Wednesday, May 31, 2006

iiNet's travails

Internet provider iiNet saw it's stock value halved after slashing it's earnings forecasts due to the poorly executed takeover of Ozemail. Of course, making a conditional share placement at half the market price has a tendency to make existing shareholders nervous about the value of their shares..

iiNet's problems are a classic case study of how the IT industry gets it wrong so often. Ozemail was always going to be a problem child having been run down by it's previous owners. By buying a competitor bigger than itself, iiNet simply bit off more than it could chew.

The lesson is clear to IT businesses, big and small: Don't seek new customers if you are having trouble satisfying existing customers.

For customers, there's also a lesson. If there's an hour wait to get through to support, then that provider has a problem. Unless that provider is extremely cheap then you should be taking your business elsewhere.

Tuesday, May 30, 2006

Computer hijacking

The Sydney Morning Herald's tech section has a breathless article on the risks of ransomware. Ransomware is a virus or trojan that locks you out of your data and demands a ransom to unlock it. The first occurrence of ransomware was reported a year or so ago.

Ransomware is way overstated as a risk, for the writers the money trail would quickly lead the authorities to them and certain jail or a visit from some unhappy victims. Spyware writing and system hijacking are far more profitable and less risky pursuits. The funny thing is that no-one seems to have been affected by it, as the article admits.

"Computer emergency response team Auscert, said it had received no reports of ransomware trojans in Australia but because they tend to be spread via malicious websites rather than via email it was a difficult area to monitor."

Computers being hijacked is common. Spyware and virus writers do it all the time. A hijacked computer is then used to spread spam, viruses and plaster ads everywhere.

There's no need to be hysterical about computers being hijacked because it's happening right now. I get sick of repeating all the warnings about how you should protect your computer. But here's the instruction on the PC Rescue website.

Monday, May 29, 2006

Cyber sex

Charles Wright gives columnist Ruth Ostrow a serve about online sex in his Bleeding Edge blog. Ruth gets her knickers in a twist after she and her significant other posted their details on a raunchy website. Charles is quite right to point out that this happened before the arrival of the Internet.

Where I would criticism Ruth is that she's got the wrong end of a serious issue. We all hear warnings about children being stalked on line, but we find the kids are quite savvy with online creeps. The people who trash their lives due to someone they met on the net are more likely to be adults in unhappy relationships.

Personally, I've seen almost a dozen families broken by the results of an online affair. One client in Sydney had his wife leave him to join a bloke in Wisconsin: She left the kids but took the computer. Her new relationship turned out to be worse, which is a typical result.

It's not just affairs either. I've never heard of a kid sending millions of dollars to a Nigerian scam or blowing the mortgage on online gaming, but I know of adults who've done both. This is probably as a big a problem of online stalking or philandering.

The real story here is that you need to watch all your family member's computer use. Your husband, wife, girlfriend or boyfriend is as likely to get into trouble on the net as your kids are. If you are concerned about anybody's use, you need to talk to them and take measures to reduce or monitor their use.

Thursday, May 25, 2006

Dell race to increase growth

Dell intend to "ignite growth" after being caught "flat-footed" by competitors' aggressive price cutting.

It's a difficult situation the PC manufacturers find themselves in. Until recently, the growth in the market has offset falling margins, but now PC sales are slowing and the manufacturers are finding their cashflows tightening. My guess is we are going to see further rationalisation of the market.

One of the biggest problems facing manufacturers is that their rock bottom margins leave them nowhere to move. The pressures on costs have been enormous and the vendors have been lucky that cheap Asian parts have seen the cost of systems drop dramatically in the last five years. Even that hasn't been enough and Dell have sought to cut support costs to make up for their falling margins.

This didn't work and Dell's reputation started to suffer as callers found the support lines were poorly staffed, badly trained and spoke poor English. These problems have been slightly fixed but the mud has stuck. Which makes it interesting that Dell have also announced they will spend $100m on customer service operations.

Dell customers will be thankful for that $100m investment, but I wonder how sustainable the model of increasing support while further slashing prices can be. If Dell want to have a low cost, low margin business model then support is going to suffer. It seems to me Dell want it both ways.

The big problem Dell have is their headline pricing: Desktops at $699 with notebooks and servers at $999. Of course they try to upsell customers for better warranties, more memory or bigger drives which helps pad the margin. But those headline prices are conditioning consumers to expect unrealistically cheap systems from Dell and their competitors.

If I were a Dell shareholder I'd be asking why they are spending billions on marketing so they can sell on price. Surely all that marketing spend could be spent trying to sell the message that Dell computers are better and deserve a premium price. That way they could ship a decent, well specced product, provide competent support and make a decent margin.

Wednesday, May 24, 2006

Microsoft Privileges

I was absolutely stunned to read that Microsoft gives its users Administrator rights and is only now thinking about removing them.

Every Windows users is assigned a security level, this can vary from a Restricted User who can't do things like add software or access system files up to an Administrator who can do anything and go anywhere.

Windows sets users up as Administrators unless it's told differently. In other operating systems like Mac OS X you do not get Administrator (or Root) privileges unless your specifically given them. If Windows set up restricted user accounts out of the box then we wouldn't be seeing the tidal wave of spyware and rubbish on Windows computers.

