Author and IT Consultant since 1986

A long time ago I decided to split this blog up into 2 or more. One for the horse stories, and one for technology and writing. Well, I finally got around to doing it. For stories and ongoing commentary about horses and horse people, please visit The Horse Trader’s Son.

The top 3 oil companies have recently recorded another quarter of record-breaking profits. $14.83 billion for Exon Mobile, $8.45 billion for Royal Dutch Shell, and $5.19 billion for Conoco Phillips.  With 92 days in the 2nd quarter, that puts the daily combined profit for these three companies at over $309 million.  Again, that’s profit, not revenue.  $309 million every day, $212,500.00 per minute, or $3,543.00 per second.  Tell me again why gas and oil cost so much?

The future does not look quite so golden however.  With the global economy in a tail-spin, demand for fuel has fallen sharply, resulting in lower prices. Even OPEC threatening to lower production recently has had little effect on the price of crude. Still, these three companies will likely report record annual profits anyway.

Some members of congress are calling for these companies to use more of their gargantuan profits to invest in alternative energy sources, but with little incentive for them to do so, don’t expect to see much change.

The credit card industry imposes mandatory safeguards to which merchants are supposed to adhere in order to protect your personally identifiable financial information. They are known as the Payment Card Industry (PCI) Data Security Standards. Additionally, government regulations exist for the same purpose, for example, the federal Fair and Accurate Credit Transactions Act (FACTA). In spite of the fact that the penalties for non-compliance can be severe, many merchants lack the discipline to maintain the required vigilance, and some simply don’t have the resources to remain compliant. Thus, even if <I>you</I> practice good security with your data (by burning or shredding credit-card receipts, etc.), the far greater risk comes from these businesses who do not.

There are steps you can take to help. They do nothing to safeguard your data maintained by non-compliant merchants, but they can mitigate the damage if your data is stolen.

• Set fraud alerts with the major credit bureaus.
• Opt out of pre-approved credit card lists.
• Check your credit report.

Read The Full Report, with links to tools to help implement these suggestions.

Read about other ways to Protect Your Privacy

I feel so special - I got an email from Robert S. Mueller III, Executive Director of the FBI. Amazingly, it appears that the Bureau is aware that I’ve been contacted by the Central Bank of Nigeria, and they felt compelled to protect my interests and investigate the contracts and related fund dispersal promised by the bank in payment for the rendering of some unspecified services.

This is good news indeed, since I didn’t even know that the CBN owed me $10,000,000.00, and now not only do I know about it, but I can rest assured that the FBI has already confirmed for me that the fund transfer is legitimate, and they will closely monitor the transfer. All I have to do is contact the CBN using the phone number and email address that the FBI has so thoughtfully provided, and follow their instructions expediently.

Seriously, does anybody fall for these scams anymore?

What is hosted email security?

Hosted (outsourced) email security is a service offered by 3rd party providers which handles the scanning of inbound (and sometimes outbound) email messages. Following the trend toward SaaS (Software as a Service), or “Cloud Computing” as it is becoming known, hosted email services handle such things as spam filtering, virus and other crimeware removal, phishing protection, etc.

Recent Growth and Projections

The last several months have seen spending on outsourced email hosting and security grow at the substantial rate, primarily among small to medium sized businesses. The growth rate within larger corporations (greater than 2500 users) is smaller but also increasing measurably. According to IDC, The Radicati Group, and other analysts, these growth rates should continue to accelerate over the next few years, exceeding an estimated $2 billion by 2012. This represents a 40% growth in the number of seats over today’s figures.

Already, about 5% of SMB users are utilizing hosted email security solutions, a figure expected to grow to 9% over the next few years.

Advantages to SMBs - Reasons for Growth

A variety of reasons are cited by researchers and subscribers for outsourcing email security, but the main ones are:

• Lower Network Resource Requirements: Spam entering a company’s network incurs bandwidth and storage costs, even if it’s caught in spam filters. Outsourced spam filtering solutions only allow legitimate email to enter the network.
• Fewer Maintenance Costs: The costs of acquiring, configuring, and keeping spam filters up to date can be extensive for in-house solutions, especially when you include the cost of the admin’s time.
• Malware Protection: While an outsourced solution shouldn’t replace in-house virus scanners, keeping up with the latest threats becomes the burden of the solution provider for email. These companies often employ up-to-the-minute malware updates and multiple scanning engines.
• Business Continuity: Should a company’s own network fail or become compromised, the external service provider can queue their mail for a period of time, until their Disaster Recovery Plan is executed (you do have a DR Plan, right?).

Reservations

Not everyone is jumping on the bandwagon. The biggest concern expressed by potential customers is the perceived security and reliability of the service providers’ network. However, research done by NetworkWold indicates that many of these providers maintain infrastructures more robust and secure than that of most of the enterprises they serve. Another issue is the concern for the safety of confidential information being in the hands of an external agency, which is why most subscribers only use these services for inbound email, even though some providers offer outbound filtering as well.

Outlook

As IT departments strive to cut costs while maintaining service levels, more will be looking at the ROI offered by outsourced security solutions.

Today Exxon Mobile recorded their 2nd quarter profits of $11.68 billion. This is lower than analysts’ predictions, but still managed to break the record for the largest quarterly profit for a U.S. company (previously set by Exxon Mobile).

