Innovative Genius

What is the difference between Microsoft, Facebook, Google, Apple? Each represent a major force in computing and the Internet.

I argue that Facebook and Microsoft are well matched together versus Google and Apple.

On one side we have luck and opportunity delivered at your front door. On the other team we have innovation, genius, and vision.

If given this choice on what team would you place each company?

Two of these companies did not have an initial vision of their product or company that is anywhere near what is obvious today. In these two cases both simply at the right place at the right time.

In the case of Microsoft, Gates and Allen rejected the first offer from IBM to write an operating system. It took two offers and about 20 years before Microsoft actually produced something useful. A crappy product delivered to all computers manufactured over that time and voila, monopoly was given to them.

For the Facebook owner, a limited vision of a simple idea probably stolen from someone else anyway. He just wanted to connect with his collegiate friends. And literally by the next day its a magic business.

But today some people call Gates and Zuckerberg genius. Never more have two people been so undeserving of such a title because we should really be a bit more selective on the people that deserve to be mentioned in the same class as Einstein.

At least Apple and Google worked for it by bringing innovation and products to market that are simply better than everyone else. No one does what they do better.

Terry Childs: Going Rogue or something else?

First, it is a common situation in organizations to have but a few key roles in IT that are the most respected and most consulted. One of these positions is the network administrator. Organizations often find it challenging to obtain competent talent and typically the most talented IT member is the network administrator with everyone else supporting that position. A direct line of commuinication and more intimate relationship with management is usually the result.

There is also a tendency for people with such a key role to mistake a procedural position, executing changes and creating new connections as a result of growth and maintenance when requested, for a more overinflated personality and egotistical sense of entitlement and rock solid job security. Therefore, Terry Childs probably does believe everyone else is incompetent to do “his” job. A non-clinical God complex may be the reality here.

jail house interview

In a jailhouse interview with Paul Venezia, Childs seems to have demonstrated some remorse stating “I’d have gotten out before it came to this. I have a great house, bro, love my house, and I’m on the verge of losing it since I’m in here. I’m out of a job, and don’t know what’ll happen with all this.” I’m not convinced this is remorse. Childs is just unsettled with the consequences. Paul Venezia may be more enamored with Childs convincing presentation of himself and technical superiority.

details

For whatever Venezia may have accurately represented in terms of security best practices he lost in terms of legal acumen. Venezia described the prosecutions filings as ambiguous and morphing as charges by the prosecution continued to change or morph: “claims would seem to be clear evidence of wrongdoing, but in reality, are common practice in networks the world over”. Often, the prosecution will settle on the charges that will most likely result in a conviction and ignore facts and evidence that indicate an entirely different and even worse crime was committed. Without enough evidence to argue the case the prosecution will simply punt on those charges and focus on the best evidence resulting in charges that have the best chance of conviction.

From the details of the case it appears management intended to never let Childs access the network after that meeting. For reasons we don’t know, the city personnel were “afraid” that Childs would cause potential damage to the network or others. The meeting was probably called to remove access privileges for Childs.

Management at the city IT department seem to have had some concern to dismiss or demote or otherwise move Childs from his role as network administrator. A meeting was scheduled and from the details presented of the attendees is where I suspected the city had some cause for concern that Childs was dangerous. Management seemed more concerned about the potential harm Childs could cause if left in his position rather than the fallout that ensued after this meeting.

Paul Venezia offered as a testament to Childs skill as a network administrator that the network continued to perform flawlessly while it and administrative functions were held hostage. Implying a design so superior that it had no issues as a result. This is more of a testament to Cisco engineering than anything else. The hardware is robust and has low failure rates. Once a network is up and running there can be little to do until a change is requested. So if there were any issues while the network was hostage it is probably on the order of changes requests. He then points to the fact the network experienced its first failure after management of it was finally obtained when the city started changing passwords. This is not unusual especially when you want to change any and all access a network administrator may previously have had.

The following criminal history, at least what we know, indicates a life long problem. At the age of 17 Childs was arrested and convicted of aggravated burglary, and spent four years in a Kansas prison. Again in his late twenties Childs was arrested in Kansas and charged with aggravated assault and carrying a concealed weapon.

All signs point to a network adminstrator that was impressed with himself, developed a so called God complex, expressed behavior and characteristics associated with a cluster of antisocial personality disorders more than an ethical network adminstrator trying to do the right thing.

