Monthly Archives : January 2011

MAXA Cookie Manager Pro 5.0

It always amazes me how some people create a tool that makes things easier for people and then other BAD people come along and take advantage of that tool to benefit themselves.  Browser cookies were invented to make surfing simple HTML Web sites easier. A cookie can store any personal information you’ve given to a site, so you don’t have to enter it again when you click a different page on that site. Nosy webmasters have invented methods to steal your private information using cookies.   New cookie types that aren’t easily deleted have emerged. MAXA Cookie Manager Pro 5.0 ($35, direct, for two licenses) identifies and manages all types of cookies including the self-restoring “evercookie”. It protects your privacy and security, though the implementation is a little sloppy.

Cookies can also store preferences and other information that you’ve entered on a site, so you don’t have to enter that data again. The cookie itself is a simple text file that’s stored on your computer and that, in theory, is only accessed when you revisit the corresponding Website.   For example, the site can identify what browser you’re using, tell what page you linked from, and even get a rough idea of your physical location. Combining this data with any information you’ve actively shared, a site can find out quite a bit about you.

Given the possibility of inadvertently revealing private information, some users may be tempted to disable cookies entirely. Unfortunately, many perfectly valid Web sites just won’t work without cookies. Even when standard cookie handling is disabled, Web sites can utilize non-standard technology or browser-independent cookies. One researcher has created what he calls the “evercookie,” which stores data in multiple local repositories and uses this redundant storage to rebuild any deleted components. In the modern world, you can’t thoroughly control cookies using browser settings and manual deletion.  MAXA supports seven popular browsers: Internet Explorer, Firefox, Opera, Safari, and Chrome. On installation it ensures that the supported browsers are configured correctly for cookie management. It also checks settings for Flash, Silverlight, and Skype, all of which include cookie-like technologies.

During installation, the product lists several dozen popular Web sites and invites you to check off any that you use regularly. Checked sites are whitelisted automatically, meaning the product never meddles with their cookies. Naturally, you can edit or add to the whitelist at any time.  After installation, MAXA scans the computer for cookies of all kinds. When I ran it on the system I use for e-mail and editing, it turned up over 3,600 cookies. Most were ordinary browser cookies, but it found several examples of advanced-technology cookies specific to Internet Explorer and Firefox. It also found a few Silverlight-based cookies and a slew of Flash-based ones.

Microsoft Security Essentials

Having good anti-virus is a must, it is not a benefit.  That being said there are a several on the market right now that you cannot trust.  Microsoft has done a  soft-released Microsoft Security Essentials 2.0 (free, direct) last month with little fanfare.  Technically the product name is still just Microsoft Security Essentials, but the box shows a version number beginning with 2.0. This version has a few new features which is okay I suppose, nothing out of the ordinary. It can automatically ensure firewall protection by enabling Windows Firewall if necessary. In Windows Vista and Windows 7, Microsoft Security Essentials’ new network inspection system adds specific protection against network-based attacks. The app also claims better malware-fighting skills, though in my testing it seemed little improved.  Last year AV-Test (http://av-test.org) evaluated a collection of antivirus products under Windows XP and under Windows 7. They rated each product for protection, usability, and ability to repair malware damage, with six points available in each area and a total of 12 needed for certification. Under Windows 7, Microsoft Security Essentials made the cut with 14 points, not far behind the 16 points achieved by top scorers Norton AntiVirus 2011 ($39.99 direct, 4.5 stars), Kaspersky Anti-Virus 2011 ($59.95 direct for three licenses, 3.5 stars), and Panda Antivirus Pro 2011 ($50.95 direct for three licenses, 3.5 stars).  Windows XP test, Microsoft took just 11.5 points, not enough for certification. It score high for usability but low for protection and repair.