This works out to $1,485.55 per second in profits, over $128 million per day. Yes - you’re reading that correctly - that’s $128 million in profit, not revenue, every day.

Who do they think they’re fooling when they blame high fuel costs on the speculators or production problems? Petroleum seems to be the only industry in the world where production problems equal higher profits. Look up the term ‘oligopoly.’

Legendary writer and author Jerry Pournelle sent me an email! OK, so I’m a subscriber on his website and he sent it out to everybody, but still, I thought it was cool. The message was a warning about the fact that malicious hackers had compromised the online job boards and were selling their services to spammers and scam artists. Monster.com, hotjobs.com, and other mainstream job boards are affected. You can get the details here.

I became a fan of Jerry’s writing in the ’80s when he was a columnist for BYTE Magazine. This was back when magazines printed a lot of useful technical information, hacks, program listings, and electronics projects. A fellow programmer was a subscriber, and introduced me to the magazine, and particularly “Chaos Manor,” Jerry’s column. When BYTE was sold to another publisher, it’s format turned more to product reviews and coverage of the IT business industry. In other words, it became geared more for managers with IT budgets and less for programmers, hobbyists, and end users. Not long after that the magazine ceased publication altogether.

I missed Jerry’s anecdotal accounts of his struggles with technology. He did product reviews too, but always from the first-person perspective of a non-technical person (an author) actually trying to implement, rather than just cover, the products. His often humorous tales were always informative and entertaining. I was delighted when I discovered a year or so ago that Jerry was still writing his Chaos Manor Reviews, as well as Other Musings. I should have known that his talent and desire (need?) for self-expression would have steered him toward the online publishing world, and was chagrined that I hadn’t thought to search on his name sooner.

During our trip to Arizona this past spring (see pictures), the visit to Tombstone inspired in me a renewed interest in the famous Gunfight at the OK Corral and the surrounding events. After some research, I wrote a quick little article entitled Surprising Facts about the Gunfight at the OK Corral. I wasn’t quite satisfied with that one however, so I sat down and wrote a more extensive article called Behind the OK Corral - the Legend and the Legacy, which goes into more depth and discusses the prevailing attitudes and histories of the combatants. It also covers some of the alternate interpretations of history as maintained by the surviving members of the Clanton family. Give it a read and let me know what you think.

I recently happened on the scene in Davison recently as police and paramedics responded to a 911 call that turned out to be a suspected heroin overdose.
As a staff writer for the Davison Messenger, I tried to get a few statements from witnesses and took a few pictures. The Messenger has decided to print the story in the newest edition which should be hitting the streets as I write this. I also put a copy of the article on Triond. Please read the suspected heroin overdose story and let me know what you think.

My home server, which acts as a development web server as well as a file and print server for the numerous PCs around my household, was running on SUSE Linux 10.0. This version of SUSE was the only one of its kind, before Novel re-branded the free version of the OS as OpenSUSE. It was getting increasingly difficult for me to get the updates for SUSE Linux 10.0, so I figured it was time to upgrade to something a little newer. Of course I was planning on loading OpenSUSE 10.3, the current stable release.

Looking for ultra-light linux for kids’ PC

About this time my kids’ old Window 98 PC seemed to be grinding down to a halt as they tried to get it to do more - IM, online games, etc. I tried a couple of small linux loads known for good performance on old hardware, like Puppy Linux and Damn Small Linux (DSL). While both of these are great distros, on this hardware Puppy Linux bogged down with too little memory, and DSL had problems with the USB wireless network adapter on that PC. I even put in an old 16 bit Intel NIC and spent a couple of evenings fishing CAT-5 cable through the attic and wall, but still had some problems with DSL recognizing it.

Someone Mentioned FreeBSD

On some forum (can’t recall where), someone mentioned FreeBSD as a viable option for old, slow hardware, so I decided to try it out on the kids’ PC. After some tweaking of the device hints to get it to use the old NIC, it worked great. Performance is acceptable for the hardware (300 mhz Pentium II), and it runs most Linux software in addition to native FreeBSD code. After some more online research about the relative strengths and weaknesses of FreeBSD vs. other BSDs vs. Linux, I decided to reload the server with FreeBSD. This server is built on a DELL Dimensions platform, with a 2 Gigahertz Intel processor and 256 Meg of memory. It has 2 internal hard drives, a 30 Gig Maxtor 6E030L0, and a 160 Gig Seagate ST3160215A (which came out of a failed external USB SimTech drive.

The Plan

Since the Seagate had a lot of unused space, I wanted to use part of it to back up stuff I wanted to save, but I also knew I would need some of it free for the FreeBSD installation. The trouble is, it was formatted as a ReiserFS file system, which FreeBSD can read but not write to. So the plan included steps to shrink that file system and leave enough unallocated space for FreeBSD to create usable storage. So the steps in general were:

1. Estimate space required to backup user data and development work.
2. Shrink the ReiserFS file system to create unallocated space on the disk, but leave enough on ReiserFS to accommodate the backup.
3. Change the partition sizes on the disk (shrinking the file system does not affect the underlying partition size).
4. Backup desired files.
5. Download FreeBSD and create installation CDs.
6. Install
7. Restore files and configure applications (samba, cups, apache, quanta Plus, etc.)

Next: Part 1 (coming soon): Using resize_reiserfs and cfdisk.

