Friday, November 28, 2014
Women in computing
Interesting article on women in computing by NPR at http://www.npr.org/blogs/money/2014/10/21/357629765/when-women-stopped-coding?mkt_tok=3RkMMJWWfF9wsRonuazPZKXonjHpfsX67uspXqK1lMI%2F0ER3fOvrPUfGjI4ATsFiI%2BSLDwEYGJlv6SgFSrXMMbZmwLgFWBU%3D \
Having gone to college learning computers in the 1970s, I find this interesting as it has always been told to me from then when in college to when started teaching after that and to today that this is a male program. In college my classes were mostly women but I was in unique situation being one of fist men at a former women’s college. However teaching at technical colleges since, quite often my classes have always been majority women except the early 2000s when I was at HGTC and first couple years here at GNTC. Not sure why shift then. Just like my day Cisco class now (5 of 6 are women) my data processing classes in 80s at STC were often 80-90% women.
Even though I would always hear it was male dominated, pictures were women with computers. I also know that the people called computers in the 40s (that was a real job title for people who sat in Washington doing calculations for artillery tables) were mostly women. My mom was one of them. I have her score sheet from the test to be a computer if anyone wants me to send. So I am the son of a computer. lol
Saturday, September 13, 2014
phishing emails
There are new varieties of phishing emails going out which look more and more real.
One came from the bank Wal-Mart credit card is with now appearing very real and actually had muy name on it but had wrong last 4 digits of credit card shown. It had a mis-leading link that wanted you to click link to get important message. However hovering over the link neither Wal-Mart or Synchrony bank was the domain but some bill paying domain. Wal-Mart told me it was a phishing email when I contacted them to see if real.
Now one has come from Adobe which looks ok except that it is supposedly receipt for signing up for Creative Cloud and has an attachment that appears is a word document on hovering, but I suspect has links or other in it. The two give aways are 1.) I have not signed up for anything form Adobe recently and 1.) it is written to Dear Customer instead of my name. If it was a real receipt it would have my name and normally receipts by email are in the body of email. Looking at the headers further shows it cdid not come from Adobe but somewhere else. These people did try harder and set sender and reply to as billing@adobe.com but then when they sent adobe.com would not verify that address to yahoo as a sending ip address. Furthermore in looking I see the email address it came to is my old version I have not used in years as it was supposedly closed on that subdomain. I have written adobe at phishing@adobe.com and you can use same address (it is on their web site). When I get response I will follow up.
Don't click on links in emails that look suspicious like these as it may download malware on your machine to steal information of ask you for information that you should not give from a link like social security number, credit card info, bank accounts, passwords, etc.
Be safe and be careful, but enjoy the world wide web.
Monday, September 1, 2014
Bringing manufacturing back to USA
This weekend I am in Rogers Arkansas at the Daisy National BB Gun Championship Match. Daisy headquarters and their assembly plant are here in Rogers and have been for 50 years or nearby. I assembled a gun here several years ago I still have.
Tonight (July 4, 2014) at the opening ceremony for the match (55 teams of kids from across the USA who placed in top three in state competitions), the president of Daisy announced that he is beginning the process of moving the full manufacturing of their BB guns back to the USA. He said it will take several years as they will have to locate or start organizations to make the parts and that it will result in increased employment.
Next year is the 75th year of the Daisy Red Ryder BB gun and tonight they gave all coaches and staff (including me) a 75th anniversary edition of the Red Ryder ahead of future release of the gun. Next year will the 50th match. I do the web site and photos for the match and have been at the match either as this or coach, match director, national director for 19 years.
Registering names in Asia emails
In the last few weeks I got notices several times about companies wanting to register my name in China. I have researched it and this is what I found
Many businesses and private domain owners have received emails from a company in China or elsewhere in Asia recently telling them that someone in China or another country in Asia has requested to register their domain name and use of it as a keyword in China or whatever country. It states they found you are the registered domain owner and as that are the legal trademark holder in China and you need to let this registrar know or they will sell your Chinese domain name.
This is a phishing letter. They are not contacting you to protect you but in turn to ask for financial information so they steal your money. I received one of these letters for dwightwatt.com domain which I do own and a little checking by a legitimate outfit would not write me concerning my “dwightwatt business”. If you get one of these emails trash it and do not respond to it. If you do respond, notify all financial institutions that you have answered a scam so they can put holds on your accounts.
The second part is saying you will lose your rights to using your name as a keyword. There is no registration of keywords. There are some products that are out there do use a keyword but none of the browsers support that. Basically it is like AOL was back originally before merged in with Internet and companies had a specific word but every one uses domain names now except Chinese using a specific software, and as they open more to Internet it will die. We use keywords now as as a list of terms in the header of document that tells how it should be indexed. Google and other search engines do work to try to keep people from using misleading keywords so they may use all you list and they look for meaningfulness also to the page.
