Reducing the risk of contracting malware on Macs

A great article to help you Mac users out there, from TechRepublic:

 

As of late one of the most talked about topics regarding Macs on the web today is malware, in particular the Flashback trojan. For nearly 10 years, the Mac has managed to successfully maneuver safely through the turbulent waters of the Internet with a pretty solid track record. But, as more Macs are increasingly being adopted and as the Internet continues to become more complex, the risk for contracting malware will continue to grow for some time to come. Apple is working to reduce the impact of infections in several ways:

• using the Mac App Store to filter out harmful applications
• providing software updates and patches
• increasing security measures in each version of OS X.

It’s unlikely that Apple will ever completely protect Macs from the harsh realities of the web, but the Mac is indeed a very secure platform and with a little effort, you can reduce yours or your users’ risk of being infected.

Best practice tips for Mac users

 

 

First, remind Mac users of the basics of how one can be exploited by malware and viruses. Fully understanding a computer’s vulnerabilities helps to reduce the odds of contracting one in the first place. Users should understand that the most common ways to contract malware is by using applications that share files. Applications such as Mail, browsers such as Safari, Firefox, and Chrome, and iChat/Messages can be easily compromised by malware because they all have the ability to share files in one form or another.

 

In most cases, it is the naive or reckless user, and not the computer, that is easiest to convince into installing malware through social engineering. This is true for all systems, regardless of OS. Malware often times present itself as a harmless file or as a familiar application in which it will attempt to convince users to click and install.

 

More sophisticated malware attempts to take advantage of lesser known services or applications running on a computer. In the case of Flashback, two methods were used. Initially Flashback would present itself as an update to Adobe Flash, convincing the user that it was a necessary update. Eventually, Flashback evolved to take advantage of a flaw in the version of Java installed on the Mac. These are the most common ways in which a Mac or a PC can contract unwanted malware.

 

Since the most vulnerable application on any computer is the browser, I’m going to run through a few tips that should work with most browsers, but I’m using Safari, the default browser on the Mac, as the example.

 

Turn off open safe files

 

Safari, as well as other browsers and mail applications support a feature designed to make life a little easier that allows for known safe files to immediately launch after downloading. Disabling this feature reduces the possibility of initiating the installation of a file that could be passing itself off as something far less harmless. The setting can be found in Safari’s Preferences pane.

 

Disable Java

 

First and foremost I want to be clear, Java is not JavaScript, and where the Internet is concerned most of us experience a web where Java is rarely needed. JavaScript on the other hand is frequently employed on the web and though disabling JavaScript will indeed make your Mac more secure, it’s a technology that we on the web have become heavily dependent on. When Java is needed on the web, you will often be presented with a request to install Java when it is disabled. When you’re in a situation where you require Java, it is a simple as opening up your browser preferences and enabling it for use to accomplish your task. Disabling it once again when you’re finished will again assist in the prevention of contracting malware.

 

Disable plugins

 

Most of us will grapple with this request, however, the web is moving more and more away from the use of plugins such as Flash and more toward HTML 5. If you’re willing to compromise some of your web experiences, you will both be protecting yourself while helping the web to move in a positive direction. Many websites rely on Flash, however, if users are visiting these sites with plugins disabled, webmasters are able to see how many people are visiting the site and what technologies they are using to access it. If a significant number of users do so without plugins, webmasters will be more likely to consider making the jump from Flash, an application that is often unstable and vulnerable to attack, to using HTML 5 — and do it more rapidly. In the end, disabling plugins benefits us all.

 

Each of these steps will help to reduce the odds of infection, though it’s important to remember that there is no such thing as an impenetrable computer connected to the Internet.

The malware numbers game: how many viruses are out there?

From ZDNet:

 

How many strains of malware are in circulation right now, for Windows PCs, Android devices, and Macs?

That seems like a straightforward question, but the answer is far from simple. And the number might be a lot lower than you think.

If you check with the leading security companies, you might be tempted to pick an answer in the millions. After all, that’s how many listings you’ll find in the definition files for common antivirus programs. At day’s end on April 12, for example, Symantec published the summary shown below, noting that its latest Virus Definitions file contained 17,702,868 separate signatures.

Oh my. 17.7 million? That certainly sounds like a very big number. But before you get swept away, it’s worth taking a closer look at what it really represents.

Eight days earlier, on April 4, that same Norton/Symantec definition file contained 17,595,922 separate detections. With 106,946 additional definitions in a mere eight days, you’d probably conclude that malware is out of control.

Because the Norton brand name is primarily associated with Windows PCs, you’d probably also assume that all of that activity was aimed at the Windows platform.

