Apple Tiger and Rush Limbaugh

I was scanning the AM radio dial today while driving, something I rarely do, when I came across a man talking passionately about Apple's new operating system called Tiger.

While he admitted he had just loaded it recently and hadn't played with it much yet, it was obvious he understood the new features and what they really meant - what they would do for users. He even commented on RSS, Really Simple Syndication, something supported out of the box in Tiger and understood it's pretty significant implications! I was impressed!

Who was this mysterious man?? I was shocked to find out it was alternately reviled or loved talk show host Rush Limbaugh!

I don't listen to talk radio usually. I only know Rush by reputation and am neither pro nor con Rush and his views. But I can tell you this, he loves Apples and understands the implications of new technologies far better than just about any layperson!

New York sues alleged Adware Spyware Company Intermix Media

The New York Attorney General Elliot Spitzer filed suit against alleged spyware/adware company Intermix Media. Spitzer said "Spyware and adware are more than an annoyance," and called them "fradulent programs."

Intermix allegedly operates a number of websites, including flowgo.com, mycoolscreen.com, and curserzone.com, which offer free programs such as screensavers which have hidden adware and spyware embedded.

A spokesman for Intermix stated that their programs do not collect personal data and that many of the practices being legally challanged were instituted under prior leadership and that they have been voluntarily removing said evil functionality.

Although they are innocent until proven guilty, and I'm not familiar with them, they "sound" guilty. "It wasn't us - it was the people in charge before us is a pretty lame excuse."

Kudos to General Spitzer for his proactive actions in the war on evil programs! May I call you that Elliott??

Apple attacks John Wiley and Sons

In a Draconian move, Apple has yanked all books from John Wiley and Sons from the shelves of their over 100 stores last week. Wiley publishes dozens of books on Apple products.

Wiley is publishing "iCon Steve Jobs: The Greatest Second Act in the History of Business" in a few weeks, and Apple has been unsuccessful in convincing them to not publish it.

Coauthor Jeffrey Young says, "I thought the book was pretty positive." Young also wrote the best selling 1987 unauthorized biography of Steve Jobs, which from distant memory I would describe as not being entirely positive. Certainly Jobs' weaknesses and shortcomings as well as successes and strong points were covered.

This book is getting a lot of press because of Apple's bizarre moves. I can't say I approve of Apple actions despite being a fan of the company as well as Jobs.

I'm going to preorder it from Amazon just because of Apple's actions!!

Disaster Recovery: Are you ready for trouble?

Computer World has an excellent article on Disaster Recovery.

Disaster Recovery is what you do when your business operations are interrupted by a disaster. It emcompasses a lot of ground, including getting IT functionality back up.

Jeff Russell, CIO at The Members Group: "It's impossible for a lone IT staffer to appreciate the particular needs of each department." All the business units need to be involved! They often aren't.

What's your companies plan when things go wrong? Hopefully there is one! Is it current? Has it been tested?

If you live by your laptop like many of us, do you have a plan to keep from being "dead in the water" if your laptop dies or gets lost/stolen? I'd recommend you have one!

What does Demopoulos Associates do for Disaster Recovery?? My needs are simple as I'm a one man shop, although I often use others on a per project basis. My Disaster Recovery Plan consists of frequent backups, backup media stored offsite, spare PCs and redundant Internet connections. And when I travel, I have backup copies of any critical business data with me. That may include Power Point presentations, directions, phone numbers, documents, and more.

Google Ad Revenue in the Newpaper Category

Google has released their surprisingly high first quarter financial results which crushed even the most optimistic Wall Street estimates.

Revenues are up 93%!

Their advertising revenue is particularly strong. Google’s partner sites, including this one, contributed about 47% of total revenues through their AdSense programs.

Their advertising revenue is so high that it is now comparable to that of a traditional newspaper.

Surprising? Yes.

Great? No.

Not unless they keep growing! Somehow I don't think they aspire to "We're as cool as a newspaper and make as much money too!" :)

Well, Google AdSense has made me enough money to buy lunch - so I'm off to lunch now . . . .