Several months ago I wrote an article for a Helium Marketplace publisher.  My submission was not selected, but I find that it is one of my more popular articles on Helium (definitely in the top 3), so I thought I’d share it here.  Please read How to find out what’s running on your PC (and why this is important).  Let me know how you like it.

Imagine planting a pine tree, a small seedling, using a spade shovel. Not too difficult, right? Now imagine doing that 1000 times. Repeat every spring for 14 years. That’s exactly what Bob Zirnhelt did on 11 acres where he and his wife live in Davison, Michigan.

Beginning in 1991, Bob began buying young trees from the Genesee County Conservation District. Every spring he would buy 1000 seedlings and plant them around his home. “It’s one of the best ways to enhance the beauty and improve the value of your home,” he says. Bob is a code enforcer for the city of Burton, and knows a thing or two about home values.

Read Full “Zirnhelt’s Trail” Story on NewsFlavor.

The other night I spent about 2 1/2 hours at the house of a friend, trying to free his PC of some particularly nasty malware, SpyGuarder and Vista AntiVirus 2008. Both are classified as rogue anti-spyware programs. This type of malware attempts to trick you into buying their full versions by running free scans with a trial version, and showing you all sorts of viruses, trojans, keyloggers, etc. with which your system is supposedly infected. They then offer to remove all these infections if you’ll just click the link and upgrade to the full version of their program, which of course, costs money. There are a number of problems with both these programs.

1. Your system doesn’t really have the infections these programs claim. Or to be more accurate, they have no way of knowing one way or another, since the so-called “scans” they do are completely fake. Nor could they remove the infections if you did have them, since they do not actually fight spyware or viruses, but are likely to install some of their own. Of course, if you elect to do this, future scans will say that your system is now clean.
2. These programs are obnoxiously persistent. Any attempts to cancel the scans, close the windows, or kill the processes just result in another process being launched.
3. These programs prevent legitimate anti-spyware programs from installing and running. Generally, when trying to clean spyware out of a system, one of the first things I do is install and run Adaware from lavasoft. Vista AntiVirus 2008 would not let me install it, popping up a fake system message saying basically that the Administrator for the PC has configured it to disallow “installations of this type.” Spybot Search & Destroy did work, but did not remove the two nasties I was dealing with. SpyGuarder similarly prevents the task manager from launching, claiming that “Task Manager has been disbled by your Administrator.”
4. The presence of either of these programs indicates that you may have the zlob or other dangerous trojans.

No doubt some of you would have advised me to run various legitimate anti-malware applications like SpyHunter, which can apparently automate the removal of SpyGuarder and Vista AntiVirus 2008. Pride and miserliness made me opt to do it by hand, which I did with the help of instructions found here and here.

Vista AntiVirus 2008 has several other identities, all which do the same bad things to your system, such as Windows Antivirus 2008, Windows AntiVirus Pro, etc. These, as well as SpyGuarder, are advertised on professional-looking web sites, and give the appearance of being the most advanced anti-malware products on the market. Do not be fooled, do not install either of these products - the commercial or the free versions - on your computer under any circumstances. If you find you have been infected with either of these anyway (it’s possible to pick them up via “drive-by” infection), take steps to remove them immediately.

Added 7/1/2008: I had to go back and remove yet another fake security program. His commercial virus protection had long since expired, so I installed AVG Free, which found and removed about a dozen viruses and trojans, but then his desktop and taskbar disappeared. After searching around on the internet, I found that Malwarebyte’s RogueRemover Free is a great free tool which completely fixed the desktop problems and removed some additional adware / spyware. It will definitely be joining Adaware and Spybot Search & Destroy in my arsenal.

In Goodrich, Michigan, the water level in the Millpond has been a source of contention for over 30 years between residents, the Village Council, the DNR, and the DEQ (Michigan’s Department of Environmental Quality). Now it seems that the dam is leaking, possibly requiring hundreds of thousands of dollars (or more) in repairs. My first newspaper article for Flint Area Media was covering this story, including some background as well as the latest developments. Please read the Goodrich Millpond story online at Associated Content.  Incidentally, because of a delay in printing, this is an AC exclusive for the time being.

I recently started writing articles for a publisher who puts out several newspapers local to our surrounding communities. The Davison Messenger, The Tri-County News, The Burton Banner, etc. Some of them were existing publications which he purchased, some are new startups. All are collectively published under the name of his company, ‘Flint Area Media’ (FAM).
Production problems and slow sales have caused some delays in getting the papers out regularly, but I have hopes that these glitches are temporary. The organization is currently moving into a newer, larger building, and I take that as a good sign.

Of course, I expect to be paid for the articles I write, but I’m also doing it for the excitement of seeing my byline in print. Plus, although FAM eventually expects to make all their articles and stories available on-line, they are not ready yet for that. In the mean-time, Mike (the publisher) has given me permission to post them on the 3 sites I write for (Associated Content, Helium, and Triond). I’ll place links in future postings.

A while back I wrote a story entitled ‘The Great Rodeo Trainers’, which was sold to a Helium Marketplace publisher with exclusive (I thought) rights. Now I see the story has reappeared on Helium’s website, so I’m thinking it was only sold with first publication rights rather than exclusive. I could never find it on-line, so I’m glad it’s back on Helium because it’s one of my favorite stories. Read The Great Rodeo Trainers and let me know what you think.