And you’d be wrong in both cases.

Definition files are a great way of assessing the degree of activity at a computer security company. They vaguely measure the current intensity level of the cat-and-mouse game between malware authors and security companies. But counting signatures says nothing about what’s new.

I took a closer look at the Symantec definitions for that week and found a very interesting story.

Symantec, to its credit, publishes detailed information about what’s in each new definition file, including what’s new. On any given day, it displays the total number of new and revised detections, followed by their details, like this:

In the eight days between April 5 and April 12, only 12 new detections were added to Symantec’s certified definition file, with six of them added on a single day, April 10. Here’s a breakdown:

• Three were generic detections for malicious packages (Packed.Generic.360 through .362). These aren’t really new strains of malware, only new forms of packaging. The accompanying writeup calls each one a “heuristic detection for files that may have been obfuscated or encrypted in order to conceal themselves from antivirus software.”
• Four are generic detections for existing fake antivirus packages (Trojan.FakeAV!gen90 and gen91, SmartAVFraud!gen2, and SecShieldFraud!gen5). These are also heuristic detections, designed to identify rogue anti-malware programs by their behavior rather than by their ever-shifting content.
• Two were aimed at Android-powered devices: Android.Tigerbot and Android.Gonfu.D are both backdoors found in malicious Android apps.
• One new entry is simply called Adware.SafeTerra, with no associated description.
• One new entry is for something called Trojan.Darkshell, which has only a vague description (“may perform distributed denial of service attacks”).
• One is the infamous Flashback, for Macs, formally known as OSX.Flashback.K.

The total number of named entries listed in the summary of those definition files during that period was 303—12 new and 291 revised. So where does the 100,000+ number come from? It appears to be a count of individual pieces of identifying data—signatures—associated with those named entries. Counting every signature is an easy way to get to an impressively large number, but it isn’t an accurate way to asses the current threat landscape.

That list includes a lot more than malicious software, too. Categories include Adware, Hack Tool (many of which are legitimate), Joke, Misleading Application, Potentially Unwanted App, and Security Assessment Tool. When I excluded those categories, I ended up with only 213 named entries in the Trojan, Worm, and Virus categories.

I was surprised to find that many of the definitions on this list are for very old pieces of code. During this one-week period in April 2012, Symantec updated its definitions for the following pieces of ancient malware and bumped up the counter in its definition files accordingly:

• The SubSeven Trojan, which was a big deal in the late 1990s but was officially shut down in 2003
• W32.Chir.B@mm, a mass-mailing worm from 2002 that targets Internet Explorer versions 4 through 5.5
• Spybot, a family of worms that spread using the Kazaa file-sharing network and a variety of Windows 2000/XP flaws that were patched in 2003
• Netsky, a 2004-vintage mass-mailing worm
• Mydoom, another mass-mailing worm that spawned one of the first botnets; it was programmed to do most of its damage in February 2004 and fizzled out within a few years

In addition, these April 2012 definition files include multiple revised detections for Waledac and Rustock, the Trojans responsible for two prolific spam botnets that were decisively shut down inFebruary 2010 and March 2011, respectively.

For each named entry, Symantec includes the date when that entry was first added to its definitions list. Out of the total of 213 new named entries on the list, more than 85% were from 2010 or earlier. Only 31 entries were discovered in 2011 or 2012. And one-third of those were from non-Windows platforms.

Two of the recent samples were for OS X—the original OSX.Flashback, from last fall, and the newer OSX.Flashback.K, which wreaked havoc on Mac owners over the past month.

Most interestingly, eight entries on the list—more than 25%—were for Android-related malware. Given the size of the Android installed base and the lack of any central control over Android app markets, that shouldn’t be surprising. On its Latest Threats and Risks list, Symantec includes writeups for more than 80 Android-related programs, most classified as Trojans or Spyware. That’s 11% of the total of 720 items on the list.

To make sure those numbers were representative, I looked at the Symantec definitions database for the entire month of March. In all, 66 new named entries were added to the list, or about two per day. Of that total, 36 represented new, named Trojans, viruses, and worms. Five of them were aimed at Android devices, one targeted OS X (no, it wasn’t a Flashback variant), and there was one new entry each for Symbian OS, Linux, and an Adobe Flash Player exploit.

In its 2011 Security Intelligence report, released earlier this year, Microsoft security researchers noted the problem with trying to measure the threat landscape by counting unique malware samples:

Ever since criminal malware developers began using client and server polymorphism (the ability for malware to dynamically create different forms of itself to thwart antimalware programs), it has become increasingly difficult to answer the question “How many threat variants are there?” Polymorphism means that there can be as many threat variants as infected computers can produce; that is, the number is only limited by malware’s ability to generate new variations of itself.