Watch out for any emails concerning banking, domain names, etc for being phishing. This is just the latest variety of the Nigerian emails which date back to pre-email by use of snail mail (I have heard recently some are now doing phishing attempts again using regular phone and USPS mail.
Monday, April 14, 2014
Heart bleed bug (Watt Thoughts)
Last week Google and one other security firm announced they had found a major security bug on the Internet they called the Heart bleed bug. It is not known how much information has been stolen using the bug.
The heart bleed bug is a bug and not malware. It is not something that spreads like a virus. This is a mistake that was made in the Open SSL program protocol several years ago that was just now discovered. Errors in computer programs are called bugs.
Open SSL is used by web servers that use Apache and other open source web servers. Open source programs are programs that the source code (what the program is written in originally) is available for everyone (not just the compiled code) and usually is updated by lots of volunteers. Linux/UNIX servers use Apache as their web server. Android is basically a derivative of UNIX/Linux so it uses the same protocols. A protocol is a set of rules used to communicate by.
This means that Windows web servers and Apple web servers are not affected. This is significant in that up to now Linux users have kept saying their machines are safe from most past malware, but possibly the biggest bug turns up on their machines. It does mean you can have had information stolen from a server you were connected to using Windows, just the problem is not on Windows end.
The bug works from a simple approach that has a good purpose but released too much information. Basically when you connect to a secure web server (when the padlock appears in your browser or it uses https protocol it is encrypting the link between the server and you using SSL). On open source servers that use Apache they are using Open SSL. This is estimated to be 60% of the web servers. The encrypted conversation is established and information is sent back and forth. However if nothing is sent for a period one end will send a heartbeat message to the other end asking are you still there basically. The server responds. Unfortunately with this version of Open SSL it does not just send back just the answer but also sends what ever is in memory at that point. So if a different machine send a heartbeat to the server it sends back part of memory (the bleed part of the name) also for that machine. Sorta like you are on phone with someone and it is silence and you ask are you still there and instead of just answering yes they tell you their SSN, password to bank, etc.
This means that someone may have gotten your passwords associated with accounts. The bug leaves no trail so there is no way to see what it gave out.
You should be being notified by secure web sites you deal with whether they were affected and if they were if they have put updates in that fix the bug. Until fixes be are there you don't want to change passwords as they could still be stolen.
It is not a bug that will be on your personal machine unless you are using one specific version of Android, as otherwise it is just on servers and your PCs, tablets, phones are clients. Android 4.1.1 (also called Jellybean) has the bug and you need to update to Android 4.1.2 if you are using 4.1.1. You can establish a secure connection using your Android phone is why it is affected on this version.
Even though the bank or other secure site you use says they were not affected you should still consider changing passwords as you may have used that account at another site to get something and the password also somewhere. There appears to be a large impact on gaming as people use credit cards extensively there and most of those servers are Linux/Apache based.
No one really knows the impact of this bug, but the potential is very large.
This is based on my research of the Heart bleed bug and my knowledge of computer security. I am certified in MTA security and taught basic computer security for several years and recently took a cyber crime MOOC course thru Excelsior College and am currently taking a computer security course online with Cisco.
Windows XP and Office 2003 end of support
Microsoft is discontinuing support for Windows XP and Office 2003 today. Some of you are getting popup messages from Microsoft reminding you of that.
This does not mean that Office 2003 and Windows XP will no longer work. They will keep on working. What it does mean is that Microsoft will no longer provide new upgrade, service patches, security patches and service packs to these products. Also they will no longer answer questions bout the software. However computer support people (those that fix PCs like me) will mostly continue to fix PCs with XP and answer questions. There are a few PC support people I know that will not work on anything but newest stuff. PC support people are like auto mechanics, we generally work on new and old machines and most often old as they are ones that start breaking
I have seen a statistic this week that 35% of PCs still use Windows XP. I know people that still use Window 98 and 95 and those had support dropped years ago. People still us Windows 97 which has not ben supported in years. Wal-Mart check out terminals still use Windows XP in most cases and 90% of Bank ATMs the statistics say use Windows XP.
You will be fine to keep on using Windows XP and Office 2003. Make sure you do keep a current antivirus program on your machine and that it stays updated.
If you decide to get a new machine look at how Windows 8 looks and runs before you get a machine with it. It is a totally different interface (look) and many people do not like it. You can still buy computers with Windows 7 which is still supported by Microsoft.
If you do get the pop-up warnings just ignore them and do not panic.
Subscribe to:
Posts (Atom)