It is possible that the IT management of San Francisco’s network was trying to do the right thing and remove a hostile employee after identifying him as a threat, and possibly avoiding an incident of workplace violence by not letting Childs sabotage a network if given the chance. The outcome could have been much worse.

Pyparsing syslog of a snort output

As an exercise of pyparse I wanted to parse the syslog of a snort output using pyparse. The pyparsing module is very flexible and handy in this situation. I was able to effectively parse the output into a new comma delimited file then easily used Logparser to create graphs of the data such as top ports, source ip’s etc.

download


import string
from pyparsing import alphas,nums, alphanums, Literal, Combine, Word, Group, Suppress, OneOrMore, delimitedList, ZeroOrMore, Optional

testdata = """
<133> Apr 1 00:00:00 server1 snort[32268]: [1:1983:6] BACKDOOR DeepThroat 3.1 Connection attempt [Classification: A Network Trojan was detected] [Priority: 1]: {UDP} 10.1.1.1:161 -> 192.168.1.1:4120
"""
# Grammar
logLineBNF = None
def getLogLineBNF():
global logLineBNF
if logLineBNF is None:
integer = Word( nums )
ipAddress = delimitedList( integer, ".", combine=True )
#timeZoneOffset = Word("+-",nums)
code = Suppress(Group(Combine('<' + Word(nums) + '>' + ' ')))
month = Word(string.uppercase, string.lowercase, exact=3)
serverDateTime = Group(Combine( month + ' '+ integer + ' ' + integer + ":" + integer + ":" + integer ) )
serverName = Word(alphanums)
misc_code = Suppress(Combine(Suppress(Word(alphas) + '[') + Word(nums) + Suppress(']' + ':')))
snortId = Combine(Suppress('[') + Word(nums) + ':' + Word(nums) + Suppress(':' + Word(nums) + ']'))
description = ZeroOrMore('(' + Word(alphanums+'.-_ []') + ')') + OneOrMore( Word(alphanums+'-./>!:$_ ')) + ZeroOrMore(Suppress('[') + Word(nums) + ']')
classification = OneOrMore('[' + Suppress(Word(alphas) + ': ') + OneOrMore(Word(alphanums)) + ']' ).setParseAction( lambda tokens : (tokens[-2]))
priority = Suppress(':')
code_1 = Suppress(Group(Combine('<' + Word(alphanums) + '>' + ' ')))
proto = Suppress('{') + Word(alphanums+':') + Suppress('}')
src = delimitedList( integer, ".", combine=True )
src_prt = Optional(ZeroOrMore(Suppress(':') + Word(nums)),default='_')
out = Suppress(Literal("->"))
dst = delimitedList( integer, ".", combine=True )
dst_prt = Optional(ZeroOrMore(Suppress(':') + Word(nums)),default='_')
#Grammar

The download link contains the full properly formatted python script. Run as is. Your logfile may contain extra characters not accounted for here but this worked for several days worth of traffic in a medium sized network.

iPad is good for Microsoft

The iPad may be just what Microsoft needed. The hard to gain traction Silverlight initiative may be the recipient of increased momentum due to the iPad.

Job’s concerns about the Adobe flash product may be legitimate.iPad Vs Flash: Jobs Calls Adobe Lazy

Sometime ago I switched my home computer from Adobe’s free PDF reader to Foxit simply because I was tired of all the startup processes adobe chucked in to the computer. As well as the update process itself since version 6 really made updates more intrusive.

Foxit is lightweight easy to use with tabbed documents little update notification and fast for simple PDF viewing.

So, with Silverlight so far failing to replace Flash for websites this might be the snowball start Microsoft needed.

Apple vs Google vs Amazon

It is getting interesting. These 3 are the leading tech companies to watch. Forget Microsoft and the wireless carriers for the moment.

Google and Apple will be releasing new devices next year that intend to supplant the current pc market. Apple’s tablet for example I have a hunch will be designed to replace current netbooks, PC’s and the Kindle, and compete with Google’s chrome netbooks.

This is important and the only reason I mention Amazon in the header. The Kindle if left alone by competition will thrive unless Apple or Google deliver the goods. No other e-reader device has a real chance.

My money is on Google but I think Apple will present a good new device that will compete well against both netbooks, the Kindle type devices, and even standard PC’s. PC’s are dying a slow death and Microsoft with it, no innovation has come out of their corner in years.

Video future

XBMC has recently released the latest version, .

It features improvements and a nice new skin. For the PC its the best playback software. I expect the next 12 – 18 months we’ll see many new devices from top manufactures. Store shelves will be crowded with various types.