Installation and Cleanup: Installing an antivirus on my thirteen malware-infested virtual machines can be an arduous task. Some products take a long time to install and update; others won’t even install due to self-defense by malware. Microsoft Security Essentials didn’t give me any trouble; it installed quickly and smoothly.  Microsoft Security Essentials’ real-time protection system detected active malware right away and popped up a simple warning box with a button offering to clean the computer. There’s a link to get details; clicking it also offers a chance to change the disposition for the found threat.

The real-time cleanup involves a mini-scan that frequently ends with a request to reboot. The product necessarily turns on automatic updates, so if for some reason you’ve been putting off updates you’ll be in for a lengthy session during that first reboot.  At installation, the product schedules a weekly quick scan. You can change the schedule and the type of scan, if desired. By default the scheduled scan restricts itself to using 50 percent of CPU resources. That doesn’t affect on-demand scans, though. In testing, a full scan took over 50 minutes regardless of the CPU setting, which is about twice the average of recent products. A repeat scan came in under 25 minutes.  For most found threats, Microsoft Security Essentials simply takes the necessary remediation action, though it will occasionally ask permission to remove low-risk items like adware. At the end of a scan it reports that it finished; you can click the History tab to see what it did.  Microsoft Security Essentials detected 89 percent of the rootkit samples. That’s good, but more than half of the recent antivirus products detected 100 percent.

I would rate this product a 6 out of 10 for performance and accuracy.

What is the Cloud? And What is Cloud Computing?

You can Google ‘cloud computing’ and read the various explanations you’ll find, and still not really understand what Cloud Computing is all about. The term is over used and misused so much that most people are confused about its meaning, and more importantly, how it can benefit them.

The word ‘cloud’ can mean several things all by itself. Some refer to the Internet as the ‘cloud’ and although it is a necessary part of cloud computing, just using the Internet to access resources does not necessarily mean a business is using cloud computing. For instance the internet can be used to access a company fileserver in a central office. That is not true cloud computing. It’s remote access, but not cloud computing in the real sense.

Cloud computing has a lot to do with the way the resources themselves are stored, managed and accessed. With the advent of virtualization and the ability to create virtualized servers, fileservers have become pieces of software that can be moved around between various hardware servers. And with the increase of available Internet bandwidth and remote access technology, fileservers are no longer location dependent as they once were. As an example, suppose your company has a remotely accessed fileserver that hosts your client database. Let’s say it’s virtualized in a Datacenter and you access it through a web-browser. Because the fileserver is virtualized, the datacenter can move your fileserver around to other locations in their facilities, or across the country, and you can still access its resources normally. You would not know that it’s moving around between various hardware servers. Why would they move it around? To alleviate bottlenecks in their infrastructure, to do maintenance or upgrades on hardware, or to better facilitate their internal administrative needs. The point of the example is that ‘resources move around’. One could say that your resources are somewhere in the ‘cloud’.

Within large organizations like Microsoft, Google, Amazon, and others, resources are moving around constantly as their internal IT needs dictate. Your information or data stored in such organizations is readily available, but you’ll never know where it is physically. So virtualization and the dynamic movement of virtualized servers and resources is a key part of what makes up ‘cloud computing’.

Additionally, modern online business solutions have reduced or eliminated the need for many localized computer resources.  For instance, Microsoft’s BPOS offers online business applications that include office document creation & storage, email, and document management solutions. These services can eliminate the need for businesses to have localized fileservers. This then becomes true cloud computing.

As businesses evaluate their internal IT costs and compare those with the costs of cloud computing they will see that moving to cloud computing solutions makes more economic sense as time passes.  The benefits of cloud computing are many, some of which are listed below:

  • Resources can be accessed from anywhere the Internet is available
  • Resources are secure and reliable
  • IT expenditures become a fixed monthly expense, like a utility bill
  • Advanced IT solutions expenses are vastly reduced if not completely eliminated
  • The most current software versions are included in the service

Information Technology is constantly changing and accelerating in its rate of change.   Businesses that keep aware of how it can be used to benefit them will be closely watching the value of computing in the cloud.