The Internet Wayback Machine

In the old cartoon "Peabody and Sherman," Mister Peabody, a bespeckled intellectual dog, would take his boy Sherman into the past to study history with his "Wayback Machine."

We can do the same thing on the Internet using the Internet Way Back Machine. This is not only amusing but has some serious business uses.

For example, The SANS Institute is a client of mine. If I want a good historical perspective of them, the Internet Way Back Machine has over 100 copies of their website archived from wayback in 1997 when it was one page long!

I do some work for Pinnacle Training.
A very recent Press Release on their site says they are merging with New Horizons Computer Learning Centers, and current Pinnacle President Chris Roy will be the president of United Training. Let's check out United Training's website - hmmm, it has a nice letter from the president Chris Roy.

The Wayback Machine shows about 50 archived versions of the United Technologies site from 2001. Looking at the first copy I see that Chris has always been president and that same letter!

I won't speculate what this information means, but certainly I have gleaned some perhaps extremely useful business information from the Wayback Machine.

There is also some interesting and useful info available on New Horizons Computer Learning Centers. They seem like a good fit with Pinnacle, both now as well as historically.

What if there is something about your website you want to simply have go away?? Search Engines respect preferences specified in the "robots.txt" file. With this file, a site can specify that certain parts of the website are not to be searched or indexed. The Internet Wayback Machine respects the robots.txt file, and will not show archived parts of your website the current robots.txt file says to ignore.

Of course there are other caches of website information as well, for example Google, but none as large as the Internet Way Back Machine. Not surprisingly Google doesn't retroactively honor the robots.txt file, although its cache only holds a single and typically recent copy of a webpage.

Google not all knowing! organic turkey corndogs

Google, just like the "Wizard of Oz," is not all knowing and all powerful.

A few months ago I had some "organic turkey corndogs" with my kids. A "corn dog" is a hotdog (a popular type of sausage) which is dipped in corn batter and deep fried. In my opinion, corndogs tend to suck.

My wife recently bought organic turkey corndogs. The kids loved them so I tried one. They were surprisingly excellent!

I'd love to get some more but my wife doesn't remember where she got them.

Google to the rescue, right?

Google cannot find them! I know they exist and I'm very surprised. I don't expect Google to be able to find everything, but I expect essentially all commercial products to have some Internet presence even if it's simply commentary from a consumer, and Google to have indexed that Internet presence.

Google is not all knowing and all powerful , although it may come close!
Other search engines strike out too.

Macs not impervious to Malware: viruses, worms, etc

Although widely considered essentially safe from viruses, Macs are targets of hackers just as Windows PCs are and attacks are increasing.

Macs have had far fewer exploits directed at them because there are fewer of them - they are a smaller target. Also, many hackers think of Apple as a "White Hat" company doing battle against an Evil Microsoft.

But Malware directed towards Macs is unfortunately becoming more common.

Hackers can directly target MacOS, which is now Unix based, or they can target Mac applications. For example the Mozilla browser, very popular on Macintoshes, had" 21 vulnerabilities reported in the second half of 2004," reports TechNewsWorld in Hackers Learn To 'Think Different', an article on Macs and malware. Microsoft Office on Macs is another target.

And although most Windows PCs run anti-virus software, few Macintoshes do, making them an even more attractive target.

Performers are ALWAYS "on"

Dan Janal writes in A Funny Thing Happened on the Way to The Stage that he was unpleasantly surprised at a recent event when performers ignored their fellow performers and talked through their performances. It reflected poorly on them, and caused the judges and audience to have negative feelings towards them

It doesn't matter what kind of performer you may be: a professional speaker, a country singer, a comedian or even a clown, you are NOT only "on" when you are performing.

I do a lot of professional speaking. Before and after my speech I act professionally as well. The thought of talking through someone else's speech is absurd! If member of the audience wants to ask me a question or talk well after my speech has finished, I'm more than happy to oblige. I even occasionally get emails from people who have seen me speak months ago and am happy to respond.

