are all possibilities. Looks like Google is about to become even more of a friend.

First tier ISPs do battle

From My Broadband

MTN recently announced that it had entered into an agreement with Verizon Business to acquire 100% of Verizon South Africa. The company said that the acquisition was in line with its strategy to provide integrated communications solutions in all of its markets.

Vodacom Business has also recently indicated that it plans price reductions up to 80% of traditional international connectivity which will basically change the current business models of traditional ISPs and network service providers such as Internet Solutions and Verizon Business.

This is good news for connectivity in South Africa. Unlike the fake ADSL hearings that only strengthened Telkom, the new Seacom cable, Neotel and the activities of the Mobile carriers promise to really shake up the telecomminucations industry in South Africa. Keep in mind that the new players are aiming to take market share from IS and Telkom - that is what will make them aggressive players. Once the market has been shared equally, who is to say they will not become a cartel like the bread, cell, car, etc. industries in South Africa.

Sometimes, software isn't so magical. Even for Bill Gates.

From seattlepi.com

So after more than an hour of craziness and making my programs list garbage and being scared and seeing that Microsoft.com is a terrible website I haven't run Moviemaker and I haven't got the plus package.

The lack of attention to usability represented by these experiences blows my mind. I thought we had reached a low with Windows Network places or the messages I get when I try to use 802.11. (don't you just love that root certificate message?)

This is an extract from a mail sent by Bill Gates to some of his staff. Even Bill Gates has grief using Windows and Microsoft.com, proving that he is human after all. Read the entire rant at seattlepi.com.

Timeline: The Gates era at Microsoft

From Computer World

Bill Gates is pretty much synonymous with Microsoft Corp., which he co-founded and built into the world's largest software vendor and the IT industry's most influential company. But Gates is stepping away from his day-to-day role at Microsoft at the end of this month. Here's a brief history of his 33 years at the company.

Love him? Hate him? Adore him? Happy to see him go? It makes no difference. Bill Gates is a man who was in the right place at the right time and translated that into an influence on the way we all live our lives. At the end of this month he will stop day-to-day activities at Microsoft (he remains Chairman) and spend his time at the Bill and Melinda Gates Foundation. Those of us who cut our teeth on DOS will forever remember Bill Gates as the man who impacted our career, and he definitely made being a nerd more acceptable.

The link above is well worth a read, especially if you did not know the early, pre-Windows days of Microsoft.

Microsoft denies XP a last-minute reprieve

From Computer World

Microsoft Corp. yesterday laid to rest rumors that it might reconsider pulling Windows XP from retail shelves and from most PC makers next Monday.

In a letter to customers, Bill Veghte, the senior vice president who leads Microsoft's online and Windows business groups, reiterated that June 30 would be the deadline when Microsoft halts shipments of boxed copies to retailers and stops licensing the operating system directly to major computer manufacturers, or OEMs (original equipment manufacturers).

Microsoft will, however, still be supporting Windows XP for the next few years so all is not doom and gloom. I suspect that many people, like me, will continue to use XP, skip Vista, then move to Windows 7. I really think that Microsoft need to make a decision the way Apple did and develop an OS with no backward compatibility. Trying to support what is already a bloated and buggy system in every new release is just plain stupid.

Update 27 June 2008 from My Broadband

With just days to go before Microsoft finally stops selling Windows XP, the company has bowed to consumer pressure by agreeing to extend support for the operating system until 2014. Microsoft has also confirmed that Windows 7, the successor to its current Vista operating system, will be made available in 2010.

This is good news because we can continue to get support for XP. There will be less pressure, especially in the corporate environment, to rush to Vista.

One-third of IT Professionals Have Snooped on Co-Workers

From SANS NewsBites Vol. 10 Num. 50 (June 19, 2008)

According to a survey of 300 IT professionals, nearly one-third have abused administrative passwords to look at confidential information about their co-workers. Close to half of the respondents also said they had accessed information that was not related to their positions. Just 30 percent of administrative passwords get changed every quarter, while nine percent are never changed, meaning that even people no longer employed by the company can gain privileged access to the system.

