Technology War Stories/Tales from The Trenches

Searching for the Truth; Asking the Right Questions

2011-06-17T06:58:00.000-07:00

Searching for the Truth; Asking the Right Questions

Is this the new ebay?

2011-05-24T10:42:00.001-07:00

Coffee Bot Review

2011-05-24T10:17:00.001-07:00

I just tried coffee from this bot at the mall and it was stellar. Check it out, this is going to be a great little item for the coffee lover...

The Tech War Needs Some Game Talk Too...Try Acid X

2011-05-23T06:49:00.003-07:00

Social Networks, Television and Smart Phones

2010-10-07T23:09:00.000-07:00

Sex, Drugs, and Rock N Roll

2010-10-07T23:06:00.001-07:00

Microsoft, Windows, Project Management

2010-10-07T22:53:00.001-07:00

XP Performance Tweaks

2009-09-18T05:37:00.000-07:00

Do you want to make the very best use of your computer's RAM? There are thousands of websites offering performance tweaks and you could spend the next week or more researching the ones you might like to perform, or you can save yourself a lot of bother and read this article. There are hundreds of XP tweaks, but you only need the handful listed here to obtain a significant performance boost. The rest of the tweaks you might find will only give you minor and often indiscernible performance benefits.

Some of the tweaks listed here require that you to edit your registry. russellnomer.com accepts no responsibility or liability for your choice to make changes to your registry, or for any other changes you make. There may be serious consequences from making changes and the responsibility for that is entirely your own. In short, you should not perform any registry edits or any other changes to your system unless you know what you are doing.

To start RegEdit, Click Start, type RegEdit in the Run box, and then click OK.

WARNING
There are a number of websites offering alleged performance tweaks that include advice to empty the XP prefetch folder. If you follow this ridiculous advice, your system performance will decrease. Windows XP automatically manages the prefetch folder and there is no need to delete anything from it.

Additionally, the same websites offer a tip to add ConservativeSwapfileUsage=1 to the SYSTEM.INI [386enh] section in order to force the OS to be a bit more aggressive about not going to the pagefile. This is complete rubbish. In Windows XP, SYSTEM.INI is used only by 16-bit applications, and it is included in XP only for backward compatibility, which means the alleged tweak does nothing at all for XP.

Also see Tweak #10 for more information on alleged performance tweaks being peddled by various XP "technical" websites.

Tweak #1: Enable ClearType
Performance isn't just about the speed of your system, it includes being able to clearly see the text on your screen. ClearType provides support for vastly improved font display on colour LCD monitors, high-quality TFT and standard CRT screens, and whilst ClearType is enabled by default in Internet Explorer 7, it isn't enabled in XP. Compare the difference:

To enable ClearType and make any adjustments to suit your eyes, go to the Microsoft Typography pages and follow the simple instructions. You can adjust ClearType in the Control Panel after installing the software at the link.

Tweak #2: Disable Last Access Timestamp
Whenever XP reads a file, it stamps the file with the date and time that you accessed it. This feature has its place but is not required for normal use unless you rely on the date of last access for backup purposes, which is a rare requirement for most backups. Putting a timestamp on a file that has just been read means that a write access has to be made to disk, so every time a read is executed, a corresponding write is also executed.

To disable the last access timestamp behaviour, start a command prompt, enter the following command then reboot;

FSUTIL behavior set disablelastaccess 1

Those of us who read and write Her Majesty's English need to take note of the American spelling of the BEHAVIOR parameter. To turn timestamps back on, repeat the command but replace 1 with 0;

FSUTIL behavior set disablelastaccess 0

Tweak #3: Disable 8.3 Filenames

IF:
You're into messing with your OS' file system, and
You're 100% certain you don't use any 16-bit applications that rely on DOS 8.3 filenames, then
You can disable DOS 8.3 filename creation. This change will greatly improve Windows Explorer's directory enumeration. If you have a large number of directories then this tweak may afford a significant improvement when browsing folders.

At the command prompt, enter the following then reboot:

fsutil behavior set disable8dot3 1

Tweak #4: Kernel Paging and Cache Tuning
This tweak is not straightforward in terms of the conditions that ought to exist prior to applying the tweak to your system. There are two parts that can be applied independently, a number of caveats that should be considered, and the details are technically complex. Provided you don't have a laptop, and provided your workstation has 1GB of RAM or more, the easiest way to decide if you should apply this tweak or not is to actually apply it, and undo it later if you wish. You can skip the technical details by going here.

Summary Technical Details:

Do not apply this tweak on laptops or portable computers

Do consider applying this tweak if the main purpose of the workstation is to serve files to other users on a network

Do consider trying this tweak if you do not run a version of SQL Server or IIS (Internet Information Services)

There are several Microsoft technical articles indicating that SQL Server will set this value to 0 when it is installed

Do not consider applying this tweak If the technical detail is too much for you

Do consider this tweak if your system is a desktop unit and has independent, non-shared video memory on a plug-in PCI or AGP video card

On-board video and shared video RAM must be disabled in BIOS

Do not try to adapt this tweak to Windows Vista, which has different memory requirements.