I'm a speaker both before, after, and during when I'm on stage. Just like a clown is a clown even before they start or finish their clown act. All clowns seem to understand this. Many professional speakers and other performers understand this.

All performers should understand this!

And even for those that don't, common courtesy *should* prevail.

Attacks on Mobile Phones Rising

TechNewsWorld published an article today called Trojan Attacks on Mobile Phones Rising.

I'm not surprised - many cellphones have more processing power than my first PC, and are attractive targets for viruses, worms and Trojans.

The security firm SimWorks reported finding 52 new pieces of malware for the Symbian operating system in one day alone. Symbian is the biggest target to date as over 10 million phones run Symbian - anti virus software IS available!

I stand by my predictions in my recent post Cellphones, viruses, and contingency plans as well as my suggestions to reduce the impact should your phone be hacked.

Many of us found it somewhat amusing when Paris Hilton's phone was hacked and its contents posted on the web, but it's starting to hit closer to home every day now!

I'm sure Christina Aguilera, Anna Kournikova, Eminem and others who had contact information stored in her phone and subsequently publicized on the Internet were NOT amused. They all reportedly received endless prank phonecalls and have had to change their phone numbers.

New Pope - Media Obsesses

Joe Ratzinger is the new Catholic Pope, although he changed his name as is the papal tradition.

I wonder why the media cares so much about a new Catholic Pope? Is it just the western media? How about Al Jazeera for example? How about the media in India?

Let's be serious: most people are not Christian. Not to mention that most Christians are not Catholic!

Could it be the immense popularity of Pope John Paul II?? I am one of his fans! Although I certainly didn't agree with him always, and find the Catholic notion that the Pope speaks directly to God to be silly and bordering on childish and insulting ("hey dude, my religious leader talks to god and your's doesn't").

But I, like many non Catholics, was a fan of Pope John Paul II. Simply because he was a great human being. Yes, I considered him a Holy Man (as an Orthodox Christian, we officially consider him a Bishop, equal to any other Bishop, although "First among Equals").

With the Catholic Church perhaps at an all time low (certainly in the US), with Catholic Churches closing, Catholic priests going to jail for decades of raping children with apparently the official Church "looking the other way," a shortage of Catholic Priests, and a somewhat widespread belief that most Catholic Priests are gay (at least in the gay community - got any male gay friends? Ask them), the new Pope has his work cut out for him.

I wish him well!

Did I ever mention I once met the Coptic Pope?? He was very cool.

OK, no more religion unless the Orthodox Patriarch dies. He not only looks like he could take out most NFL Quarterbacks, but with his Darth Vader like dress looks like he could scare them out of his way! As we say in Greek, may he make 100 (years).

Airport Security no Better, just more Annoying

According to The Wall Street Journal, "Two pending federal reports are reportedly set to conclude the quality of airport screening is no better than it was prior to Sept 11. attacks."

Well, as anyone who flies can attest, it certainly is more annoying and intrusive! And of course we all take it in stride for the sake of "national security."

The security damn well better be better!!

Then again, perhaps the reports are a "we need more money" ploy??

Paranoid? Me? No way. Perhaps realistic.

Men: laptop off your lap please

A recent study (State University of New York at Stony Brook, Stony Brook NY ) has shown that men who use their laptop on their lap can suffer from "scrotal hyperthermia" making them less fertile and increasing scrotal temperature almost 6 degrees F.

"repetitive transient scrotal hyperthermia is a modern lifestyle feature that may have a negative impact upon spermatogenesis, specifically in teenage boys and young men."

So if you're male, trying to have kids, and have a laptop - keep it off your lap.

More here: Increase in scrotal temperature in laptop computer users and commentary available all over the web.

Rupert Murdock: Media must watch blogs

Media mogul Rupert Murdock said that the media must pay attention to blogs and other electronic media - they will not just "go away."

Traditional Media editors cannot afford to ignore blogs!

The people have spoken. We don't know what we want, but we're loud! Murdock agrees.