If you look carefully at the Windows malware landscape over the last 10 years, it’s apparent that a relatively small number of families are responsible for almost all the damage we’ve seen. I’ll look more closely at those families, and the evolution of Windows malware, in a follow-up to this post.

New Mac OS X trojan spotted in the wild

An article for you Mac users out there, from ZDNet….

 

 

Summary: Security researchers from Intego, have intercepted several new variants of the Flashback Mac OS X trojan.

Security researchers from Intego, have intercepted several new variants of the Flashback Mac OS X trojan.

According to the company, the new variants of the Flashback trojan use three different infection vectors in an attempt to trick end users into installing the malware.

More details on the infection vectors:

This new variant of the Flashback Trojan horse uses three methods to infect Macs. The malware first tries to install itself using one of two Java vulnerabilities. If this is successful, users will be infected with no intervention. If these vulnerabilities are not available – if the Macs have Java up to date – then it attempts a third method of installation, trying to fool users through a social engineering trick. The applet displays a self-signed certificate, claiming to be issued by Apple. Most users won’t understand what this means, and click on Continue to allow the installation to continue.

Once the end user gets tricked into installing the malware, the Flashback trojan will patch web browsers and network applications in order to search for user names and passwords. Targeted web sites include, Google, Yahoo! CNN, numerous banking web sites, PayPal and many others. What’s particularly interesting about the  Flashback trojan is the fact that it has an auto-update feature periodically phoning back to several web sites in order to check for updates.

Intego is advising users running OS X 10.6, to update Java immediately.

Can you tell a real Facebook e-mail from a phishing attempt?

Great article from ZDNet:

 

E-mail notifications are an important part of social networking services like Facebook. If you have to continually visit the site to see what’s new, you lose much of the excitement that comes with comments on your photos or other shared items. If you forget to check for a day or two, you might miss an invitation to an event or an opportunity to connect with a long-lost friend who’s in town for a day or two.

But e-mail notifications are also a security risk. If an attacker can create a realistic-looking imitation of a Facebook notification, you might find yourself clicking on a link that can lead to malware or attempt to steal your login credentials.

Unfortunately, phishers are getting better at what they do, and spotting a fake isn’t as easy as you might think. I’ve assembled four Facebook notifications that arrived in my e-mail inbox recently. Can you tell which are real and which are fake? (Click any image to see it at full size, or visit the accompanying gallery to flip through all four screens at full size.)

Here’s one that arrived last week. As with all the images, I’ve blurred personal information but otherwise these messages are shown in full, as they appear in Microsoft Outlook’s preview pane.

If you guessed that one was a fake, congratulations. It led to a website that was flagged as dangerous by Microsoft’s SmartScreen Filter, by Google’s Safe Browsing feature, and by Safari. If you were using an outdated browser such as Internet Explorer 6 or 7, you would have seen an attempt to install a fake Flash update that was actually a password-stealing Trojan.

OK, let’s try another. Real or fake?

Do you think that odd e-mail address indicates a fake? Confusingly, Facebook notifications come from the facebookmail.com domain and include a suspicious-looking sender’s name. The long, complicated URL might also look suspicious, but this notification is a legit one from Facebook.

OK, here’s a third test. Real or fake?

Hmmm. The previous, real notification included a long complicated URL. This one has a pair of buttons that you’re supposed to click to see the comments a friend supposedly added to your shared link. That’s a favorite trick that phishers and spammers use to disguise misleading links. Surprisingly, this one is legit.

OK, last one. Real or fake?

This is a particularly convincing fake. The graphics, fonts, button design, and links are all indistinguishable from a real Facebook notification. This particular phishing attempt led to a fake online pharmacy, but it could just as easily have led to a malware installer.

One of these fakes was good enough to slip past my spam filters. In that case, the only way to determine that it wasn’t legit was to allow the mouse pointer to hover over a link or button to see what its true destination was. Here’s what it looked like:

That’s certainly not a legitimate link. Here, by contrast, is what a link from a real Facebook notification looks like:

It’s a challenge to get nontechnical users in the habit of checking links before they click, but the results are well worth it.

Five tips for using Ccleaner to degunk your system

By Jack Wallen

April 8, 2011, 12:57 PM PDT

Takeaway: Ccleaner is one of the best all-around tools for keeping your computer optimized and free of the junk that accumulates from Internet surfing, obsolete apps, and other fragments that clog up your system.