ZDNet
Survey press release (not full results)

This is the perennial problem of who do you trust. IT workers have a special place in a workplace - they are the people who keep the systems running. As such they need access to all areas of those systems, including the data stored on it. They have to be trusted. If one third have violated that trust then things are in a sorry state indeed.

Let us also not forget employers that cannot be trusted.

Mac OS X Trojans Detected

From SANS NewsBites Vol. 10 Num. 50 (June 20, 21 & 23, 2008)

A recently detected Mac OS X Trojan horse program exploits a flaw in Apple Remote Desktop Agent (ARDAgent) to load itself as root and take control of vulnerable machines. The malware has numerous capabilities, including keystroke logging, opening ports in the firewall to evade detection, taking pictures with the built-in camera and turning on file sharing. Users can protect their systems by removing ARDAgent from its normal location and archiving it. A second Trojan affecting Macs pretends to be a poker application and tries to gain secure shell access to vulnerable machines.

SC Magazine
Computer World
The Register

[Editor's Note (Pescatore): Since Apple's market share at enterprises will double in 2008, this item and the Safari patches points out that Apple needs to make progress in its secure development life cycle, and enterprises must factor the cost of patching Apple PCs into the acquisition costs or in the costs of letting users use their own Macs for company business.
(Skoudis): The underlying vulnerability here is an old-fashioned SUID root program called ARDAgent that attackers can trick into running code on their behalf as root in a local privilege escalation attack. SUID root programs aren't inherently evil -- a normal system needs several of them for day-to-day operation. But if SUID programs aren't carefully designed and implemented, they could lead to this kind of attack. To get an inventory of all SUID root programs on a Mac or Linux system, you could run: "find / -user 0 -perm -4000". I'm sure attackers are searching for other Mac programs with similar flaws.]

This, and the Safari on Windows fiasco, shows that Apple is not inherently better than Microsoft at software and system design. Obviously Apple started from a more solid base when they decided to use BSD as the basis of the new operating system, but when one looks at the software they have implemented on top of that base one sees that they have a ways to go. SUID programs have been developed for a long time on Unix and there are reams of papers on how to do it securely. Apple have no excuse for getting it wrong.

Why We Have No Clue How Much Stuff Should Cost

From washingtonpost.com

The day Steve Jobs announced the new iPhone, I drove home from work nervous. I imagine that lots of first-adopter-types felt a similar queasiness at the idea of walking through the front door and rationalizing to their spouses that it wasn't enough to own just the first iPhone. Now we had to have the second.

My wife was watching the network news and had apparently seen a report about the new phone. She said, "You're not getting the new iPhone." I said, "Yes, I am." She said, "Then we're getting a divorce." She was kidding (I think).

How does one value an item? According to those who design prices, expensive items are used to calibrate our value system, then the cheaper stuff seems good value.

"You're not going to spend another $400 or $500 on an iPhone when you have a perfect one right in your pocket," she added. I said, "You are so right. I'm going to spend $199." She stared at me for several seconds, and then she asked me a question that made my heart flutter: "So am I going to get your old iPhone?"

And it works on men and women.

On a related note, Vodacom are taking pre-orders for the iPhone.

The real reason Amazon won’t post to South Africa?

From Simon.co.za

Today I was surprised to hear the news that online retailer Amazon.com has announced that it will no longer ship to South Africa using ’standard shipping’ through the postal system. It will only send items to the region using courier services, which cost considerably more than conventional postage, citing theft of parcels as its primary reason. Is the South African postal system really that bad? I don’t believe it is, and I am developing a theory about the real reason Amazon has halted its postal services to SA.

I personally do a lot of online shopping, and have been doing so for at least eight years now. I have never had anything go missing in the post. I also refuse to believe that I am just lucky in this regard. So today I made a point of asking almost everybody I came across if they had ever lost post in South Africa. No one had.

From IOL

According to a statement on Thursday, the Post Office had not registered a single complaint about a lost Amazon item in the past year. It is now appealing to any customers who have experienced a problem with their Amazon orders in the past six months to call the Post Office customer line on 0860 111 502.