Caveats in Detail

First, if the machine is a desktop or tower unit that is regularly used as a workstation, and if the machine also performs file sharing services then do not apply this tweak if you have less than 1GB of RAM (note: less than 1GB) because there is a risk that you will reduce the performance of the applications that are regularly used. By causing the XP kernel to not be paged to disk or by enlarging the system cache, you may force larger (larger in terms of memory requirements) applications to be paged, which is an undesirable situation for productivity and performance. In low memory systems you should apply Tweak #8 before applying this tweak. I consider any machine that has less than 2GB of RAM to be low on memory.

If the machine is used mainly to provide network file shares, is used intermittently as a workstation, and has at least 512MB of RAM, i.e. the machine has 512MB of RAM or more, then you may consider this tweak provided you consider the remaining caveats listed below.

Second, irrespective of the amount of RAM you have in your system, you should monitor your pagefile activity using the Performance Monitor for a day or so of normal use, and you should consider not applying either of the two parts of this tweak if you perceive that pagefile usage is high. You will have higher pagefile activity if your overall memory requirements are high and your total available memory is lower than the overall requirement, which means that Tweak #8 should be applied. Note that you will not be able to monitor your system's performance if you apply Tweak #11.

Laptops or portable computers have limited resources, and they commonly use shared memory for system, application and video display use. In addition, many modern workstation motherboards have a built-in video adapter that is also likely to use shared memory, so if your system does not have an additional, plug-in PCI or AGP video card and if the built-in video is not disabled in BIOS, you should not apply this tweak unless you have memory to burn, at least 2GB.

Third, if you apply this tweak without proper consideration then you may experience random performance decreases. If random performance degradation occurs after performing this tweak then you probably have one of these conditions:

A disk-intensive application is managing its own caching

A greedy driver is allocating additional RAM

Shared video memory allocation is causing insufficient resources to be available to device drivers for plug-in PCI or AGP video cards

This situation can, but does not always, manifest itself in stop errors, system instability and the failure of device drivers to load

In all the above cases, you will need to undo this tweak and consider Tweak #8 before trying this tweak again.

To recap, if you have 2GB of RAM or more on a desktop machine or tower unit, and if you have an independent video card, and if your machine has on-board video that is disabled in BIOS or has no on-board video support at all, then this tweak is recommended, rather than suggested as it is for Vista. This tweak is especially recommended where XP is being used mainly to serve files over a small network. russellnomer.com always applies this tweak to equipment that meets these summary requirements and has never experienced any performance degradation, stop errors or system instability as a result of applying it. Additionally this tweak is highly beneficial if you are in the habit of constantly opening applications when you need them and closing them when you don't need them.

The "DisablePagingExecutive" entry in the registry prevents the kernel (ntoskrnl.exe, part of the core of the XP OS) from being rolled out to a pagefile on disk. The effect of this first part of this tweak is to cause XP to cache the Kernel in RAM instead of on disk, which makes XP more responsive to requests to the core component functions that are performed by ntoskrnl.exe.

The "LargeSystemCache" registry entry forces XP to allocate up to all but 4MB of system memory, that is system memory, not available RAM, to the file system cache. The remaining system memory is used for disk caching, though XP will allocate more memory if it is needed. In rough terms, system memory is where XP holds programs and data that are currently in use. This allows applications and files to be cached in RAM rather than stored on disk.

A modern hard disk will transfer sequential data to and from disk at up to 40MB per second, or even faster on some of the more expensive, faster-spinning drives, but the LargeSystemCache tweak means that effective transfer speeds of 1GB per second or more can be obtained, depending on the amount of RAM in your system and its operating speed. This is achieved because the LargeSystemCache modification causes the OS to store applications in RAM after reading them from disk. Having a large system cache means that XP is always using the optimum amount of RAM instead of leaving it untouched for future use that may or may not occur. Without this part of the tweak, 256MB or more of RAM in a typical workstation goes completely unused.

Some I/O intensive applications may take a hit in performance from changing the LargeSystemCache, so this particular component of the tweak should not be applied to a system that is running very disk-intensive applications.

Part 1: DisablePagingExecutive
Start RegEdit and navigate to the following key:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]

Double-click the DisablePagingExecutive entry and change the default value from 0 to 1

Part 2: Enable LargeSystemCache

Repeat the previous step for LargeSystemCache, by changing the default value to 1.

Note that the LargeSystemCache entry is in the same registry block asthe entry for DisablePagingExecutive:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]

To see the effects of this tweak, reboot then launch a large, memory hungry application. Any of the Microsoft Office suite of applications will do that job nicely. Let the application load, then exit from it. Fasten your safety harness then launch the application again.

A PC with a striped RAID 0 array of two ATA100 7,200 RPM disks with a SiSoft Sandra Drive Index of 28,000 had the two registry changes above applied to it and the Drive Index tripled to an upper mark of 85,000. A similar, scaled-up performance increase can be expected for faster disks.

