News. Sports. Fun. Life. (And, it's pronounced muh-DARE-ee)

Welcome to Medary.com
Wednesday, July 26 2017 @ 01:38 AM CDT

View Printable Version

One blog created every second

Michael S. Marone reads the Technorati tea leaves, sees big changes ahead:
Advertisers are finally drifting over from old media. And venture capitalists may actually finally be awakening to the investment opportunities presented by the blogosphere. The first generation of industry superstars (like Glenn Reynolds, Andrew Sullivan and James Lileks) have already emerged. And you can be certain that obsessive blog-surfing will soon be announced as the next great threat to productivity and family life.

Just as importantly, blogging has become an international phenomenon, with many of the new arrivals in the field coming from outside the United States and Europe. The technology is also beginning to morph, becoming more visual and, thanks to new toolkits, easier to join. But perhaps most important, the blogosphere is becoming the defining source of news analysis (and even the news itself) for the world's intellectual classes.

I'm still waiting for some of those advertisers to drift over my direction.
View Printable Version

A day in network security

Tom Liston is my hero.

Item: Cisco is having a bad month . . .

Cisco CCO Password Issue
Ever have one of those days? Looks like Cisco is having one of those months... It appears that something has happened to compromise the passwords for their Cisco Connection Online service. What exactly happened? Cisco isn't saying.

Attempting to log into CCO brings up the following terse message:

IMPORTANT NOTICE:
* Cisco has determined that Cisco.com password protection has been compromised.
* As a precautionary measure, Cisco has reset your password. To receive your new password, send a blank e-mail, from the account which you entered upon registration, to cco-locksmith@cisco.com. Account details with a new random password will be e-mailed to you.
* If you do not receive your new password within five minutes, please contact the Technical Support Center.
* This incident does not appear to be due to a weakness in Cisco products or technologies.

Note: I do, indeed, know what caused this issue, but I've been enjoined from disclosing it until next year's Black Hat.

Gotta love that last bullet point... It reinforces that old security maxim: All the technology in the world won't save you from doing something dumb.

Update: A tip o' the always stylish Handler-On-Duty propeller beanie goes out to Scott who wondered whether Cisco is having Pancho check for differences in the "From:" and "Reply-To:" addresses on messages to cco-locksmith@cisco.com before sending out a password. He is...

Next, Tom discusses idiot vendors and the idiotic things they do with his contact information:

It Takes a Village...
Just yesterday, I received a canned message from a vendor:

Hey,
I'm updating my address book. Please take a moment to update your latest contact information. Your information is stored in my personal address book and will not be shared with anyone else. Plaxo is free, if you'd like to give it a try."

This was followed by a listing of my contact information that he'd sent to Plaxo and a link where I could sign up for his wonderful free service too.

No, I'd rather not, thank you.

Over the past few years, I've noticed the rising tide of online "communities." And like some sort of unholy sludge, they've increasingly been floating across the Internet and seeping their way into my inbox.

Stop it.

Stop it now.

Both Plaxo and the recently discovered (for me) sms.ac entice users to "import and invite" their contacts. They make it easy, giving the clueless noobs step-by-step instructions on how to upload the contents of their contact lists.

Don't.

Just don't.

If you happen to have someone's contact information, that person gave that contact information to you. If they wanted their information given to Plaxo or sms.ac, they would give it to them. Do you go around posting your friend's phone numbers on bathroom walls? Do you walk up to strangers on the street and give them Aunt Mildred's P.O. Box? How about your teenage daughter's IM identity?

Needless to say, Mr. Vendor (and his boss) got a quick phone call from me, wherein I pointed out my belief that some village somewhere must be missing its idiot.

Don't follow in his footsteps. Your village needs you...

View Printable Version

This just in: marketing departments are clue-deprived

Confirming what countless IT department geeks have known since the dawn of time:
More than half admit they forget to provide a warning at least some of the time, and nearly two thirds of marketing bods confess to having no idea how many user transactions their website can support, despite an average transaction value of 50 to 100.

The consequence of this communications gap is not surprising: 73 per cent of companies reported web site failures during marketing campaigns. Presumably the surviving few include the 22 per cent of companies who say they always talk to the tech team about such things.

View Printable Version

eBay phishing attack

Report from Yahoo indicates that eBay may have been vulnerable to a "phishing" attack which could redirect users' private information to a (presumably hostile) third party. The punchline of the story:
The moral is not to click on links in e-mails just because they look genuine, a fairly disturbing conclusion as this is one of the main criteria people use. Netcraft's toolbar, a Web browser plug-in for Microsoft's Internet Explorer and Mozilla's Firefox, is designed to protect against phishing websites, not least by analyzing the sort of characters used in this attack.
Go out and read the story, and be careful--it's a rough Internet out there.
View Printable Version

Search engines give increasingly different results

From Searchenginewatch.com:
Searchers relying on a single search engine are missing a vast swath of web content that they could easily find simply by trying their qSearch engines give increasingly different resultsueries on other engines. And marketers targeting a single search engine in their optimization efforts are effectively abandoning a potentially huge amount of traffic from other sources.

This supports using search engine aggregators like Dogpile rather than concentrating on one engine, even if it's Google.

View Printable Version

HP to stop reselling iPod

OK, maybe the price for my 20 GB iPod at Sam's Club was too good. HP is getting out of the iPod resale business.
"HP has decided that reselling iPods does not fit within the company's current digital entertainment strategy," Apple spokeswoman Natalie Kerris said. "As a result, HP plans to stop reselling iPods by end of this September."
View Printable Version

But does he play a mean pinball?

Blind kid is a whiz at computer games.
View Printable Version

Cheese-eating . . . Fusion Engineers?

An international consortium has chosen a site in France to build the world's first experimental fusion reactor.

Fusion is what powers the Sun, and is more powerful and more difficult to achieve than is fission, which is the current method of nuclear power used in power plants, submarines, etc.

Article in Nuclear Engineering.

View Printable Version

Ad-Aware SE 1.06 is out

One of the better spyware/adware removal packages.

Download it here.

View Printable Version

When MSTies Get Mad

Don't cross a fan of Mystery Science Theater 3000.

This blog story (hat tip Compendium) talks about hacker vigilantes taking down ("owning") illegal "phisher" web sites. (Phishing is enticing customers to go to a fraudulent web site and entering their personal/financial information, so the thieves can then plunder bank accounts and otherwise make the victims miserable.)

Towards the bottom of the story is a screen shot of an owned phisher web site, featuring "The Master" made famous by MST3K's "Manos: The Hands Of Fate" episode.

Hi-Keeba!!!!