Reports of his speech can be found here: News must adapt to web, says Murdoch

Making Extra Time to Focus on things we care about

“I’m too busy to do anything cool/worthwhile/fun.”

We all have extra time.

Extra time? Not me. I’m tooooooo busy!

Oh yeah? You’re full of doggy doo-doo!

My friend Lucinda is very busy. With three young kids and a full schedule, she has little time to herself. Surely she can’t generate any spare time? Well, she does spend what seems to be 30 minutes each morning sitting on the toilet while her husband watches the kids. I know, I was just visiting for a couple of days. I didn’t exactly see her, but I figured it out. Also she spends a lot of time putting on enough makeup to look like Tammy Lee Baker.

Hey Lucinda, wake up with a cup of coffee instead of meditating on the toilet and skip the face paint. You don’t need it, you already look fine and besides it SCARES your kids!

My friend Furry John complains he has no time. He could easily have an extra few hours a week if he didn’t spend so much time in the shower!!! Furry, you spend AT LEAST an hour a day in the shower! That after shower preening is quite time intensive too. Try 5-minute showers like me and stop trimming your mustache every day– you’ll gain an extra 7 or so hours a week.

My time is always short. I could (and perhaps should) generate extra productive time if I drank less! Yes, I love to drink, primarily wine. I’ll have a glass or maybe two with dinner. Maybe a glass later too. And I’m always trying to get things done after dinner – things I enjoy, things like writing this. The wine rarely helps and usually impedes my abilities. I could save time and increase productivity in the things I care about by drinking less! I'm sure there are other ways I could save time too.

So maybe we have some more time now – what do we do with it?

Lucinda would probably use the time to sit on the toilet longer and put on an extra layer of face paint. Furry would spend more time showering and preening. I guess this approach may not work for everyone??

I'd focus my extra time on improving things that are important to me. I’ve been called a “continuous improvement nut, “ although I don’t think that’s entirely accurate.

Soon it will be warm and I’ll be spending some improving my fishing skills. Yes, I try to become a better flyfishman every year and my enjoyment absolutely increases as my skill does. I’ll be spending some time working on improving my competitive “antenna farm” during the day and much of my professional work will shift to the night (work won’t just go away – besides, I like most of what I do as well as all of my clients).

When time gets really tight, we can always cut back on sleep! We’ve all done it before.

If it’s for something we’re passionate about, it’s worth it!
Sometimes it's just a question of priorities.

Book Review: BANG! Getting Your Message Heard in a Noisy World.

by Linda Kaplan Thaler and Robin Koval with Delia Marshall

We all hate advertisements but some of them are quite clever and good.

Anyone remember the AFLAC Duck, the duck that would quack “AFLAC,” an insurance company name? Or the woman washing her hair and having an orgasm? How about Continental Airline's ad for direct NYC to Tel Aviv flights – “Yo to Oy NONSTOP.” The authors of this book are responsible for these and many other memorable adds.

Big Idea: The world is cluttered with advertisements and other noise and the best way to get your idea across is to create a “Big Bang,” an idea that takes over the cultural universe, grabs the spotlight, and creates an icon.

Examples of Big Bangs are the iMac, “Just Do it,” and The Appentice.

To create a Big Bang you have to ignore conventional wisdom and rules and be willing to take risks. Big Bang ideas are simple, but selling Big Bang ideas to management or customers is hard – it requires theatrical flare. Big Bangs do not come out of focus groups or committees (actually, very little comes out of focus groups or committees!)

I’m not an advertising guy. I don’t understand advertising. I don’t like advertising. I like this book! Its written in a very readable and understandable style, and it was hard to put down.

Some great suggestions on nurturing creativity. I don’t necessarily agree with them all, but I rarely expect to agree 100% with any authors and they provide good thinking points.

Examples:

Bureaucracy kills creativity (duh!).

Focus groups have a herd mentality and rarely produce anything exciting or great.

Be a micromanager – the details are crucial.

“we advocate procrastination” – They advocate it, I simply practice it :)

Don’t have enough chairs when you have a meeting.