There are a lot of tools out there that handle a lot of tasks, from antivirus tools that also clean your drive of temporary files and make you coffee to tools that promise to “make your computer faster.” But as far as I’m concerned, few tools can make as much of a difference as Ccleaner, at least on a machine that’s not infected by a virus or malware. Ccleaner is easy to use and will keep your computer cleaner, more secure, and running faster. It achieves this by safely removing temporary Internet files (and other means of tracing Internet activity), cleaning up the Windows registry, and removing temporary files and recent file lists (MRUs) from various applications.

But even though Ccleaner is a simple tool to use, that doesn’t mean you should just jump in and start cleaning everything without a bit of thought. Here are some things all users should consider before and during the use of this powerful tool.

Note: This article is also available as a PDF download.

 

1: Analyze before running the Cleaner

I know a lot of admins who just fire up Ccleaner and hit the Run Cleaner button without doing an analysis first. Yes, this is a fast method of getting rid of temporary Internet files. But there’s no way of knowing what’s going to be deleted (until it’s deleted) and there’s no way of knowing how much free space the deletion is going to create. Make sure you hit the Analyze button first. Then, after you read the report, hit the Run Cleaner button. Using Ccleaner this way ensures that nothing is deleted that shouldn’t be deleted. Also, after you run the analyzer, you can look at detailed information (by application) and then add exceptions directly from the list.

 

2: Set up cookies you want to keep

When you run the Cleaner, cookies are deleted. By default, cookies are retained from Google and Yahoo, but other cookies might need to be retained. To manage this, click on the Options tab and then on the Cookies button. From that window, any cookie currently on the system can be selectively added to the exclusion list. By adding these exclusions, you don’t have to worry about important cookies disappearing after each run of Ccleaner.

 

 

3: Always back up the registry

No matter how reliable Ccleaner is and no matter how many successful registry cleanups it does, never do a cleanup without first backing up the registry. Ccleaner will go so far as to remind you to back up the registry every time you run a registry cleanup. If the registry is not backed up, one of those corrupt or missing registry keys that Ccleaner fixes might not really have needed fixing. If that key is then broken and was not backed up, the issue caused by Ccleaner could become catastrophic. Fortunately, Ccleaner makes backing up the registry as simple as a couple of clicks.

 

 

4: Use the tools to manage startup applications

Ccleaner comes with a bonus: It lets you enable, disable, or remove programs from startup. I have always found this method of managing startup applications far easier than using the standard Windows method. What I like most about this feature is that startup applications can be enabled and disabled without removing them completely. This means if you need to temporarily prevent an application from starting up, it’s easy to do by going into the Tools tab, clicking the Startup button, selecting the application to be enabled/disabled, and clicking the appropriate button. When the application needs to be re-enabled/disabled, reverse the process.

 

 

5: Use the uninstaller

One of the best aspects of Ccleaner is the ability to remove applications from within it. It typically just starts the uninstaller, but I have found that running the application uninstaller this way ends with fewer registry issues than when I uninstall from the Windows Add/Remove Programs tool. And if there are registry issues after the uninstall, registry cleanup is only a couple of clicks away.

 

 

Great tool, used wisely

Ccleaner is more than just a tool to clean the registry or empty a computer of temporary Internet files. It also makes it easy to remove applications from startup and remove applications from the machine. Just make sure you use this powerful tool intelligently to avoid rendering your machine unusable.

Eight threats your anti-virus won’t stop

This article is from Sophos, a security company:

http://www.sophos.com/security/topic/why-endpoint-security.html

High-profile incidents that make big news might seem out of the ordinary. Yet businesses of every size face similar risks in the everyday acts of using digital technology and the internet for legitimate purposes. This paper outlines eight common threats that traditional anti-virus alone won’t stop, and explains how to protect your organization using endpoint security.

The zero-day threat

Zero-day threats can exploit zero-day vulnerabilities, or previously unknown security deficiencies, that software vendors have not yet patched.

How to protect yourself: Add defenses on top of signature-based anti-virus protection.

Working outside the firewall

Not so long ago, most employees used their computers at the office. Back then, a network or gateway firewall would have been enough to protect your servers and PCs. Now people often work outside the perimeter of the organization’s network—any time they connect their laptops to the internet from airports, hotels, cafés and home.

How to protect yourself: Add location-aware client firewall software on laptops and other endpoint PCs.

The unpatched PC

One small unpatched vulnerability in an application, browser or operating system can lead to huge problems.

How to protect yourself: Patching is the first line of defense. Also use network access control, or NAC, to make sure any computer you allow on your network has all current patches and anti-virus updates in place.

