The Lack of IT Security – We’re Just Asking For It!!

Originally published in The Clarion | November 28, 2012

I often wonder what it is going to take for individuals, companies and even governments to get more serious about IT security. In my daily habit of reading articles on various IT-related websites, not a day goes by without seeing at least a few articles related to some sort of security breach. Whether is yet another Distributed Denial of Service (DDoS) attack on a large corporation or government, or something as silly as an image posted online showing someone’s login credentials hanging on the wall behind them, each and every instance somehow shows how lax the worldwide IT world continues to be. I am fully aware that I have written several articles over the years on this subject, but it seems they must continue until things shift in the right direction.

Just this morning I read an article (with pictures included) that really surprised me, although it probably shouldn’t have. It turns out that having secure passwords isn’t near as much of a high priority as I would have at least hoped. Someone did a story on Prince William of Wales, to be published on his “official website” that included images of him sitting in an office of the Royal Air Force. Behind him, taped to the wall, was a sheet of paper with the heading “MilFlip Logon Details” (underlined and in bold font for importance), followed by a username and password. The images I saw had the details blurred out, unfortunately they were released in all their glory before someone noticed the mistake. One can only guess that those images are spreading like wildfire across the Web. Sure the password was changed once the “leak” became known, but that doesn’t necessarily remedy the issue. So many other factors come in to play once credentials like this are published for the world to see.

Depending on an organizations’ protocols for credentials, exposing an example of a username/password combination could have detrimental consequences. According to the article I read about this specific situation, the password was a very weak one. For all I know it was something like “princewill”. Regardless of the specifics, a working username/password combination, when put into the right persons’ hands, could easily lead to an immediate breach of security even if the “leaked” credentials were swiftly changed. What simply amazes me is not that individuals, companies and governments use extremely weak passwords (this to be the norm all too often), but that folks don’t make the simple effort of memorizing their credentials, choosing to display them for seemingly whomever to see. Just for the record, writing a password down and taping it to the underside of your keyboard isn’t any better either. I’m sure some of you may have just blushed at me saying that. The principle of the situation is a very simple one. Whether you’re a basic home user, an employee of the federal government or anything in between, IT security can not and must not be taken for granted.

Share

Fixing Technological Messes

Originally published in The Clarion | November 21, 2012

Technology can be intimidating. No matter your level of technological expertise, at some point it is almost guaranteed you will be confronted with a situation that you simply do not know how to handle. For some, it could be getting your first smartphone or tablet device. For others, it could be coming face-to-face with the infamous Blue Screen of Death on your Windows machine. For those of us who work in the realm of IT, it could be an unhappy network switch or server process that suddenly decides it no longer wants to function properly. Whatever the case, unless your technological limit is a 13-channel television set, a day will come when a hurdle is thrown at you by some sort of gadget.

How we choose to tackle such a hurdle has a lot to do with not only our level (or lack thereof) of technical expertise but also our general mindset when it comes to dealing with unfamiliar challenges. From several years of on-the-job experiences and, even more so, years of talking to people, observing situations and reading about such online, I have determined that there simply is no de facto solution to any given technological situation. Any given situation can have multiple resolutions, add in the human factor and we now have not only multiple solutions, but many other factors to deal with. Some folks simply refuse to address technological issues simply out of fear of making things worse. Others may have a much more aggressive attitude and are willing to tackle the situation head-on, often without considering the consequences if their actions are futile. I have always been a proponent for users to take at least somewhat of a middle-ground approach. Failure to at least attempt to resolve an issue ensures that you most likely will never advance in your technological abilities. Because of this, I am always in favor of at least giving something a try.

As technology advances, software applications and the underlying Operating Systems continue to become more complex. New features come about seemingly all the time that can better handle situations when problems occur. Where just a couple years ago a Web Browser crash simply meant that you instantly lost everything you had open and that a system reboot was inevitable, today’s browsers are much more capable of not only remedying the situation without the dreaded reboot but they also do a much better job of taking care of issues before a full crash can happen. I only see this being the case even more as time goes by. With technological advances, odds are pretty good that before too long most of the problems that many of us face on a somewhat-regular basis will be nothing more than a memory from the past. Here’s to hoping this comes true.

Share

Short Message Service

Originally published in The Clarion | November 14, 2012

Short Message Service – SMS – is a technology that many of us not only depend on but probably would not know what to do if we had to go without. In America, SMS is more commonly known as Text Messaging, and it has literally taken the world by storm. The history of sending electronic alphanumeric messages is an interesting one. The technology itself originated, believe it or not, in the early part of the 20th Century when short messages were sent via a system then referred to as Telex. With appropriate equipment attached to the telephone system at each end, messages were typed by the originator, sent across the telephone system network and printed at the recipient’s station. While somewhat hard to believe, this mechanical mechanism of communication evolved over the years into what many of us use on a daily basis – text messaging on our cellular phones.

In researching text messaging technology for this article, I was a bit surprised at the various methods of communication that originated with Telex. While the end results of each stage of the technology’s progression are all essentially the same, the journey from what seems an archaic mechanical method to what SMS has become today is rather interesting. The same fundamental technological principles that allowed messages to be sent and received almost one hundred years ago are still in play today. It was only very recently that messages could be more than 160 English characters. Actually, the length of text messages is still limited today. The only reason a message can be longer than 160 characters is that technological advances allow for messages to be automatically split into multiple messages – or – the message is converted from SMS to MMS – Multimedia Messaging Service – which takes advantage of a wireless provider’s data network instead of using the traditional voice system for delivering longer messages.