Go on an email diet.

This book is well worth reading. Their perspective on encouraging and nurturing creativity alone make it worthwhile, assuming you think creativity is good.

Don't laugh! Many people don't like creativity, although they probably would never admit it to themselves!

Executive Coaching– not required for every Executive

I was having dinner with three college friends I hadn’t seen in a long time and one decided to tell a story about his therapist. Another chimed in with something about her therapist. Both these two were always very “touchy feely” and it didn’t surprise me that they had therapists. The third, a very practical scientific type, had something to add about his therapist too. They all turned and looked at me, probably because I had been uncharacteristically silent.

“Don’t look at me,” I quipped, “I’m not crazy!”

A couple months later in an airline lounge I overheard a similar conversation between three presumably up and coming young executives. One was pontificating on how helpful his executive coach was. The second added a couple of comments on his executive coach and their relationship. The third was silent until asked about his executive coach. “Oh I don’t have an executive coach,” he stated. The other two looked at him strangely as if something was seriously wrong; as if he was obviously not reaching his full potential as an executive and shortchanging his company and himself in the process. As fascinating as the conversation was, I decided to get a cup of coffee and talk to my 2 year old on the phone instead.

There is nothing wrong with having a therapist. Many people do and derive great benefits. The vast majority probably are not mentally ill either. But some of us neither have nor need a therapist. I know I don’t want a therapist, don’t feel I need one, and probably wouldn’t listen to one if pushed into therapy. I know of no study that says that everyone can benefit from having a therapist. I also know of no study that says that every executive can benefit from having an executive coach.

Click to Read More

Cellphones, viruses, and contingency plans

Cellphones are attractive targets for viruses, worms and other malware, especially as these devices gain processing power and functionality. Many cellphones have more processing power than my first laptop!!

It’s just a matter of time until a particularly nasty piece of malware attacks.

A number of new cellphone viruses have been discovered in April alone!! (for example, see F-Secure's Blog). Experts disagree on how serious cellphone threats are, and their opinions are all over the spectrum. It is wise to take some simple steps to protect against threats.

Many people's professional lives run on a laptop and a cell phone. I protect my laptop and do backups at least twice a week - my often rapidly changing business data and work live there, and I can't afford to lose several days work or productivity if a problem occurs. Most people and businesses take similar precautionary steps.

Most people ignore their cellphones and cellphone data. It's shocking how many (especially small) businesses have key customer contact data only on employee’s cellphones. This often includes "official” phone numbers that can be looked up with some inconvenience as well as other "unofficial" phone numbers that are not easily available if at all. Many of my clients prefer I contact them via their cellphone or sometimes their home numbers.

Always backup your cellphone data!! I maintain both hardcopy and softcopy of critical numbers usually accessed via my cellphone.

If your cellphone stops working have a contingency plan - doesn't matter if its disabled by a virus or a dunk in the ocean, it’'s a problem! I can go less than one mile from my office to a cellphone store and within 20 minutes walk out with a new phone WITH THE SAME NUMBER so clients can contact me as usual - do you have any idea if you can do this??

Particularly if your cellphone runs the Symbian operating system (the biggest target to date as over 10 million phones run the Symbian OS), consider anti virus software. Many vendors including Kaspersky Labs and F-Secure have products available

Your cellphone might suddenly stop functioning. It would be an inconvenience, but with some thought beforehand, it'’ll ONLY be an inconvenience and nothing more.

Does anyone read books anymore?

Does anyone read books anymore (besides me?)

"80% of U.S. families did not buy or read a book in the past year."

"58% of U.S. adults never read another book after high school."

"42% of college graduates never read another book after graduation."
- Dan Poynter, The Self Publishing Manual, stats from the American Bookseller Association

Do these figures shock anyone besides me? Maybe I'm biased - I love to read. I rarely turn on the TV except for my kids. I read myself to sleep most nights.