The uncontrolled application

Allowing unmanaged applications access to the web brings unacceptable risk or performance issues.

How to protect yourself: Application control lets you block users from installing non-essential applications so you have fewer applications to manage and secure.

Web insecurity

Criminals abuse the web as their single biggest distribution point for malware.

How to protect yourself: Use combination of URL (reputation) filtering and scanning web pages for malware.

The lost laptop

It’s not difficult to replace a laptop, but recovering the exposed information can be.

How to protect yourself: Develop and implement a data encryption policy.

The misdirected email

One simple slip of the fingertip—and your document goes to the wrong email address. This could expose personal identifiable information.

How to protect yourself: Use data loss prevention software to scan for sensitive content.

The infected USB device

Every time users plug a USB device into a company computer, they bypass other layers of defense such as gateway firewall protection. That makes devices with USB ports an easy means of attack.

How to protect yourself: Use device control to specify which USB devices users are permitted to plug into laptops and PCs.

For all you geeks out there, and non-geeks too!

If you’re a geek, read ths whole article.  If you’re not a geek, then at least read number 2.

Here are the top 10 reasons that you’ll get your geek card revoked, according to a ZDNet article:

TechRepublic has previously talked about some of the things you can do to increase your geek cred. Naturally, there are also some things that can hurt your geek cred. In fact, we’ve put together a list of 10 of the worst transgressions for any geek. Doing any one of these will put your geek credentials at risk. Do two of them and your geek card immediately gets revoked.

You can view our list in two forms. You’ll find the simple list below, or you can check it out in slideshow format with the accompanying visuals.

10. Admitting that you like iTunes

Sure, it’s convenient for buying music and media in one place and syncing it to an iPod or iPhone, but iTunes has a draconian DRM system (still in place for media), makes it difficult to manage your library on multiple systems, and it started out as one of the worst pieces of bloatware ever built. And, it hasn’t gotten much better.

9. Not knowing the difference between binary and hexadecimal

Binary is the basis of all computing and is simply composed of zeros and ones. Hexadecimal is a 16-digit numeric system — based on numbers 0-9 and letters A-F — that represents binary in a more friendly way. Know the difference.

8. Not knowing what MMORPG stands for

Even if you don’t play games (or rarely play) you should know that an MMORPG is a “massively multiplayer online role-playing game,” also known as the alternate reality for geeks. The biggest one is World of Warcraft (WoW), a cultural phenomenon with over 12 million subscribers.

7. Loving your cable or telecom company

Geeks built the Internet. Geeks live on the Internet. Geeks love the Internet. However, the companies that bring us the Internet to our homes and offices — the telecoms and cable companies — are doing everything they can to wall it off, manipulate it for their own financial gain, and stop geeks from using it so much. For as long as they do that, they will remain at war with the geekosphere.

6. Not knowing the name of the book that Blade Runner was based on

Blade Runner is one of the greatest sci-fi movies of all time. If you’re a true geek, you’ve seen it multiple times. But, not only that, you also know that it’s based on Philip K. Dick’s “Do Androids Dream of Electric Sheep?” which is one of the best-titled stories in all of literature and an absolute classic in science fiction.

5. Confusing Star Wars and Star Trek

If someone mentions a Wookie and a Klingon and you’re not sure which one was part of the Star Wars universe and which one belongs to the Star Trek milieu, you are definitely not a geek.

4. Believing the “free” in open source refers to price

Repeat after me, “Open source does not mean it doesn’t cost anything.” Sure, some open source software is freely available to download at no cost. But, that’s not a requirement of open source. There is plenty of open source software that requires a fee. When open source talks about “free” software, they are referring to “free” as in “freedom.” It is freedom from overreaching licensing agreements. You’ll also hear this concept referred to as “Gratis verses Libre.”

3. Defending Facebook for its privacy transgressions

Look, Facebook is lucky the entire geekosphere hasn’t dropped it like a bad habit after all of the crap they’ve pulled in changing and violating their own lackluster privacy policies. Leo Laporte nearly led a geek revolt out of Facebook in May 2010. The only thing that prevented it was lack of a viable alternative.

2. Taking something into Geek Squad to get fixed

Best Buy’s Geek Squad has a few legitimate geeks on staff; however, too many of their technicians are completely clueless and can do more harm than good to your equipment. Besides, if you’re geek, just geek-up, open up the case, and fix it yourself. (Exception: It’s acceptable to go to the Geek Squad counter to exchange a DOA device that is still under warranty. Just don’t let us catch you asking for advice.)