Mobile Applications (Apps) for the Small to Medium Business

Over the last year BVA has been asked more than I can recall, should my organization develop a mobile app (application) for my business which is a great question to say the least.  There is a lot that goes into making one of these and it takes a true professional to develop a good app.  There are third party firms that specifically target this market and of course BVA has been contacted about partnering with such a firm.  This partnership has not taken place due to the lack of experience of some of these outfits.  We are working with a few firms in performing some trials to see their relevance and competency.  Mobile applications are the newest and the hottest topic in all the presentations I have been to and of course all the large corporations are jumping on the train which is a little scary, especially wrapped around the banking industry.  It has become a must-have addition to the arsenal of any Web-based small to medium sized business.  Mobile app downloads across all handsets worldwide are projected to approach 50 billion in 2012 which is quite shocking if you really think about it.  That much personal data being transferred over cell towers.  To really be successful in this market of mobile apps you have to be in it to win it.  If your business line or your users want to access your organization while they’re on the go, you’re going to need a mobile app eventually.   And if you want to succeed, it will take more than just shrinking your current website to create a footprint edition for smaller screens.

The process of developing your own app is quite extensive but not brain surgery. The mission here is helping people find your website and your line of business in a fast and easy way. All the while, gathering their personal information or profile. Simplicity is a mobile app or app’s best friend, creating an app that tries to mirror your website is not the correct path.  I think another large component to a successful app is being able to enter data on the fly, easily from whatever phone unit that you are using.  I hate apps that make it difficult to enter data, I literally will stop using it.  Good graphic design is a given, but it shouldn’t become a fetish to the point where it interferes with the user’s experience.  The design is crucial to creating an engaging and effective mobile site, and not too many bells and whistles.  Be aware of the screen size and resolution you are trying to achieve.  Mobile design presents very different challenges from web design, because you’re not able to spew everything out all at once. Instead you’re forced to be very thoughtful about how your content is prioritized and presented.  Some of the IT Department heads that I communicate with stress how important to have an in-house person that knows the application well and was involved during its coding and conception.  My friend tells me that it constantly needs to be updated and changed due to user requests and organizational needs.

Application Virtualization – The Basics

Application Virtualization is the future and it’s more clear today than it has ever been.  I always find it funny how people always revert back to the basics after every other form of architecture is explored.  Application virtualization refers to several techniques that make running applications more protected, more flexible or easier to manage.  Modern operating systems attempt to keep programs isolated from each other. If one program crashes, the remaining programs generally keep running. However, bugs in the operating system or applications can cause the entire system to come to a screeching halt or, at least, impede other operations.  Full application virtualization requires a virtualization layer.  Application virtualization layers replace part of the runtime environment normally provided by the operating system. The layer intercepts all file and Registry operations of virtualized applications and transparently redirects them to a virtualized location, often a single file.  The application never knows that it’s accessing a virtual resource instead of a physical one. Since the application is now working with one file instead of many files and registry entries spread throughout the system, it becomes easy to run the application on a different computer and previously incompatible applications can be run side-by-side.   Examples of this technology for the Windows platform are Cameyo, Ceedo, Evalaze, InstallFree, Citrix XenApp, Novell ZENworks Application VIrtualization, Endeavors Technologies Application Jukebox, Microsoft Application Virtualization, Software Virtualization Solution, VMware ThinApp and InstallAware Virtualization.

Technology categories that fall under Application Virtualization include:

  • Application Streaming-Pieces of the application’s code, data, and settings are delivered when they’re first needed, instead of the entire application being delivered before startup. Running the packaged application may require the installation of a lightweight client application. Packages are usually delivered over a protocol such as HTTP, CIFS or RTSP.
  • Desktop Virtualization/Virtual Desktop Infrastructure (VDI)-The application is hosted in a VM or blade PC that also includes the operating system (OS). These solutions include a management infrastructure for automating the creation of virtual desktops, and providing for access control to target virtual desktop. VDI solutions can usually fill the gaps where application streaming falls short.