Maybe it's not a bad as it sounds?
"Adults in the U.S. spent $25.6 billion in the past year."
- also from Dan's book

There's a Cantonese joke I heard several times when I lived in Hong Kong:

A wife buys her husband a gift for his birthday. He opens it up finds a book inside.

He says, "it's very nice, but I already have one."

Yes, I'm writing a book. It probably won't sell well in Hong Kong :)

The NON Failure of Two-Factor Authentication

Bruce Schneier's post from a few days ago is still being talked about and causing controversy.

I usually agree with Bruce - he's usually right! He makes several valid points in The Failure of Two-Factor Authentication but overstates his case.

"Two-factor authentication isn't our savior." That's absolutely true. In security, there are no saviors! Security is a process and technology is only part of the solution.

Two factor authentication means requiring two separate things to establish your identity, for example a smart card and a password. We all know passwords alone don't work as well as they should: users pick easily guessed passwords like their dog's name, write down their passwords on little sticky pieces of paper stuck to their computer monitor, etc.

Bruce states that: "It won't defend against phishing. It's not going to prevent identity theft. It's not going to secure online accounts from fraudulent transactions."

Very true. It also won't protect you from muggers. Or car jackers. Or unscrupulous used car salesmen. Or spam. Or your mother from making you feel guilty.

There are no silver bullets in security.

If two factor authentication is worthless, then let's all throw away our ATM cards and use a username/password combo instead. Of course that would be ludicrous! Someone "shoulder surfing" could watch us type into the ATM machine and then effortlessly steal our money.

Requiring two factor authentication for ATM machines, the card AND a password/PIN, certainly increases security!

There is a great article here by Anne Saita on Bruce Schneier's post.

I think Bruce wanted to start some lively debate - he succeeded!

Fake Blogs and Imaginary Bloggers

Shel Holtz has an interested post "Get Used to Fake Blogs" in his blog.

I define fake or fraudulent blogs as ones that are not what they pretend to be, for example ones written by marketing or PR Agencies instead of the supposed author.

For example a Bill Gates blog not written by Bill Gates nor containing his thoughts would be fake/fraudulent (a ghost writer, IMHO, would be OK. Bill's kind of busy these days).

"Mickey Mouse" blogging for Disney would not be fake/fraudulent, nor would a Santa Claus blog for the North Pole Tourism agency.

I think imaginary bloggers are cool and I'’m 100% behind that idea!!!

I wish I had an alter ego to blog under, but I'm just boring Ted :)

Tony the Tiger blogging for General Mills might be good. A TV sitcom actor blogging as his "TV identity" would be fine. Or Captain Morgan blogging for - errr, Captain Morgan, minus the fake comments and fake guest postings.

Shel says "if I could ghost-blog for any fictional character, it would have to be Uncle Sam, the Grateful Dead’s skeleton icon." Excellent choice!

Since you've taken Uncle Sam, can I be Batman??

Yankee Group Report: Windows beats Linux

I'll let you read the details for yourself, but a soon to be released report from The Yankee Group says:

• 88% of companies report Windows Server 2003 is equal or better than Linux in reliability and performance.

• Security of Linux and Windows servers about the same.

• No TCO basis for a massive switch from Windows to Linux.

See also Yankee Group North American Linux Windows TCO Survey from my friends at IAPS.

I'm very surprised by reliability/performance and certainly security!

No Total Cost of Ownership (TCO) basis for a massive switch to Linux doesn't surprise me. Linux, in my own opinion, is not ready for most desktops.
Certainly not my parent's or sister's for example!

Slashdot - repeat after me, "we are all individuals"

Like many people, I enjoy SlashDot.

I don't understand why so many people comment on SlashDot posts.

For example, a post from less than 2 hours ago has well over 100 comments already. Comments quickly get buried by other comments.

Spending time writing an intelligent comment that essentially no one will read seems like a massive waste of time to me! And yes, some of them are intelligent!

"Nobody goes there anymore; it's too crowded" - Yogi Berra

I don't comment there; it's too crowded. I don't get it.

"Repeat after me, "We are all Individuals." - Steve Martin

I'd rather spend my time commenting where my comments will be read and maybe even appreciated.