1. Buying a paper computer book at Barnes & Noble

In 1999, if you wanted to quickly learn more about HTML or Exchange 5.5 or Apache or how to earn CCNA certification, you’d typically make a quick trip to your nearest book superstore like Barnes & Noble or Borders and comb through the huge selection of computer books. However, this is 2010. Any computer book you find at a bookstore is at least six months out of date. Almost everything you need to know is available on the web for free or in ebook format that you can quickly download to your laptop or tablet. Buying a dead-tree tome about a new technology is an immediate tip-off that your geek credentials are in question.

This article was originally published on TechRepublic.

Top ten up and coming technologies of 2011

Another interesting article from Larry Dignan on TechRepublic:

1: Cloud computing

This group of technologies has been on the top 10 lists for a few years. Now everything as a service will alter business models and IT procurement. Gartner analyst David Cearley said what has changed is that there are multiple services. Companies will probably need cloud computing brokers. Things to watch:

• Where does the public cloud fit? IT is generally scared of the public cloud, but select workloads are fine.
• Beware cloud washing. IT execs are comfortable with the vendors cloud washing but may not get real capability.
• Limit access to specific clouds based on community and groups. That approach would minimize security risks. Gartner has exclusive clouds and community clouds as services to watch.
• Private clouds are custom and packaged.

My impression: A safe pick for sure, but the cloud is getting more granular as it matures. Think cloud washing magnified.

2: Mobile apps and media tablets

Tablets and touch aren’t new. Claunch said that the selection of applications changes the game for businesses. “Apple has leveraged the ecosystem of the iPhone,” Claunch said. “And Apple has created consistency.” In addition, Apple’s iPad is the poster child for how consumerization is affecting corporate IT. Things to think about for enterprise IT:

• Enterprise apps will need to be designed for the tablet.
• Delivering these apps gets complicated due to the selection of platforms.
• Context-aware computing can connect to customers better.
• Marketing will drive a lot of projects to utilize tablets, but these devices can be used for inspections, surveys, image capture, documentation, and training.

Cearley added, “The PC era is over. Think of mobile design points.”

My impression: It’s stunning how many iPads are in this crowd of 7,000-plus IT execs and managers. Another thread: Almost all of these IT execs are carrying PCs not Macs. Typically, CIOs and the like are the last to get on board an early adoption curve for a new device. There’s a frenzy over tablets.

3: Next-gen analytics

Companies need to develop “operational analytics” to make predictions and use data mashups. “There’s value in very current information. We are now shifting our focus to start doing simulations and modeling to predict the future,” Claunch said. These simulations would ultimately be run on smartphones and other devices. Algorithms will really matter to companies to support the right type of prediction.

Gartner didn’t advocate doing a lot of analytics investment yet, but be ready to invest.

My impression: Analytics is largely untapped ground for many companies. Claunch’s key point: “This is just being enabled now.” Another key item: A show of hands revealed that the entire room had business intelligence software. A show of hands also indicated that no one thought those applications were delivering real value.

4: Social analytics

This concept revolves around taking social networking data and incorporating it into enterprise analysis. Sentiment, context, and influence are key areas for companies. “We’re starting to see the tipping point,” Cearley said. “It’s moving from bleeding edge to mainstream activity.” For now, look at communities you have to support and analyze an entry.

My impression: CIOs should be watching this stuff, but given the crowd response to business intelligence, I’m not seeing much progress on the analytics-social intersection.

5: Social communication and collaboration

Social collaboration is “inevitable,” Cearley said. “Over the next few years, it will be impossible to ignore this,” he added. By now, companies should have policies, high value social uses identified, and have experiments to link social with CRM systems. Meanwhile, unified communications will merge with social. Expertise location will probably be the best use case.

My impression: Gartner makes a good point, but I’d be willing to bet that enterprises are way behind the curve on social communication and what it means for collaboration and productivity.

6: Video

Corporate use of video is going mainstream. Low-cost video recorders are everywhere. Companies will need video content management systems and better design skills, and they’ll need to address privacy issues and policy concerns. Will all conference rooms be recorded by default? E-learning, merchandising, marketing, webinars, and telepresence will all be key video uses. The tipping point will come in 2011 to 2013. In addition, video will be needed to reach younger employees.

My impression: Video has hit mainstream, but networks haven’t. Will Vlogs really be the best use of employee time? One other key point: How will business intelligence systems digest video content?

