Archive for the 'Lessons to be Learnt' Category
Ducks Quack , Eagles Fly. A paradigm shift in thinking.
No one can make you serve customers well. That’s because great service is a choice. Years ago, my friend, Adam, told me a wonderful story about a cab driver that proved this point.
He was waiting in line for a ride at the airport. When a cab pulled up, the first thing Adam noticed was that the taxi was polished to a bright shine. Smartly dressed in a khakhi shirt, e, and freshly pressed khakhi slacks, the cab driver jumped out and rounded the car to open the back passenger door for Adam .
He handed my friend a laminated card and said:
“I’m Wally, your driver. While I’m loading your bags in the trunk I’d like you to read my mission statement.”
Think of a ‘Plan B’ !
A pretty woman was serving a life sentence in prison. Angry and resentful about her situation, she had decided that she would rather die than to live another year in prison.
Over the years she had become good friends with one of the prison caretakers. His job, among others, was to bury those prisoners who died in a graveyard just outside the prison walls. When a prisoner died, the caretaker rang a bell, which was heard by everyone. The caretaker then got the body and put it in a casket. Next, he entered his office to fill out the death certificate before returning to the casket to nail the lid shut. Finally, he put the casket on a wagon to take it to the graveyard and bury it.
Knowing this routine, the woman devised an escape plan and shared it with the caretaker. The next time the bell rang, the woman would leave her cell and sneak into the dark room where the coffins were kept. She would slip into the coffin with the dead body while the caretaker was filling out the death certificate. When the care-taker returned, he would nail the lid shut and take the coffin outside the prison with the woman in the coffin along with the dead body. He would then bury the coffin. The woman knew there would be enough air for her to breathe until later in the evening when the caretaker would return to the graveyard under the cover of darkness, dig up the coffin, open it, and set her free.
The caretaker was reluctant to go along with this plan, but since he and the woman had become good friends over the years, he agreed to do it.
How to catch a Hacker - Good Tips
Tip 1: Hackers cover their tracks. Experienced hackers cover them more thorougly, but amateur hackers sometimes leave things behind. Don’t expect them to leave any really big evidence behind; expect more of little things here and there you might find surprising. For example, if you’re writing a term paper and a black hat hacker accidently saved it when he took a paragraph out- that’s suspicious. Where did that paragraph go? Well, for one thing, now you know he was in that area. Check the folders surrounding the file- you might find something.
———— ——— ——— ——— -
Tip 2: Decipher between the type of hackers that are attacking you. Experienced hackers will have a more in depth look around when they penetrate your system. They won’t touch much because they know that that won’t add too much to their knowledge. But if you know a hacker’s been in, and some files are messed with, and you have a log of someone guessing passwords to a file or something of that sort, its probably some newbie who’s just starting out. These are the easiest hackers to catch. They usually get so caught up in thoughts like “I’m in!” that they forget the basics, such as work behind a proxy.
———— ——— ——— ——— -
My friend was setting up a webserver once. His first time too, and he wasn’t to anxious to set up some good software to protect against hackers and viruses. He didn’t put up one IDS, and before you know it, the obvious happened. But this time, a newbie had struck. The nice log files showed, bluntly across the screen, multiple instances of a foreign IP address that stood out. Some stupid newbie had tried to login as “uucp” on my friend’s XP computer, with a password of “uucp.” Well, that’s great, but he also had tried the same user/pass combination three times, enough to get himself logged nicely. Even a semi-brainless user with some form of neurological system knows that uucp isn’t a default XP account. Again, excitement toiled this hacker’s brain, and maybe if he hadn’t done that, along with a few other stupid things, he wouldn’t have gotten caught. What other things did he do? Well, lets see. He openned 35 instances of MS-DOS. He tried to clean the printer’s heads, and he edited a .gif in notepad. Then he uninstalled a few programs and installed some html editor, and replaced four files with the words “14P.”
———— ——— ——— ——— -
He might as well have posted his phone number. In a few days, we had tracked him down to a suburban town in Ohio. We let him go, not pressing any charges, because he had done nothing really damaging and had provided me with an example of a moron for this guide.
———— ——— ——— ——— -
Tip 3: Don’t go crazy if you lose data. Chances are, if it was that important, you would have backed it up anyway. Most hackers nowadays wish they were back in 1989 when they could use a Black Box and having a Rainbow Book actually meant something. Most hackers aren’t blackhat, they are whitehat, and some even greyhat. But in the end, most hackers that are in systems aren’t satisfied by looking around. From past experiences, I have concluded that many hackers like to remember where’ve they been. So, what do they do? They either press delete here and there, or copy some files onto their systems. Stupid hackers (yes, there are plenty of stupid hackers) send files to e-mail addresses. Some free email companies will give you the IP of a certain e-mail address’s user if you can prove that user has been notoriously hacking you. But most of the time, by the time you get the e-mail addy it’s been unused for weeks if not months or years, and services like hotmail have already deleted it.
———— ——— ——— ——— -
Tip 4: Save information! Any information that you get from a log file (proxy server IP, things like “14P”, e-mail addresses that things were sent to, etc.) should be saved to a floppy disk (they’re not floppy anymore, I wish I could get out of the habit of calling them that) incase there’s a next time. If you get another attack, from the same proxy, or with similar e-mail addresses (e.g: one says Blackjack 123 @something.whatever and the other says Black_jack_45 @something.znn. com) you can make an assumption that these hackers are the same people. In that case, it would probably be worth the effort to resolve the IP using the proxy and do a traceroute. Pressing charges is recommended if this is a repeat offender.