Provided below are some basic terms as well as architecutral frameworks when considering in deploying a solution of this nature:

  • Application Streaming=  Rather than installing all applications in every user’s machine, applications are delivered to each user’s PC as needed. This enables the applications to be updated centrally and also provides a way to measure each users’ application requirements over time. See application streaming.
  • Terminals to a Central Computer=  The oldest network architecture, all applications and data are stored in a centralized server or cluster of servers. The user’s PC functions like a terminal to the server or dedicated terminals are used. The applications are said to be “virtualized” because they function as if they were running on the client. See thin client.
  • Partition the Hardware=  This is the traditional meaning of “virtualization” and refers to partitioning a computer in order to run several applications without interference, each in their own “virtual machine.” Deployed in servers and clients, this is more accurately called “server virtualization” and “client virtualization.” Contrast with OS virtualization. See virtual machine.
  • Write the Program Once, Run Everywhere=  An interpreted programming language enables the same program to run on different machine platforms, with Java and Visual Basic being the major examples (see Java Virtual Machine and Visual Basic). The applications are said to be “virtualized” because they run on any platform that has a runtime engine for that language.
  • Dynamic Application Assignment=  This approach treats servers in the datacenter as a pool of operating system resources and assigns those resources to applications based on demand in real time. The pioneer in this area is Data Synapse Inc. The applications are said to be “virtualized” because they can be run in any server.

Benefits of application Virtualization

  • Allows applications to run in environments that do not suit the native application.
  • May protect the operating system and other applications from poorly written or buggy code.
  • Uses fewer resources than a separate virtual machine.
  • Run applications that are not written correctly, for example applications that try to store user data in a read-only system-owned location.
  • Run incompatible applications side-by-side, at the same time and with minimal regression testing against one another.
  • Maintain a standard configuration in the underlying operating system across multiple computers in an organization, regardless of the applications being used, thereby keeping costs down.
  • Implement the security principle of least privilege by removing the requirement for end-users to have Administrator privileges in order to run poorly written applications.
  • Simplified operating system migrations.
  • Accelerated application deployment, through on-demand application streaming.
  • Improved security, by isolating applications from the operating system.
  • Enterprises can easily track license usage. Application usage history can then be used to save on license costs.
  • Fast application provisioning to the desktop based upon user’s roaming profile.
  • Allows applications to be copied to portable media and then imported to client computers without need of installing them.

Limitations of application Virtualization

  • Not all software can be virtualized. Some examples include applications that require a device driver and 16-bit applications that need to run in shared memory space.
  • Some types of software such as anti-virus packages and application that require heavy OS integration.
  • Only file and Registry-level compatibility issues between legacy applications and newer operating systems can be addressed by application virtualization.

iPhone on Verizon

Its been quite some time, back and forth between when and how this was going to happen.  A lot of blogs and gossip articles have been written between many reputable websites.  After years and years of speculation, the Verizon iPhone is real. As Verizon president Lowell McAdam put it, “If the press writes something long enough, eventually it becomes true.”  I find this really funny after all the publicity that Verizon put in the media.  It’s ironic how Mac really stayed out of the subject matter and for the most part never drew a line in the sand with a yes or no.  The word comes fresh out of Verizon’s press conference in New York City, where the company has confirmed that they plan to offer the iPhone 4 early next month. Update: February 10th, to be specific.  From what has been published so far, the Verizon iPhone 4 appears to be identical to the AT&T iPhone 4 .

It does not support Verizon’s 4G/LTE network, and Apple took their standard “We don’t talk about future products” stance when questioned on the matter. The 16GB iPhone 4 will set you back $199.99, while the 32GB model will cost you $299.99 (both prices on a 2 year contract.  Additionally, it looks like it’ll have at least one feature that the AT&T model doesn’t (currently): WiFi hotspot, which allows the iPhone to act as a Cell-Data-Fueled-Wi-Fi router for up to 5 devices.