SMS-type messages have been used for everything from pagers or beepers which were very popular in the late 1980’s and early 1990’s to control systems where a short message can be sent to a recipient device that is connected to some piece of equipment that accepts operational commands from these messages. Many devices can also be configured to actually send SMS-type messages for various things including reporting system problems in data networks, emergency public service announcements and others. The popularity of cellular phones has brought with it voting for contestants on television shows via SMS, SMS registration for prizes given away by companies and a means of donating money to any number of charitable organizations via SMS where the monetary donation is added to the sender’s monthly phone bill. As technology continues to evolve, one can only guess what we will be doing with SMS in upcoming years.

Share

Hey UN – Leave My Internet Alone!!

Originally published in The Clarion | November 07, 2012

To say that the Internet and Politics don’t mix well is quite the understatement. The Internet, and more specifically the World Wide Web, was designed and implemented with a great sense of openness in mind. Sure it was virtually impossible to predict where the Web would be in the 21st Century, but the underlying air of openness helped to drive innovation, create entirely new areas of personal and technical expertise and in many ways bring the world together unlike any other innovation in history. Over the years, individual countries have put restrictions on the Internet and Web, from censoring and/or blocking specific websites to entirely disconnecting all links leaving town. The lack of regulation, or better, the ability of individual nations to mandate their slice of the global network as they see fit, has had both good and bad consequences over the years.

Thankfully for us in America, the Internet and Web that we have grown to be so dependent on has essentially been untouched in regards to regulations and laws outside of those that already existed for certain crimes. Sure many methods of committing crimes have changed, but for the most part we are free to enjoy the Web as we see fit. At least that is the case today. There is a meeting coming up in December that has the potential to not only change the air of openness that we have come to expect while online, but also infringe on certain rights that – believe it or not – are guaranteed by the U.S. Constitution. For the sake of political correctness, I will only provide the scenario except to say that I have a real big problem with the “World” imposing rules, laws and regulations on me – especially ones that are against my rights as an American.

From reports, a December meeting in Dubai, sponsored by the United Nations, will propose new restrictions and regulations for the Internet – restrictions and regulations that might censor free speech and impose taxes on e-commerce. I don’t know about you, but this just doesn’t sound like a good idea whatsoever. Unfortunately, there are countries including China and Russia that appear to be in favor of such regulations. Needless to say, the governments in those countries don’t look too much like ours. Whatever the outcome of this meeting, the simple fact that our Internet freedoms could potentially be governed by a worldwide consortium – specifically the International Telecommunications Union – doesn’t sit too well. Is there anything you and I can do about this? I wish I knew. All that can be said with certainty is that the potential is there for rogue countries whose citizens have never had even a moment’s enjoyment of anything like our American freedoms to contribute to dictating how you and I use the Internet in our daily lives.

Share

Coded TCP

Originally published in The Clarion | October 31, 2012

It isn’t often that IT folks like me have a lot to get excited about. Sure there are always new gadgets, software, Web sites and apps but those things are marginally interesting at best most of the time. The things that really get us going are advancements in the core technologies that we all depend on. Whether it’s an entirely new technology or an improvement to an existing one, these are the things that really catch our attention and as a result keep us on our toes. An improvement on an existing piece of technology – more specifically a vital aspect of networking communications – was recently announced that will most likely have a tremendous impact on the technologies that most of use each and every day.

This “new” technology – Coded TCP – will have, once implemented, an unbelievable impact on data communications, especially in the ever-expanding world of wireless. TCP, or the Transmission Control Protocol, is virtually always combined with IP – the Internet Protocol – to provide reliable, orderly delivery of data from one host or device to another. Because of its inherent responsibility for reliable communications, poor network conditions can cause all sorts of issues with data communications when TCP data is sent but not received properly. If a segment of data does not reach its destination, TCP immediately attempts to remedy this issue, requesting that the lost or corrupt data be resent. You can imagine how much unnecessary data might be generated if network conditions are poor. On a typical wired network, such retransmissions aren’t usually necessary (assuming the wired network is properly designed and the attached hosts aren’t spewing rogue data). In the world of wireless though, all sorts of external variables can easily create poor network conditions, causing very high instances of data retransmissions. This is where Coded TCP saves the day.

By adding in something many of us learned in high school – algebra – Coded TCP eliminates the need for lost data packets to be retransmitted. By adding in algebraic expressions to the transmitted data, the receiving end of a data stream can simply “do the math” if data is either not received or corrupt, eliminating the need for the originating host to re-send. The result is simple – the receiving host gets its data as expected, except in a much more reliable fashion. Real-world tests have showed almost unbelievable results by using Coded TCP in place of traditional TCP. In one test at MIT, Wi-Fi data transfer rates increased from 1Mbps to 16Mbps by simply using Coded TCP. No new or additional hardware was utilized. The data was simply coded differently with the addition of algebraic expressions. Another test on a moving train increased transfer rates from 0.5Mbps to 13.5Mbps, again only by changing to Coded TCP. This technology has the potential to revolutionize wireless data communications, I simply cannot wait for it to be implemented industry-wide.

Share