The main reason we don't set kids and office workers as Restricted Users is because many Windows applications don't run well without Administrator rights. We've tried it at many offices and homes and people have begged us to give them rights. Sadly, many of the worst offenders are Microsoft products.

Realising that Microsoft workers themselves have admin rights explains why this has happened. Microsoft's internal testing would never pick up the mess that restricted users find themselves. What's more they wouldn't know which of the software and hardware companies were supplying bodgy code that won't work without full rights.

The fact that Microsoft workers aren't forced into Restricted or Power User groups only confirms to many of us that Microsoft just doesn't get it when it comes to security. We can only hope that the upcoming Microsoft Vista does a better job than the previous attempts.

Diana Epps has a far more well thought out view on this on her blog. It makes good reading and explains the issues well. The comments also put forward some good perspectives on this.

Tuesday, May 23, 2006

Rootkits wreck havoc. Or do they?

The AusCert annual computer crime survey has some very alarming statistics: One in five corporate networks and twice as many public sector systems are infected with rootkits.

That's a serious statement. A rootkit is a set of files that hides itself deep in the system and is very difficult to find, they are often installed by spyware or hackers to take control of a system without the user knowing. One of these on your system means you have been bad infected with a virus, spyware or something much worse.

Personally, I don't believe a word of it. Given most corporate networks have some degree of security, if 20% of them were infected we'd be seeing 50% of home systems likewise affected. Tens of thousands of Australian computers would be pumping out spam, attacking the Pentagon and being a generally nuisance.

I suspect the replies to the survey have been misinterpreted. Many system administrators might have said "yes, we've had a virus infection" because they found a few java.byte trojans in a contractor's Mozilla cache. Either way, it's a silly and hysterical statement which the media thankfully hasn't picked up.

Mind you, I might use it in our market to scare up some work.

Only joking. Maybe.

Beating the Microsoft Word bug

Microsoft have warned of a serious bug in Word 2003 that is being exploited by a Trojan horse. Apparently one large US organisation has been targeted by it. Microsoft recommend only opening word attachments in Word Viewer.

This might be an opportunity to switch to sending attachments in PDF format. This is a far more secure and compact way of sending attachments. The free CutePDF is one of our favourites or you can buy a commercial product like Adobe Acrobat or PDF Factory.

Another alternative is to switch to Open Office or another office substitute. While the alternatives are good, they are not always compatible with all the features in MS Office. This is particularly true if you use the tracking features in Word.

If you need to exchange Word documents for editing, we'd recommend setting up a Restricted User account on your computer and doing your work in that account. Naturally you should have a firewall and an up-to-date antivirus. Being careful about who sends what is also important.

To date, it appears this exploit only works in Word 2003. Unfortunately we have no further details of the exploit or how to work around it. For the meantime you should be very careful about what you open.

Monday, May 22, 2006

How spyware gets on your computer

Two interesting links this weekend show how the spyware writers get their wares onto people's computers. An article in The Enquirer explains the most common spyware terms for getting infected. Anti-virus company Sophos announced how it's detected and stopped a rootkit exploit based on an online poker game.

The most common spyware terms only confirm what us techs see every day. The bulk of the terms are music download terms, others are screensaver and ringtones. Do a search on any of these, and you can be sure the top results will all be spyware related.

Sophos' detection of a rootkit using an online poker game illustrates the risks with online games. The only positive thing I can think of with this is that it targets adults instead of kids.

If people must go to these sites then it's important to run your Windows system in a restricted user profile, have an up to date antivirus and a firewall.

Thursday, May 18, 2006

MYOB and VOIP

Accounting software company MYOB is reselling Engine VOIP boxes. Apart from asking just what experience MYOB has as a reseller, I can't help but being irritated that they are neglecting their core business on silly diversions.

Our MYOB customers outnumber Quickbooks by five to one. So MYOB is the leader in Australian small business accounting software, however their product has basically not changed for nearly ten years. There's been a few add-ins bolted on, but someone familiar with the bugs and quirks of MYOB 7 would not be lost on MYOB 15.

I guess we should be happy MYOB sticks with a stable product. But there are quirks which should have been addressed years ago. A decent form editor and better integration into MS Office would be a nice start.

I can't help but thinking this deal with Engin is just another example of management seeking buzzwords rather than improving their core product.

Thursday, May 04, 2006

Why spyware writers are scumbags

In our household we're not too keen on the kids spending too much time on computers, but when they do we let the kids use the computer in the kitchen (yes, we do have one in the kitchen as well as a wireless access point). Every computer we have gets a nightly virus and spyware scan. Tonight's virus scan picked up a Java verify exploit in one of the kid's profiles.

The Java verify exploit is classic spyware. It takes advantage of a bug in the Microsoft java machine to take control of the browser. Once in, the little bugger can do anything.

So how does a ten year old get spyware into a machine? By visiting game cheat sites, that's how. Another example of how scumware writers target children as well as unsuspecting adults.

The sooner these people are shut down and thrown in gaol, the better.

Incidentally, each kid has their own profile as a limited user and is encouraged to use Firefox rather than Internet Explorer. So the spyware would have trouble doing any harm. This illustrates why all parents should take security seriously.