Contents: Business case, I.T. ROI, Spam avoidance, Safe Surfing, Testing resources, Euro on the BBC, Microsoft & "hackers"
This issue online at http://www.sysmod.com/praxis/prax0304.htm
Systems Modelling Ltd.: Managing reality in Information Systems - strategies for success
Finance and I.T. should be friends
Double wrapped for double protection
Safe Surfing - a guide for parents
Testing resources for free download
BBC helps UK viewers make up their mind.
Microsoft and the "extinction" of the hacker
13 Web links in this newsletter
About this newsletter and Archives
Disclaimer
Subscribe and Unsubscribe information
_______________________________________________________
A week later than usual, this issue still aims to bring you my pick of the interesting recent items in I.T. I'm always ready for your comments! Thanks for reading,
Patrick O'Beirne
_______________________________________________________
_______________________________________________________
http://www.ictexpo.ie/conference.asp
I attended the ICS Annual Heads of Industry Conference at the ICT Expo in Dublin in April. Most of the presentations were fairly ho-hum stuff, but I liked the hard-nosed approach of Jeremy Young, Finance Director for DHL's Global Information Services Division. His presentation can be downloaded from
http://www.ictexpo.ie/ppt/Jeramy_Young.ppt
My own take on this is that it is always a business issue. The business has to decide among the alternatives among the IT solutions on offer just as producers do with process plant equipment. Just like engineers, IT managers will want to specify more so as to have a reserve for future needs. Accountants will want them to make do with what they have. Marketing want to be able to have anything they dream up - yesterday, before the competition get it. Senior management and the board have to weigh up the alternatives - make or buy? - produce or outsource? - expand existing resources, upgrade, or start anew? None of this is easy - that's what senior people are paid to decide upon. If they need extra guidance in evaluating the proposals on offer, that's what consultants like me are paid to do.
_______________________________________________________
_______________________________________________________
Spam is the scourge of the internet today. I get send from ten to twenty spams a day. Fortunately, I only see one or two of these. How do I do it? I combine two approaches to spamblocking - blacklists and content filters.
There are many databases on the net of known sources of spam. Not the email addresses, which are often faked as somebody@yahoo.com, but the network (IP) address of the source computer. One of the services that uses such lists is www.SpamCop.com which for $36/year will filter email for you. Because some spammers can use popular internet service providers (ISP) to send their mail through (until they are caught), this sometimes results in these companies being unfairly blacklisted. Therefore SpamCop provides a "whitelist" feature whereby you can flag certain known senders as genuine, so they get through to you without being stopped. This has got pretty good now; I occasionally check the filters online to see if anything genuine is caught in them, and rarely - maybe once a month - do I find a bona fide email. It would not matter now if I never checked the filters and let the blocked emails expire.
The other feature is SpamCop is the "get mad and get even" approach which allows me to send a spam report to the "abuse" reporting address of their ISP. Frankly, as far as I can see, most ISPs seem to ignore this, but it helps me feel I can kick back a bit. I certainly do it for any email that dodges the filters, and if I ever see one in the filters that has forged my address at sysmod.com as the "from" address, I instantly report them too. Because SpamCop traces the spam to its real source, there is no danger of reporting myself as the apparent source!
Also known as "Bayesian" filters because of their use of statistical pattern recognition, these act in a similar way as people do - looking for certain words and phrases that are characteristic of spam. An example is SpamAssassin, which awards points for such terms and blocks the mail if it reaches a certain threshold. One of my email providers (edomail.ie) uses that system. Unfortunately, they don't have a whitelist system, so I do have to check the mail and let through some newsletters that are advertising-supported. You can also see spam writers mutating their text (e.g. "free" becomes "fr*e" to avoid these content filters - it's kind of like a virus mutating as defences get better.
http://spamassassin.org/tests.html A BIG page listing the tags that trigger the filters
http://www.wilsonweb.com/wmt8/spamfilter_avoidance_feedback.htm How to avoid the filters!
http://bogofilter.sourceforge.net/ Bogofilter also uses a statistical approach
http://popfile.sourceforge.net/ as does POPFile with Eudora.
http://www.informationweek.com/story/IWK20021115S0018 Fred Langa's article on spam solutions.
Of course .. given all the trigger words I'm using in *this* issue, you may never get this ... how would you know? I'm not using "web bugs" to track those people who read this when online. Maybe I should ask you next month if you got the April issue!
As an alternative to those filters, I can use special email subscription addresses for each known good newsletter and set up my mail provider to forward them to me directly without going through the spam filters. On the occasion that those addresses leak out to spammers - for example one respected source (wilsonweb.com) had their database hacked last year and that old address is now receiving spam which I send straight to SpamCop.
By forwarding all other ("catchall") mail to Spamcop and thence to EdoMail, I therefore guarantee to get pretty well-filtered email through to me without clogging my dial up connection.