Anyone who’s used a personal computer for more than a week or two has undoubtedly noticed a gradual decrease in performance. There can be a number of causes for this, and a number of steps you can take to recover this lost performance. There are also a few preventative measures that can help keep your computer running at top efficiency.

Spyware and Adware - sources and removal
Spyware and Adware are two types of malicious software (AKA malware) that infect PCs. Spyware collects information about a user’s surfing habits, purchasing preferences, etc. and sends it to marketing agencies. Adware presents unwanted advertisements to the user. The source of infection can be email attachments or files downloaded from the internet disguised as or embedded within useful software. Some adware and spyware can also be picked up simply by surfing to certain websites.
Removal is usually accomplished with the aid of utilities written for this purpose. Spybot Search & Destroy and Adaware are two long-standing products which offer free versions for personal, home use. Some objects embed themselves so deeply within the operating system that free tools cannot completely remove them. For those, or if you’re running in a corporate environment and want continuous updates and real-time protection, consider a commercial offering.

Unnecessary Services and Processes
The default installation of Windows(c) configures a number of services that run automatically whenever the system is booted, many of which are never needed by the majority of users. Stopping these processes and preventing them from running can free up significant memory and CPU utilization. There are utilities that can make the job of identifying and disabling unnecessary processes easier. Some of this can be accomplished using Windows’ services interface. Getting to this interface differs between versions of Windows, but it will be similar to this: Start->Control Panel->Administrative Tools->Services. Here you will see the list of installed services. For each one you don’t want to run automatically every time you boot up, right-click on the name and select ‘Properties.’ In the dialog box, set the Startup Type to ‘manual.’ If you’re sure you never want the service to run (for example, if you suspect it is some kind of malware), set it to ‘disabled.’ You can always change it back to ‘automatic’ if you experience problems. Once you’ve finished setting the startup type on any services you’ve modified, you should reboot your computer. Simply stopping a service does not always completely free up resources that may have been reserved. The following are some services that are rarely needed by most users: Messenger Service (has nothing to do with instant messenger (IM) software), Remote Registry Service (do you ever need to edit your registry from a remote location?), Error Reporting Service (pops up the annoying “notify Microsoft about this bug” every time something crashes), Alerter (no need for this), Fast User Switching Compatibility (even with this disabled, you can still log off and log back on as someone else), Telnet (if you must enable a command-line log on from a remote location, use a secure shell (SSH) service instead).
There are other services which you may be able to disable, and there are other (non-service) processes that may be started by Windows. You can see which processes are running on your system by running the task manager (Ctrl-Alt-Del -> Task Manager) and selecting the Processes tab. These are started from registry entries, items in the Startup folder, and a number of other sources. With the task manager you can kill any of these processes (if you know which ones should be killed), but unless you find out where they’re coming from and remove the source, they will automatically restart. All these processes (including the services) can be managed with a program called Wintask 5 (liutilities.com). This tool gives you access to one of the most complete process libraries available, with the ability to identify, remove, or block undesirable processes. It costs about $30.00, but a free trial can be downloaded from the company’s website.

Optimize the Hard Drive(s)
Most people realize that they have to defragment their Hard Drives periodically or disk performance will suffer. Windows’ built-in defragmenter does an adequate job of defragmenting most files, but it has it’s limitations. Certain system files (including the registry) won’t be defragmented. Also, with this utility running, you can’t use your system for anything else. This program is actually a ‘light’ version of Diskeeper (diskeeper.com), which also comes in commercial flavors starting at about $30.00. For that price you get more efficient and complete defragmentation which can work in real-time, utilizing unused CPU cycles (so it doesn’t slow your system down).

Clean the Registry
The last thing I generally do when optimizing a system is to clean / optimize the registry. This removes references to obsolete objects and redundant entries, and repairs broken links. Again, this is accomplished with a utility. Remember to back up the registry first by using the File->Export menu option in the registry editor (regedit). The best type of utility for cleaning the registry is one that can defragment as well as clean it, something like RegistryBooster 2 (liutilities.com).
All of these optimization steps either require a utility or can be made easier with one. You can acquire free utilities or commercial variants. If you’re going to consider commercial software, you can save money by buying a suite. You can usually pick up a package deal for significantly less than the cost of individual components. Some, like PowerSuite from UniBlue, will also analyze and set the optimum parameters for your systems memory, CPU, and network configurations. Note that Powersuite includes a task manager, spyware removal and protection, and the RegistryBooster 2 registry cleaner, but alas, it does not include disk optimization.

Two of the worst causes of problems in personal computers these days is the prevalence of spyware and adware. Spyware and adware are types of malicious software (AKA malware) that infect PCs. Unlike other malware like viruses and trojans, spyware and adware don’t exist to cause damage directly, but to collect information about a user’s surfing habits, purchasing preferences, etc. and send it to marketing agencies (spyware), or to serve advertisements to the user, often making them appear as if they are normal pop-ups encountered while surfing the web (adware). Both these types of malware consume CPU cycles, memory, and network bandwidth, causing degradation in system performance and stability. Severe infections can make surfing the internet impossible or even render the entire system unusable. On top of that, spyware serves as an invasion of privacy, because the data collected can be used not only to target you with unwanted advertising, but quite possibly with identity theft as well.

The source of these infections can be email attachments, or files downloaded from the internet disguised as (or embedded within) useful software. Some adware and spyware can also be picked up simply by surfing to certain websites.