———— ——— ——— ——— -
Tip 5: Don’t be stupid. If you’ve been hacked, take security to the next level. Hackers do talk about people they’ve hacked and they do post IPs and e-mail addresses. Proof? Take a look at Defcon Conventions. I’ve never gone to one, but I’ve seen the photos. The “Wall of Shame”-type of boards I’ve seen have IPs and e-mail addresses written all over them in fat red, dry-erase ink. Don’t be the one to go searching the Defcon website and find your e-mail address posted on the Wall of Shame board!
———— ——— ——— ——— -
Tip 6: Don’t rely on luck. Chances are, sometime or another, you’re going to be targeted for an attack. Here you can rely on luck. Maybe they’ll forget? Maybe they don’t know how to do it? If you think this way, a surprise is going to hit your face very hard. Another way you could stupidly rely on luck is by saying this: It’s probably just a whitehat. On the contrary, my friend, it’s probably just a blackhat. A blackhat with knowledge stored in his head, ready to be used as an ax. It’s your data. You take the chance.
Bottled water costs us the earth - worth reading
The bottled water industry is global in nature. But it is designed to sell the same product to two completely different markets: one water-rich and the other water-scarce. The question is if this industry will have different outcomes in these two worlds? Or will we, for two opposite reasons, agree that their business costs us the earth and that it is not good for us?In the water- and economically-rich world, the bubble is bursting. Last month, San Francisco’s mayor banned the use of bottled water in government buildings, incriminating billions of disposed plastic bottles that filled landfills in the US state. In the US, a staggering 60 million plastic bottles are thrown away each day, a minuscule proportion of them are recycled. Greenhouse gas emission from trucks which transported the bottles across the state — and often across countries — was also cited as a reason for the ban.
But equally importantly, the mayor stressed that his city’s municipal water came from pristine sources inside a national park. This was as good, if not better than bottled water sold by companies, he said.
He is not alone. Last year, Salt Lake City’s mayor asked public employees to stop supplying bottled water at official events. And now New York has launched a $1 million campaign to encourage people to drink its famously clean public water. Another slap has come from top-notch restaurants, who in reverse snobbery, are refusing to serve bottled water. Only tap water makes it to their expensive menus.
But the worst is coming. Last week, junk food giant Pepsi was forced to admit in the US that its brand of bottled water, Aquafina, is nothing more than tap water. Under pressure, it has even agreed to label its bottles to say precisely this.
The bottled water industry is in damage control mode. But I believe that this scream could easily become a shout as people realise the environmental cost of this product and more importantly, they see the sheer stupidity of paying hugely for something that is readily available.
In our world too, the bottled water industry is growing big time. The demand has increased from 2 million cases in 1990 to an estimated 68 million cases by 2006. But in India, bottled water is growing as an item of necessity: private industry is meeting the drinking water demand left increasingly unfulfilled by public utilities. In most cases, people are paying prices that they cannot afford to because they have no alternative source of clean drinking water.
In India, this water does not come from municipal taps. It comes instead from groundwater that invariably is also used by villagers. Companies simply drill a hole in the ground, pump and clean (sometimes) the water before bottling and then transport it to cities. Simply put, this is the privatisation of drinking water.
The only real cost in this business is the container — plastic bottle and the cost of transportation. The fact is that bottled water is no different from water that should come from our taps. The only difference is that it is packed in plastic and not conveyed in pipelines. But while the rich in India can afford to buy and drink bottled water, the poor cannot. In other words, the rich have the choice and they opt out of the failing municipal systems.
However, what is not said is that water systems in India are failing because the rich in the country, those who can afford bottled water, are still supplied water at tenth of what it costs the municipality. Worse, our wastewater is conveyed and pumped from our homes and even treated (at times). None of this cost is recovered. In other words, it is our subsidy which is leading to poorer and poorer delivery from water agencies. It is we, who have options to drink bottled water, who are failing the system.
I am not even talking here of the mountains of plastic waste of this industry, which we use but don’t pay for. I am talking here of the imperative that we should fix water for all in all taps. Water in bottles costs the earth everywhere.
Secret Of Success
A business executive was deep in debt and could see no way out.
Creditors were closing in on him. Suppliers were demanding payment. He sat on the park bench, head in hands, wondering if anything could save his company from bankruptcy.
Suddenly an old man appeared before him. “I can see that something is troubling you,” he said.
After listening to the executive's woes, the old man said, "I believe I can help you."
He asked the man his name, wrote out a check, and pushed it into his hand saying, "Take this money. Meet me here exactly one year from today, and you can pay me back at that time."
Then he turned and disappeared as quickly as he had come.
The business executive saw in his hand a check for $500,000, signed by John D. Rockefeller, then one of the richest men in the world!
"I can erase my money worries in an instant!" he realized. But instead, the executive decided to put the uncashed check in his safe. Just knowing it was there might give him the strength to work out a way to save his business, he thought.
With renewed optimism, he negotiated better deals and extended terms of payment. He closed several big sales. Within a few months, he was out of debt and making money once again.
Exactly one year later, he returned to the park with the uncashed check. At the agreed-upon time, the old man appeared. But just as the executive was about to hand back the check and share his success story, a nurse came running up and grabbed the old man.
"I'm so glad I caught him!" she cried. "I hope he hasn't been bothering you. He's always escaping from the rest home and telling people he's John D. Rockefeller. "
And she led the old man away by the arm.
The astonished executive just stood there, stunned. All year long he'd been wheeling and dealing, buying and selling, convinced he had half a million dollars behind him.
Suddenly, he realized that it wasn't the money, real or imagined, that had turned his life around. It was his newfound self-confidence that gave him the power to achieve anything he went after.