Using a standard PC its simple but for comfortable TV viewing you’ll want a dedicated system hooked into the TV that will read from the media server.

Hacked climate emails & worm author gets developer job…

These are good developments in the security world.

So far, from what I’ve seen reported, there is no reason to believe the “CRU hack” was a hack and is most likely disclosure by a politically motivated insider, or simply insider disclosure.

The quotes from so called “security experts” used in articles are so far useless, or even misleading such as this one Hackers target leading climate research unit

I trust that they will now be looking at the systems, and investigating how this happened and ensuring that something like this does not happen again.

If it is an inside job, the person that divulged the information most likely had legitimate access. How can this be ensured from happening again?

One description about the “hack” described here
Climate hack used open proxies

seems to be offered by a firm that are so called experts. But their description indicates nothing of the sort. And in fact supports the opinion it was an inside job other than a hack. Too many assumptions must be taken for it to be considered a hack based on information provided in these articles.

The use of a proxy is simple and just as easily used by someone on the “hacked” network. An employee, coworker, whoever.

In other security news the the Ikee worm author gets a job from an iphone application developer similar to

Towns’s case has echoes of Twitter hacker Michael ‘Mikeyy’ Mooney, who was offered a job at applications developer exqSoft Solutions LLC in April after admitting attacking the micro-blogging site several times and causing widespread disruption.

Could be a PR stunt, could be a lot of things. But the general opinion from “customers” is that this is a good thing. I suspect that eventually the “security experts” will wise up about this sort of thing and perhaps consider the positives about this as I suggested in

Hiring hackers: A Rebuttal (part 1)

Three-quarters of respondents to a recent online poll believe that the Australian student who wrote the first Apple iPhone worm was justified because he helped raised awareness of security issues.

New website

Just put the finishing touches on a new website for a client http://www.localpromotion.us

We will be adding video but otherwise major work is completed. The neat thing is the search buy business name function. The returned results will provide suggestions if there exists a name with similar spellings or misspelled searches.

About Time.

I’ve refrained comments and withheld some judgment since the initial Microsoft and Yahoo merger/takeover/investment discussions began. But with Yahoo’s little hyped new home page relaunch under Bartz’ leadership, it is about time.

First, let me start by stating that the worst action for both Microsoft and Yahoo is to do business together.

The continuous talks of doing business together indicate that neither really knows what they want. Except, more ad revenue and search. But I suspect neither knows how to go about it.

Yahoo’s best choice is simply in a word – innovation. A Microsoft take-over will only hasten Yahoo’s demise. With Ballmer at the helm of Microsoft for that last 10 years or so we’ve learned one thing. Microsoft had such a claim on computing even a moron can’t screw it up. Until, Google came along.

Its a bit sad to watch Microsoft and Yahoo desperately search for search ad revenue solutions to compete with Google while Google has already won this war and setting up the battlefield for the next one. Google looks about 3 – 5 years out in advance. The products or technology we are seeing produced by Google today are simply tools to leverage what will be happening when we arrive at the that 3 – 5 year time line.

Yet Microsoft will only see the product produced today and with short sightedness claim that they must compete with that and instead ignore asking why is Google making a browser, or new desktop OS, or Mobile phone OS.

So here we have Bing! and a new Yahoo page. Both companies believed they had to deliver something new and fresh today instead of innovating for tomorrow.

With this lack of vision these 2 companies will continue to waste their respective resources and Yahoo will probably go down ignominiously first. Then as daring a claim as you may think, or almost blasphemous otherwise, we have a too big to fail Microsoft that I see will be supplanted. Not sure on the details and it won’t necessarily be Google that replaces Microsoft at the desktop. But I think the desktop will be less important and therefore the OS itself.

It will be a come one come all environment whether its a kindle looking device, mobile phone, or your video player device. Each with a different OS type but a common connection type linked to the Internet.

Streaming Video

If like me you desire to stream your own media content at home in order to replace tens of dvd’s or other discs the solution has finally arrived.
 
Mvix Ultio (MX-800HD) HD UPnP Media Player for $169 is a bargain. Next pre-order availability is July 10th.

No more modding xbox’s or using inadequate game consoles or pc clutter.

Best solution in the market. I expect everyone else to follow suit over the next 12 months. If Microsoft offered this type of functionality in the xbox instead of a walled garden, they would have garnered better support and long term viability in the market.