Removal of this type of malware is usually accomplished with the aid of utilities written for this purpose. There are free and commercially products available, each with their own set of strengths. Spybot Search & Destroy (safer-networking.org) and Adaware (lavasoft.de) are two long-standing products which offer free versions for personal, home use. Running scans with both these products, one after the other, will allow you to effectively remove most malware. Some objects however embed themselves so deeply within the operating system that free tools cannot completely remove them. There are a number of other tools available for dealing with these nefarious objects, each customized for the particular type of infection they’re designed to combat. For example, CWShredder (us.trendmicro.com) was designed to remove a rather insidious form of web browser hijacker, which redirects your searches, changes your home page, and creates bookmarks to other sites. Another tool for combatting hijackers and other malware is hijackthis, also from TrendMicro. Both of these tools are for experienced, technical users. You have to know specifically what you’re looking for. This is especially true of hijackthis, which will happily let you remove components that are actually quite critical to your system.

For these infections that are harder to find and kill, or if you’re running in a corporate environment and want continuous updates and real-time protection, you should consider a commercial offering. Adaware Pro sells for $39.00. The cost of the corporate edition of Sypot S & D is not given on their website.

An ounce of Prevention
A strictly commercial product (with a free trial) is >SpyEraser 2 from Uniblue ($29.95, uniblue.com). In addition to the ability to remove most spyware and adware, it offers real-time, continuous protection against becoming infected in the first place, and automatic daily updates. A free scan of your system is available from their website, as is an award-winning process library that can help you identify potentially dangerous processes that are running invisibly on your system.

Whether you decide to collect a set of free utilities or take the plunge and purchase a product depends on your level of expertise, the amount of free time you have to investigate and learn to use the various tools, and if you want or need the technical support that comes with a commercial product. In any case, it should be clear that you have to do something to combat spyware and adware on a regular basis if you want to keep your system running efficiently.

As reported a few months ago, I wrote a series of articles for an anonymous Helium Marketplace publisher related to PC Optimization. Well, they bought one - an article written ‘on spec’ about the benefits of a paid-for registry optimizer. Since I had an inkling that the publisher is Uniblue software, I made sure to mention their product. I did not mention it in the article, but my choice for free registry optimizers is CCleaner. Aside from that omission, the article has valid information concerning features to look for in a registry cleaner. An excerpt follows. For a limited time, the article can be read in it’s entirety. Once Uniblue publishes it, it will be removed from Helium, since they bought exclusive rights to the content.

---

This content was removed per the purchase agreement.  The original article can be read here, with someone else’s byline.  They can do that because they purchased exclusive rights. –Jp

This article was originally published by Triond on their web site ComputerSight. I thought it was time to reprint it here, so it appears below in its entirety.

---

Configuration Management (’CM’ hereafter) means a lot of different things to different people. Weighty tomes have been written describing the goals, policies, procedures, benefits, pitfalls, and a variety of definitions of CM. One recent CM plan I worked on is a 20-something page document attempting to detail this information and how it relates to the client’s projects.Most of the information available can be boiled down into 4 key concepts, or what can be called the 4 cornerstones of great CM. These concepts represent ideals. The challenge is in the implementation, so that the policies, procedures, and utilities developed support these ideals, or at least the intent behind them.

1. Version Control : Everything is maintained in a Version Control tool like Serena’s. Some agreed set of items (Configuration Items, or CI’s for short) stored within the tool represent baselines. In other words, they are the set of revisions currently in production. They are not necessarily the most recent revisions.Builds intended for deployment to any post-development environment (QA, Test, Prod, whatever) are always pulled from Version Control, and never copied directly from a development environment.
2. Separation of Duties and Least Privilege : Actually, these are two principles lumped together because Least Privilege is not possible without Separation of Duties, and Separation of Duties is pointless without Least Privilege. The former simply means that no single person has independent responsibility over more than one area of a system.For example, developers change code, perform unit test, etc., but do not deploy or promote such code to any non-development environment. CM people promote code, but do not develop applications, nor do they approve code changes made by developers (although they may participate in code reviews).
   DBAs have database privileges, but don’t develop application code nor act as system admins. And so on. The Least Privilege principle simply states that no person or running process has more access or system privilege than they need to perform their normal duties or functions at any point in time.Access or privilege for either people or processes can temporarily be increased during the performance of some activity as necessary, then immediately restricted again. Policies implementing these controls make allowances in both these principles for emergency situations.
3. Auditing : CM personnel periodically conduct audits of applications, systems, and procedures. Any updated application software or configurable item should be traceable to an approved change request, as well as through the entire set of existing quality control, tech review, and change control procedures.This includes not only application executables but database configurations as well. All items are compared with their baseline counterparts in the Version Control repository (ie; the revisions marked as ‘Production’). Discrepancies are reported as non-compliance issues and investigated, and will generally lead to procedural changes designed to eliminate future non-compliance.
4. Automate, Automate, Automate : This one is an over-riding theme for how we accomplish all this with limited resources. Checking items out of and into Version Control should be quick and painless, and integrated into development IDEs (Interactive Development Environments) if possible. Code promotions are scripted. Database changes are scripted. Auditing utilities are scripted.These scripts themselves are subject to review and kept in version control. Tying it all together gives us reliable, secure systems built with verifiable, repeatable and efficient processes.