7: Context-aware computing

The idea here is that social analytics and computing leads to knowledge about preferences. User interfaces would change based on context. Today, it’s all reactive. By 2011 to 2013, there will be more proactive alerts. By 2014 to 2018, you’ll have context integrated with enterprise systems. Ultimately, there will be a context platform. Portals, mashups, mobile, and social will combine. Vendors will offer “user experience platforms.”

My impression: I have a hard time seeing strapped enterprises going all contextual. Look for business units such as marketing to launch these projects to drive sales. Companies will need to deliver context-aware services to businesses. Can’t wait for all of those user experience platform pitches.

8: Ubiquitous computing

This topic has been discussed in previous years on Gartner’s lists. In a nutshell, computers melt into objects. There will be machine-to-machine connections, portable personalities, and connectivity changes across multiple devices. There will be thousands of computers for each person on the planet, and you’ll have multiple devices.

My impression: Ubiquitous computing is more a guiding principle for projects than something you think about in terms of budget. The timeline here is decades. What’s also notable: Everyone has punted on getting one device to consolidate them all. We’re doomed to carry a bunch of devices.

9: Storage class memory

When Flash meets RAM, there are differences in speed and costs. Persistent storage will also alter management. Claunch said that storage class memory goes beyond solid state drives. This new class of storage will lead to software where operating systems determine where data goes. Storage class memory will become more important over the next two to three years.

My impression: It’s a bit experimental, but storage class memory will ride shotgun with analytics. Companies will have to define what data goes into fast memory.

10: Fabric based infrastructure and computers

Every vendor will talk fabric computing, so get ready for fabric-washing. The overall idea here is that you’ll have infrastructure that manages resources in an integrated fashion. Cisco UCS and HP Matrix are examples. New ways of building servers will mean you buy pools of processors and memory instead of physically swapping boxes.

My impression: Forming your own flexible servers sounds appealing. The fabric thing sounds way futuristic for now, but the seeds are being planted

Four ways to get the most from your 802.11n Wi-Fi

I found this article interesting from ZDNet:

http://www.zdnet.com/blog/networking/four-ways-to-get-the-most-from-your-80211n-wi-fi/122?tag=nl.e550

In theory, 802.11n can zip by your 100Mbps Fast Ethernet at a real-world 160Mbps, but the practice it’s usually much slower. No, the Wi-FI vendors aren’t lying; the problem is that you have to set 802.11n up just right to really get fast performance.

First, you need to make sure that you’re using up-to-date 802.11n hardware. Older 802.11n equipment, built before the 802.11n standard was finalized in late 2009, may not work and play well with your newer devices. There were many 802.11n draft access points (APs), network interface cards (NICs) and chipsets and each vendor used its own best guess on what the standard would eventually look like.

Thanks to all this older, not quite standard 802.11n hardware, we have two problems. The first is that some older hardware, unless the firmware can be upgraded, won’t work at full 802.11n speeds with your newer standardized equipment. The other is that you can be almost certain that older APs, switches, or routers from one vendor won’t work well with another vendor’s equipment. Oh, it may look like it’s working, but if you check you’ll often find that your Wi-Fi’s connection is only running at 802.11g’s 54Mbps.

Of course, if your office is like most, you almost certainly still have a lot of 802.11g compatible laptops in work. You might think that since 802.11n is backwards compatible with 802.11g that you’ll do just fine by replacing your 802.11g APs with 802.11n hardware. You’d be wrong.

802.11n AP will support 802.11g client hardware just fine, but letting 802.11n AP support 802.11g comes with a painful performance hit. While 802.11n devices working in the 2.4GHz band are backwards compatible with 802.11g, or even 802.11b, faster 802.11n equipment will lose about half its potential speed. So, instead of seeing say 100Mbps of throughput from 802.11n AP to the 802.11n laptops, you’ll only see 50Mbps.

My fix for this is to keep 802.11g APs running until the last of the 802.11g PCs go to that big junk-pile in the Wi-Fi sky. It’s worked well for me.

You also should use 802.11n’s channel bonding to increase throughput. On your APs, you’ll find this option labeled ‘double-wide’ channels. This in an ancient technique that’s used to increase throughput by using two channels at once to deliver data. Then, as now, it works well.

There’ a ‘gotcha’ though. A Wi-Fi’s channel is required to be 20MHz. Thus, just like the name says, a ‘double wide’ takes up 40MHz of radio room instead of the usual 20MHz. The problem is that there’s only room for three 20MHz channels in 802.11b/g/n’s 2.4GHz radio spectrum. If you run out of Wi-Fi spectrum room, your overall network throughput will decline. Even if you’re doing a good job of managing your network space, your available channels are likely to also be used by your next-door neighbors’ Wi-Fi set-up.