I also use Amazon a lot; at least 10 books a year. And I buy other stuff over the net as well; movies, software, t-shirts, etc that get delivered by SAPO, and I have never lost a parcel. I think Simon is right, there is another reason for Amazon's decision.

Sadly, the usual SA-bashing crowd are having a field day with this.

IT catfight in Portland, OR

From IT Project Failures at ZDNet

Portland, Oregon’s late and over-budget ERP implementation has become a battleground between city officials and system integrator Ariston Consulting & Technologies. As the failing project’s budget ballooned from $31 million to $49.45 million, finger-pointing and mutual blame have obscured faults on both sides.

This is an instructive read as it highlights both the responsibilities of the client and the contractor. The client has to be sure that the contractor is able to carry out a project of the size and complexity it envisages. The contractor has to be sure the client is able to provide a clear specification.

Verizon Business Releases Trailblazing Data-Breach Study Spanning 500 Forensic Investigations

From Verizon Business

Key Findings Examine Basic Security Tenets
Some of the findings may be contrary to widely held beliefs, such as that insiders are responsible for most breaches. Key findings include:

• Most data breaches investigated were caused by external sources. Thirty-nine percent of breaches were attributed to business partners, a number that rose five-fold during the course of the period studied.
  


• Most breaches resulted from a combination of events rather than a single action. Sixty-two percent of breaches were attributed to significant internal errors that either directly or indirectly contributed to a breach. For breaches that were deliberate, 59 percent were the result of hacking and intrusions.
  


• Of those breaches caused by hacking, 39 percent were aimed at the application or software layer. Attacks to the application, software and services layer were much more commonplace than operating system platform exploits, which made up 23 percent. Fewer than 25 percent of attacks took advantage of a known or unknown vulnerability. Significantly, 90 percent of known vulnerabilities exploited had patches available for at least six months prior to the breach.
  


• Nine of 10 breaches involved some type of “unknown” including unknown systems, data, network connections and/or account user privileges. Additionally, 75 percent of breaches are discovered by a third party rather than the victimized organization and go undetected for a lengthy period.
  


• In the modern organization, data is everywhere and keeping track of it is an extremely complex challenge. The fundamental principle, however, is quite simple – if you don’t know where data is, you certainly can’t protect it.
  

It's clear that most breaches can be prevented by existing policy, if only that policy was followed. Many companies already have policies regarding third-party access to systems, upgrades and patches and managing data. Just follow those policies.

Redefining Anti-Virus Software

From The Washington Post Blog

Microsoft Windows users have long been advised to shield their PCs from attacks by using anti-virus software, which principally relies on technology designed to quarantine or delete files that possess certain characteristics of known hostile programs.

But as the anti-virus firms continue to struggle to stand their ground amid a flood of new malicious programs being unleashed each day, a complementary approach to fighting malware is beginning to take root. This approach seeks to identify the universe of known good programs and treat the outliers with extreme prejudice.

This is an approach that has long been favoured by security professionals. Indeed, it is considered good practice to define firewall rules in term of banning everything, then allowing only a certain subset of services through the firewall. In addition, companies are now starting to define lists of sites that accessible, and banning the rest.

This follows the same theme; allow only known good programs to run on your computer, and ban the rest.

Watch out for a sneaky blackmailing virus that encrypts your data

From Help Net Security

Kaspersky Lab found a new variant of Gpcode, a dangerous encryptor virus has appeared, - Virus.Win32.Gpcode.ak. Gpcode.ak encrypts files with various extensions including, but not limited, to .doc, .txt, .pdf, .xls, .jpg, .png, .cpp, .h and more using an RSA encryption algorithm with a 1024-bit key.

After Gpcode.ak encrypts files on the victim machine it changes the extension of these files to ._CRYPT and places a text file named !_READ_ME_!.txt in the same folder. In the text file the criminal tells the victims that the file has been encrypted and offers to sell them a decryptor

I would imagine that they face the same problem a kidnapper does and that is how to complete the transaction without getting caught. One other interesting fact from the original article is that the original virus incorrectly implemented the encryption algorithm. This allowed researchers the opportunity to decrypt the encrypted data. This time they got it right. Thus this is a helpful reminder that implementing your own code, even of a proven algorithm, is not always the best move.