My family and I recently took a break from Michigan’s cold and rainy early spring and vacationed in Arizona. We flew into Phoenix, rented a car, and set out for a number of destinations, all of which were great for R and R.

First we visited some good friends in Lake Havesu City. Matt and Tee showed us around Lake Havesu, and Matt particulary proved to be a fountainhead of knowledge about the town and it’s history. For example, Robert McCulloch of McCulloch Oil (think also, “Chainsaws”) basically founded the town, and he paid to move the London Bridge from London To Lake Havesu. Yes, the London Bridge. Matt and Tee were great hosts, and took us tooling around on the Colorado River and Lake Havesu in their boat. Most of us got our first glimps of California there.

After a few days we headed on down to Sierra Vista to visit my Dad and his two dogs, Bonnie and Lucky. We also met his friend (GF?) Marita. Sometimes we just lounged around and enjoyed the weather or swam in the pool, but we also went hiking in the neighboring mountains. Even though she is not a native to the territory, Marita proved to be delightfully knowledgable about the local flora, pointing out to us alligator cypress, manzanitas, prickly pear, and other species that grow there.

While we were staying with my Dad, we took a day trip to legendary Tombstone, where the gunfight at the OK Corral took place in 1881. The movies always portray the Earps and Doc Holliday as the good guys, standing up for law and order and trying to protect the town’s citizens from the outlaw gang known as the Cow-boys. The truth is, the Cow-boys (with the possible exception of Ike Clanton, an abrasive loud-mouth) were actually well liked by most of the towns’ people. They brought money into the town, whose principle business was saloon keeping, and they rarely carried out their lawbreaking in town.
On the other hand, the Earps were seen by many as opportunists, setting up gambling a establishment and using their connections with the law to play favorites. Nevertheless, the story is rich with drama, action, intrigue, and conflict that persists to this day. I was inspired to write an article, Surprising Facts About the Gunfight at the OK Corral. Check it out and let me know what you think.
Oh, and feel free to check out all the pix from the Arizona trip.

Someone posted a challenge to the writers on Associated Content to come up with humor articles to be posted on the April 1st, April Fool’s Day. Being somewhat of a fool myself, I accepted the challenge, along with a dozen or so of my fellow AC writers. The results are compiled in a Squidoo lens - I’ve included the link below. My entry is printed here for your convenience. If you like it, consider voting for it on Squidoo by following the link.

---

Foolin’ With Your Kids
Not only is it our “birth”-right to play jokes on our children, it is also our sacred duty, and one that my wife and I take very seriously. After all, how else will they learn patience? How will they learn humility? How will they learn to fool and embarrass our grandchildren when the time comes?
Embarrassment
There are numerous ways to embarrass your kids. Some kids are embarrassed by the mere presence of their parents when they’re hanging out with their friends. This should be exploited whenever possible. Accentuate whatever traits you possess that your kids find embarrassing. If possible, combine these traits for maximum impact. For example, if your singing embarrasses them and they can’t stand old country music, pull up to the school to pick them up with your windows open, belting out “Lovesick Blues” at the top of your lungs. Volunteer to chaperon the high school dance, and show up wearing the same pastel-colored velvetine tuxedo you wore to your 1979 prom. While there, offer to teach your daughter, her date, and all her friends how to do the “Electric Slide.”
Embarrassing your teenage kids is almost too easy, and can be done pretty much anywhere at any time. Whip out the baby pix showing your son in the buff. Say things like “Aw, my little man is growing up. Looks like he’s finally gotten over the ‘girls have cooties’ phase.” These are especially good when your son is spending time with a new girlfriend.
Tall Tales
Getting your kids to fall for some things is a little more challenging. When my son Stan, who’s now 13, was about 5 years old, he was asking me about the various knobs and buttons on the dash of my car. I went through the radio, windshield washers, fog lights, etc. Then, adopting the soberest countenance I could muster, I pointed to the emergency flashers. “You should never, ever, push this button.”
“Why not?” he gravely asked.
“That is the ejector seat.”
“What’s a ‘jector seat?”
So I explained what an ejector seat was, and how after it was introduced to the public in the James Bond movies, people started asking for them in their own cars. Responding to this demand, the car manufacturers began making them options that anyone could get when they bought a new car.
He was nervous, but fascinated. “So what would happen if I pushed the button?”
“A secret panel in the roof would open up, and a super powerful spring would shoot you right out. The car would keep going, so you’d land in the road and probably get run over by that truck behind us.”
“Wow. Does Katie know about this?” he asked. Katie is his older sister, and I wasn’t sure whether he was worried that she might push the button on him, or excited about the possibility of pushing the button on her.
About a year later, I was again driving with my son in the car, and I had forgotten all about the ejector seat conversation. Not him! We needed milk, so I stopped at the corner store. I told him I would be right out, and to keep the doors locked and not let anyone in the car. He says, “Don’t worry, Dad! If anyone tries to get in, I’ll just slide over into your seat and push the ejector seat button! Boy, won’t they be surprised!”
“Um… yes. But keep the doors locked just in case.”
A few months later we were once again in the car together, and I needed to use the rear defroster. I accidentally hit the emergency flashers button first. They flashed a couple of times before I turned them off and turned on the defroster. My son jerked is head to look at me, eyes wide as tea saucers. I knew what he was thinking. I said, “Boy, it’s a good thing that ejector seat has a 5 second timer! I remembered to shut it off before it flashed 5 times, thank God. You were almost a goner!”
“Da-ad! Why did you do that? You almost splatted me on the road!”
“Sorry pal, I just hit the wrong button. It won’t happen again.”
My wife said that some day when he becomes the laughing stock of his driver’s education class, he’s going to come home and kick my butt. Maybe so, but I won’t be alone. Not long after this last exchange he was basically tattling to his Grandma about me almost splatting him on the road. We had to surreptitiously explain what was going on. Now she’s completely in on it with us. My daughter on the other hand tried to tell him that we were all making it up. When she wouldn’t sit in the passenger seat so he could “prove” that we weren’t (mainly because she couldn’t be bothered to move), he became more convinced than ever that she was lying to him. [click to continue...]