Oh yeah, I tend to not comment unless I have something to say either . . . . .

Worst Practices in Developing Secure Software, Part II

Click Here for Part I

As I’ve said before, The “Best Practices Mantra” annoys me.

A major component of success involves avoiding making any major mistakes. Instead of focusing exclusively on implementing “Best Practices,” I suggest avoiding “Worst Practices.” You can do almost everything perfectly, but if you do one thing horribly wrong you can negate everything. A soldier greatly increases his chances in a firefight by doing things right, but one serious mistake and his odds of surviving plummet. Fatal flaws and mistakes are often exactly that – FATAL!

Assuming that only “important” software needs to be secure.

“Hey Ted, wasn’t this also in Part I?”

Yes, but it’s worth repeating!

All programs and services need to be secure. Even a simple game or utility could be compromised, contain a Trojan or otherwise harbor malicious code, and lead to your entire network being compromised. This includes prototype and test code as well.

Not planning for failure

Complex systems can and do fail. Both partial and complete failures need to be planned for. Software should always fail to a secure mode, and when in failure mode, deny access by default. If the entire system fails, any secure data should be unavailable!

When failure occurs, no data should be disclosed that wouldn’t normally be available, and as little information as possible should be disclosed.

For example, if a login fails, it is far preferable to report that the login failed than to specify “invalid password” or “no such account.” If a login fails, it should reveal no information other than failure (if even that).

I worked on one system where the results of a successful and unsuccessful login were visually the same – the user didn’t even know their login failed until they tried to do something.

In contrast, I recently was authorized by a client to login to their Blogger account to add Google Ads and make a few other changes to their blog. They gave me an incorrect account name and password, and when I tried to login I got a message that said “non-existent account.” I now knew the account name was wrong, and I tried a couple of “obvious” account names such as the company name, etc. My second guess was correct and I got a different error message, “incorrect password.” The password was easy to guess too – it was my client’s dog’s name!

I was authorized to access his account, but even if I hadn’t been, I could have “guessed my way in.” If Blogger didn’t differentiate between incorrect passwords and non-existent accounts, it would be more secure and I probably would have given up quickly and waited for my client to give me the correct login information.

Should a significant failure occur to a critical system, e.g. a defacement of the organizations web server or a inability of a server used for ecommerce to authorize credit card purchases, there *should* be a security policy in place that specifies contingency plans. For example, should the server be taken off line? Should it report an “unavailable – try again” message? Should it be left live and fixed as quickly as possible?

Counting on “Security through Obscurity”

Click here to read more

Google and Me

Every day several people get directed to my main website and blog from Google and other search engines. It's sometimes surprising what they are searching on:

#1 Rap:
The most common is search terms that include the term "rap." That's pretty interesting as the term "rap" is almost never used except in my blog title! On average these searchers view 1.3 pages. "Ted, this should be called The Ted Rant," some have commented. Hey, don't encourage me! There are also historic reasons for the name The Ted Rap.

#2 Me:
Almost as common is people searching for me , either by name, company name, etc. These searchers hang out for about 8 pages average, with some viewing many more.

#3 Security:
A distant third is people searching on various security topics and phrases. Since I've worked with computer security almost forever, and there are a number of security articles on my main site as well as security posts in this blog, that's not surprising.

#4 Book Reviews:
An extremely distant, yet still significant, fourth. My book reviews are quite popular, especially Purple Cow and BLOG.

We get a real mishmash after this:

One searcher was looking for my wife and apparently read the entire site.
If you're quoted as a reference anywhere on www.demop.com, at least a few people find you via the search engines.
Several people searching on various business blogging topics get directed here.

And the weirdos:
"naked goats"
"how is sauerkraut good for you"
"foxhole management"
"gout treatment"
"dogfood"
"amusing wine speeches"
and many many more. Some of these leave me confused!

Maybe I should be writing about Rap Music more?? On second thought, naaah!

And the moral of this post? Search engines may be sending people to your site for very unexpected reasons!