The easiest way to dodge this potential problem, for now, is to use the higher 5GHz range. Far fewer people are currently using the 5GHz range. This will change as more people switch over to 802.11n, but for now it’s the easiest way to use wide channels to increase your effective bandwidth without running into interference. The one downside is that 5GHz has less range than 2.4GHz.

That’s why I prefer to use dual-band APs that support both 2.4GHz and 5GHz. Best of all is equipment that supports using both 2.4GHz and 5GHz at the same time for the maximum in flexibility, such as the Linksys Simultaneous Dual-N Band Wireless Router WRT610N. Older 802.11n hardware, such as the first generation of Apple’s AirPort Extreme, as well as some entry-level APs, can only support 2.4GHz or 5GHz

High-performance 802.11n equipment also comes with a larger number of multiple-input, multiple-output (MIMO) antennas . The 802.11n standard allows for up to four antennas, which can handle up to 4 simultaneous data streams. Typically, the number of antennas is described in the technical specifications as 4×4, 3×3, and so on depending on the number of antennas. But, you can’t tell just by looking, you have to check the documentation. Generally speaking the more antennas, the more simultaneous Wi-Fi connections the AP can handle, and the better the overall network performance.

It’s not just how many antennas you have though. Higher-end APs use techniques like beam-forming to automatically work out the best use for those multiple antennas. In fact, ’smart antennas,’ like D-Link’s Xtreme N ANT24-0230 Antenna, will help compatible 802.11n APs perform better.

Last, but never least, the fastest 802.11n is only as fast as its slowest link . So, for instance, if your office is still using a T1 with its 1.544Mbps no one is likely to see any significant Internet speed increase when switching from 802.11g to 802.11n.

The bottom line: While it may look like simply adding 802.11n to your network may look like a cheap and easy way to expand and speed-up your network, it’s really not. You still need to plan your network in detail, use higher-end network equipment. and possibly upgrade your Internet backbone to make the most out of 802.11n’s potential for higher speeds.

Still, if you do your homework, you really can get a Wi-Fi network that will answer your in-house network expansion needs while still providing close to Fast Ethernet’s 100Mbps speeds. Just as long as you keep in mind that 802.11n, by itself, isn’t a silver bullet for your network speed needs, you’ll do fine.

Microsoft and their new attempt! Windows 7, Bing, Outlook 2010, MSE

Finally, Is Microsoft trying to fix their problems….?

First of all…Vista.

Why did it take so long to get Vista off the grid? Why did it take so long for Microsoft to come up with another functioning operating system? Vista’s issues include: Compatibility problems with software, too slow, driver problems, too many redundant security warnings, etc. Why do I have so many unhappy clients?

Well, the big fix supposedly is Windows 7 (I guess that is the only name they could come up with). I have 2 technicians who have been beta testing it and actually LOVE it. Yes, they Love it. They say it is all the things that Vista promised and has found very little problems with it. XP programs are compatible with 7, it is fast, the security pop-ups are not aggressive like Vista. This is supposed to hit the shelves sometime in August-September, I’ll keep you posted.

BING- A better way to search…Trying to compete with Google by using Yahoo as it’s search engine and calling it something else. Sure it looks pretty…goes fast too…but the best feature is (kids listen up) you can search for porn easier that ever! Free and with no adware too…so parents, you may never know. Ok, I admit I had to try this feature and BING…I had some of the raunchiest porn I have seen in about 2 seconds. Also, you can look up pirated movies and music extremely easy. I tried that too…and took me 2 seconds to find hot new movie releases playing in the theaters now. I know the word is that they are working on the porn issue…lets see what else is in the works…

Outlook 2010 has people up in arms…Big issue here is that it forces the user to use Word as it’s editor. The new Word does not use HTML in the correct way…and to break it down as easily as I can, you won’t be able to view most emails as we are used to. We may not even be able to see the web content at all. If you need more explanation on this, please let me know…but basically pictures will be out and Microsoft is not using web standards and forcing their users to do what they want…again.

Finally, MSE-Microsoft Security Essentials- a free anti-virus program for all to use. Well, we all remember the free forced update defender that was to help us all defend ourselves against evil doers. That worked out well (yes, sarcasm). Funny enough, if you download this free software, it disables defender anyway…meaning some items in this new and improved anti-virus still has defender in its make up. Ughh…on a good note, this will probably be good for business…bad for the consumer.

If you would like to add your opinions…please do. I personally am waiting for Windows 7 but I will use Google and an old copy of office…and PAY for my Anti-virus ! New system…in the fall!