The RIAA’s Investigators Operating Illegally?

The Recording Industry of America Association (RIAA) is the agency trying to enforce copyrights by suing suspected file sharers. They employ MediaSentry for the forensic examination of the computers owned by suspected violators, which opens up for scrutiny not only shared music, but any personal information stored on the PCs. Recently, MediaSentry has come under fire for conducting such examinations for evidence to be used in court cases without having Private Investigator (PI) licenses. Massachusetts has ordered them to cease operations there until they obtain the proper licenses. Several other states have issued various statements and warnings, including Michigan. This gives defendants the possibility of getting evidence disallowed in their trials, and opens the doors for recriminations from past defendants who settled out of court based on evidence that may not have been legally obtained. So far, MediaSentry has taken the stance that their role in the investigations does not require a PI license. This story bears watching closely. If anyone challenges the evidence gathered by MediaSentry, and it follows that they have to obtain PI licenses going forward, how many counter-suits from past cases will suddenly be filed by defendants who settled out of court on the strength of evidence that would not have been admitted in court?

Courts Can’t Force You To Reveal Your Passwords and Encryption Keys

Another case making headlines lately involves a Grand Jury’s attempt to order a defendant to reveal his encryption password so that prosecutors could assess the files on his hard drive. It turns out that passwords and encryption keys are protected under the 5th amendment, which basically prohibits the forcing of defendants to testify against themselves. A federal Magistrate ruled the Grand Jury’s subpoena unconstitutional. The government has appealed. If the suspect - a Canadian with U.S. residency by the name of Sebastien Boucher - is actually guilty of child pornography, I hope the government finds enough evidence to convict him without violating his 5th amendment rights.References:

• www.law.com reported on passwords and the 5th amendment.
• recordingindustryvspeople.blogspot.com brought the MediaSentry story to light.
• bloggernews.net - discusses the implications of the RIAA’s investigators operating illegally in certain states.

---

Some time back I wrote an article about Charity Music, a great non-profit organization that provides musical instruments (and sometimes instruction) to students, soldiers, and senior citizens who desire to play but can’t afford to buy or rent them. The article was originally published on Associated Content, but as reported at the time, I planned to also post it on Helium. The great thing about the article appearing on Helium is the fact that I could donate all advertising revenue (my share at least) to the charity itself! So if you missed the article the first time around, read all about Charity Music on Helium, and remember - just by reading it you’ll be helping out a fantastic cause.

Pub Crawl!

I thought this would be a good opportunity to let you know about a recent development at Charity Music. They are organizing what they hope will be the biggest Pub Crawl in history, and they hope to get listed in the Guinness World Book of Records in the process. The goal is to have up to 100 clubs and bars from every state participating. If you own a bar and would like to get in on this, it might be a good way to get some great publicity, and in any case you would be helping out the cause. More information is available at the Pub Crawl Registration site.

A Helium Marketplace publisher recently asked for an article entitled ‘Quick Tips for Inner Peace’, with a 700 word maximum. I condense religion, psychology, and meditation and attempt to answer the call. Let me know how you think I did.

---

Inner peace is a state of mind in which one is free from conflict in mind and spirit. This is not to say that there is no conflict in one’s life, simply that there is harmony between one’s mental, emotional, and spiritual aspects. Without such harmony, the flow of creativity slows or stops, physical and emotional ailments do not heal as quickly and may worsen, and progress toward ones goals in life is impeded. To remove these blockages one must restore harmony and return to a state of inner peace. Understanding is the first key to unlocking the door.

Let Go of the Past
Often attaining inner peace is not so much acquiring something as it is letting things go. The past is immutable, so holding on to regrets is counter-productive. Understand that mistakes are part of our humanity, and that sometimes it is the lessons learned the hard way that enable us to mature and progress. Realizing that just as much of our wisdom comes from error as from trial, one begins to accept that our mistakes play an indispensable role in our development.

Guilt is a large source of internal conflict, and must be expunged. The quickest way to reduce guilt is to apologize to those whom you’ve wronged. It is not essential that they actually forgive you, but it is essential that your apology is sincere. You have to actually mean it when you express your remorse. In this way, guilt fades to regret, which can then be dealt with accordingly. Examine the bad decisions and lapses in judgment, figure out where you went wrong and how you could have handled the situations differently, then move on.

Read the Rest of the Article >>

The Field Car was a beater. It was a 1971 Maverick, which I bought in 1980 while in college. It wasn’t really a beater then, but it didn’t take me long to turn it into one. With dedication and determination, any car can be turned into a beater in a matter of months.