_______________________________________________________
http://www.inside.ie/e_article000125388.cfm?x=a1qJYN3,amrNQcm
What you as a parent (or guardian) can do to ensure your children surf safely. Mainly intended for readers in Ireland, it includes guidance for children from the BBC:
http://news.bbc.co.uk/cbbcnews/hi/find_out/guides/tech/safe_surfing/newsid_1607000/1607213.stm
_______________________________________________________
_______________________________________________________
The Testing Standards Working Party is sponsored by the British Computer Society Specialist Interest Group in Software Testing (BCS SIGIST) and is a volunteer group devoted to the development of new software testing standards. The group was previously responsible for the production of the British Standards, BS 7925-1 Vocabulary of terms in software testing, and BS 7925-2 Software component testing.
There are some useful downloads from that site - test methods for database applications, for example.
_______________________________________________________ _______________________________________________________
http://news.bbc.co.uk/1/hi/programmes/correspondent/2880767.stm
"This is arguably our biggest economic decision since the Battle of Hastings. So, BBC economics editor, Evan Davis previews the government's decision, by taking a whistle-stop tour of four eurozone countries...the construction site of next year's Athens Olympics and the giant Airbus assembly plant in Toulouse...talks to anyone, from the taxi-driver or teacher, to the Michelin-starred chef, to the central banker." Reader comments are on:
http://news.bbc.co.uk/1/hi/programmes/correspondent/read_your_comments/2884929.stm
_______________________________________________________ _______________________________________________________
Simply send your comments to FEEDBACK (at) SYSMOD (dot) COM
Thank you! Patrick O'Beirne, Editor
_______________________________________________________ _______________________________________________________
http://www.itweb.co.za/sections/business/2003/0303201315.asp?O=FPMS
An advert claiming that hackers would soon be extinct due to the security of Microsoft software was pulled in South Africa for breaching advertising standards by making unsubstantiated and misleading claims. It claimed "Microsoft fully maintains that its software is able to fulfil the task of keeping hackers and viruses out, making the customers' data safer than if kept in a safe."
An astute reader pointed out that the term "hacker" used to mean an amateur programmer, a cowboy coder, and he prefers "cracker" to refer to those who crack security systems. Now, if MS could produce software development kits that made obsolete "hackers" in that sense, that would really be progress!
_______________________________________________________
http://www.comics.com/comics/dilbert/dnrc/index.html
"Here's a fun hobby of mine: When I get e-mail spam that includes an 800-number, I save the number for later. Then when one of the hundreds of Nigerian scam e-mails hits my e-mail box, I reply enthusiastically and give the 800-number of the spammer as my own."
_______________________________________________________
_______________________________________________________
Copyright 2003 Systems Modelling Limited,
http://www.sysmod.com .
Reproduction allowed provided the newsletter is copied in its entirety and with
this copyright notice.
We appreciate any feedback or suggestions for improvement. If you have received
this newsletter from anybody else, we urge you to sign up for your personal copy
by sending a blank email to
EuroIS-subscribe (at) yahoogroups (dot) com - it's free!
For those who would like to do more than receive the monthly newsletter, the
EuroIS list makes it easy for you to discuss issues raised, to share experiences
with the rest of the group, and to contribute files to a common user community
pool independent of the sysmod.com web site. I will be moderating posts to the
EuroIS list, to screen out inappropriate material.
Patrick O'Beirne, Editor
_______________________________________________________
ABOUT THIS NEWSLETTER
"Praxis" means model or example, from the Greek verb "to do". The name is chosen
to reflect our focus on practical solutions to IS problems, avoiding hype. If
you like acronyms, think of it as "Patrick's reports and analysis across
Information Systems".
_______________________________________________________
ARCHIVES
To read previous issues of this newsletter please visit our web site at
http://www.sysmod.com/praxis.htm
DISCLAIMER
This newsletter is prepared in good faith and the information has been taken
from observation and other sources believed to be reliable. Systems Modelling
Ltd. (SML) does not represent expressly or by implication the accuracy,
truthfulness or reliability of any information provided. It is a condition of
use that users accept that SML has no liability for any errors, inaccuracies or
omissions. The information is not intended to constitute legal or professional
advice. You should consult a professional at Systems Modelling Ltd. directly for
advice that is specifically tailored to your particular circumstances.
Copyright (c) SML 2003
_______________________________________________________
Please tell a friend about this newsletter.
We especially appreciate a link to www.sysmod.com from your web site!
PRIVACY POLICY:
We guarantee not to sell, trade or give your e-mail address to
anyone.
To subscribe to this Newsletter send an email to
EuroIS-subscribe (at) yahoogroups (dot) com
To unsubscribe from this Newsletter send an email to
EuroIS-unsubscribe (at) yahoogroups (dot) com
EuroIS is the distribution list server of the PraxIS newsletter. It also offers
a moderated discussion list for readers and a free shared storage area for
user-contributed files. The archives of this group are on YahooGroups website
http://groups.yahoo.com/group/EuroIS/
_______________________________________________________