The transformation on the Maverick began when my room mate Tim came home with me for the weekend, and I had to repair the fences around the horse pasture. My parents left for the day, and we didn’t want to carry fence wire, tools, and extra posts around a 200 acre pasture, so we put it all in my car and headed out. All was well for the most part, until we got bored and decided to see how well the Maverick would take the hills. The educational opportunities in this type of exercise cannot be overstated. Not only did we get most of the fences fixed that weekend, but we learned how to replace shock absorbers, too! We could have learned to do some body and paint work as well, but we decided that the little scratches and dings just added character to the car. Tim dubbed it the “Field Car,” a name that has stuck with the Maverick ever since.

Beatership wasn’t bestowed upon the Field Car all at once. Sometimes days or even weeks would go by without it acquiring a single new distinguishing feature. Then just when it seemed like progress had stalled, an opportunity for further customization would present itself, although I seldom recognized it as such until after the fact. The distinctive markings on the roof of the car for example came about when Tim and I were on our way to meet some friends and didn’t want to wait for a train. When we saw the lights start flashing at a crossing up ahead, we were sure we could safely beat the on-coming train. Indeed, we beat the train with a hundred yards to spare. It was the descending barrier that proved to be the real challenge. We actually did beat it… mostly.

Read the Rest of the Story >>>

A fellow writer on Associated Content by the name of Jennifer Eblin recently published a story entitled Staley Road: A Local Haunting. It has the makings of a great ghost story: a bleeding barn, satanic cults, lights and electrical systems malfunctioning - you know, things that make local legends like this one fun.

Jennifer is careful to point out that the legends surrounding the supposedly haunted area have little basis in history. The farmer and miller who legend says killed his family, did not. She also cautions readers that the property owner is not happy about the tresspassers who park on his property and make nuisances of themselves, particularly in the middle of the night. He has gone so far as to file a lawsuit against a publisher for including his barn in a collection of wierd places in Ohio.

Well, he’s at it again, only this time the subject of the lawsuit is Jennifer herself. Even though she clearly informs readers that the legends are false, and that the property owner has little patience with ghost hunters, the law firm representing him has written her twice, notifying Jennifer that she is being named in a new suit, and demanding that she “take down” the website where her article is published.

The demands are absurd. For one thing, Associated Content owns the site, not Jennifer, who has no authority to remove the article, much less take down the site. For another, I find it very difficult to believe that her article has led to any measurable increase in property damage. Incidentally, the man lost the previous suit.

Judge for yourself. Read the article, and leave your thoughts either there (AC allows anonymous comments), or here if you prefer.

I first wrote this article as a submission to Helium’s Marketplace. It was not chosen, so my loss is your gain, as I’m posting it here in it’s entirety. Note that I received no compensation for this article, but since I was hoping WinRAR would choose to publish it, I can’t say it is completely unbiased. That being said, every point in the article is absolutely true, and the benchmarks referenced are available for anyone to view.

*** Original Article Below ***

Two of the most popular file compression programs on the market today are WinZIP and WinRAR. The question that inevitably arises is, which is a better buy? The answer can be found by comparing the performance, price, and features of each.

Compression - the whole purpose behind using compression software is to shrink the size of files for more efficient storage and faster transmission over a network. Thus, how well a utility compresses files should be of primary concern to those needing to choose one. Many independent sites on the Internet consistently show that WinRAR compresses files more than WinZIP. There are a few exceptions with specific file types, particularly those that are already compressed in their native format, like mp3 files. These do not compress very much in any case by either WinRAR or WinZIP. WinRAR comes out the clear winner among most other, highly compressible file types, and the aggregate or overall measures generally show WinRAR on top. Supporting data can be found on wikipedia (Comparison_of_file_archivers), techarp.com (Compression Comparison Guide Rev. 2.0), and maximumcompression.com. [click to continue...]

About 18 months ago I bought a SimpleTech 160 Gigabyte external USB hard drive for storing media files and backing up other data. I reformatted the drive so it would be writable from linux (using the reiserfs file system type). It worked great until about a month ago. At that time, whenever I rebooted, I had to power the drive off and on several times before linux would recognize it. Finally it stopped working altogether.

I tried moving it to another computer, but it wasn’t recognized there, either. The warranty on these drives is only 12 months, so I had no recourse with the company. With little to lose, I took the drive out of the enclosure to see what was under the cover. It was a Seagate Barracuda 160 Gigabyte Ultra IDE internal drive, with some circuitry to convert USB signals to IDE.

I removed the drive from the enclosure and installed it directly into the linux file server. Once I configured the mount point, it now works like a charm. I gave up the convenience of moving the drive from machine to machine, but I gained quite a bit of performance, and - more importantly - retained the data that had accumulated on the drive.

I have since read in various forums that this type of failure of external drives is fairly common. Most people fix it by buying a generic external enclosure to replace the original one. If you really need the portability, this is a better way to go. If you’re like me however, who just bought the external drive for ease of installation and because it was on sale, removing the drive from it’s enclosure and mounting it inside your computer might be a good way to recover a failing device.

One final note: I find it interesting that SimpleTech only warrants the product for 12 months, but according to Seagate’s web site, the Barracuda carries a 5 year warranty. It’s almost as if SimpleTech is admitting that the most likely point of failure is in the enclosure they provide.