The more RAM you have, the better this tweak will perform. If you have more than 1GB (note, more than 1GB) then your system cache can expand up to its 32-bit limit of 1GB. If you have an x64 XP and if you are fortunate enough to be able to afford the RAM, your system cache can be expanded to one terabyte, which is a bit odd if you consider the maximum non-pooled RAM size (virtual addresses that are guaranteed to be resident in physical memory at all times and can be accessed without causing a page fault) is 128GB in an x64 edition of Windows.

Tweak #5: Processor Scheduling
This tweak is impossible to explain without getting into the technical ins and outs of binary values, bit pairs and bit masks. Suffice it to say, it forces short, variable length processor timeslices to be allocated to foreground processes three times more often than those timeslices given to background processes.

Start regedit and navigate to the following key:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\PriorityControl]

Change the value of Win32PrioritySeparation to 26 hexadecimal, which is 38 decimal, save the changes and reboot.

As with the cache tuning tweak (#4), this particular tweak should not be applied to a system that is running either SQL Server or Internet Information Server (IIS) unless you are certain that you want to slow down those background processes.

Tweak #6: Turn Off the Windows Indexing Service
The Windows Search Companion has been very much maligned by the technical community, and with good reason. It is, in kadaitcha.cx's opinion, a classic example of software that both uses resources and operates at speeds that are inversely proportional to the value of the function that it performs. It is slow, ineffectual and tantamount to useless for serious searching because it deliberately ignores certain files and directories without allowing the user to decide what should and should not be searched. In short, the Search Companion is dysfunctional bloatware.

From a Microsoft Knowledgebase article titled "Windows XP may run slowly and you may see multiple symptoms in Windows Task Manager":

"This issue can occur if the Indexing service is running on the computer. The Indexing service uses the Cidaemon.exe process to index files. The Cidaemon.exe process builds and updates the Index catalog. Additionally, the Cidaemon.exe process typically uses lots of pagefile space and lots of CPU time."

The phrase, "typically uses lots of pagefile space and lots of CPU time" looks like a Microsoft marketing droid's spin on the plain English meaning of, "This is bloatware."

Whilst the Windows Search Companion will still function without the indexing service, some performance benefits can be obtained by utilising the indexing service. However the indexing service builds a SQL database of keywords it finds in files. This means that to get at the information compiled by the indexing service, the Search Companion sends an SQL query to the database, which then returns the information to the Search Companion. This can be a frustratingly slow process, even on very fast machines.

Besides the feature and performance issues with Search Companion, the indexing service works in the background, scouring almost every file that it finds. On a new system, the indexing service can take days to settle down. This is because the service puts a low priority on its work. Despite this low priority, the indexing service can cause serious performance degradation, especially in lower-end machines because the computer's hard disk runs continuously. If you have Office XP, you may find this Microsoft Office KB article of interest.

A much better searching alternative is to turn off the indexing service and use Agent Ransack by David Vest.

From the Agent Ransack website: "Agent Ransack is a free tool for finding files and information on your hard drive fast and efficiently. When searching the contents of files Agent Ransack displays the text found so you can quickly browse the results without having to separately open each file! Agent Ransack provides compelling advantages over similar search tools: Regular expressions that allow complex rule based searches. Immediate contents results view. Various wizards to walk the user through the searching process. Agent Ransack is provided free of charge for the benefit of the Windows community. If you find it useful please register it, free of charge."

To disable the indexing service:

Click Start, Run, type services.msc then press enter or click OK
Scroll to the "Indexing Service" in the right-hand pane and double-click it
Change the Startup type to Manual or Disable and Apply
Click the Stop button and wait for the service to stop then click OK

Tweak #7: Turn Off...
Turn off themes and visual effects.

As ridiculous as that sounds, if you want a very responsive user interface because you are more interested in getting work done than looking at XP's Fisher-Price graphics, then turning off themes and visual effects has got to be the best idea since sliced cheese spread. You might not like what you see, but it will be faster.

You can disable all of XPs visual effects by right-clicking the Desktop and selecting the "Properties" menu item, select the "Appearance" tab. In the dropdown box under "Windows and buttons", choose Windows Classic style.

Tweak #8
Get more RAM. The more the better. If you have sufficient RAM, you may not ever hit the pagefile again, depending on the applications you use.

XP will run ok with no pagefile and you have enough RAM, though some old, badly-written applications, and some more modern ones that need to allocate huge amounts of space, such as Photoshop by Adobe, might throw an out of memory error if there is no pagefile. The point is, the more RAM you have, the less reliance you have on a pagefile, which is kept on much slower hard disks. RAM is always faster than a hard disk and more RAM will reduce your system's reliance on the pagefile.

I do not recommend turning off the pagefile, even if you have 4GB of RAM. If the pagefile isn't needed, XP won't use it, but even with 4GB of RAM, memory-hungry applications may still need to utilise the pagefile. Also, some applications need to use the pagefile no matter how much RAM you have to spare.

Tweak #9
Microsoft has a habit of putting convenience features into their operating systems that are convenient only to a small, select group of users. One such feature in XP is the automatic search for network printers and folders. Automatic search periodically polls your network to check for new shared resources and adds relevant icons into My Network Places if anything is found.

Microsoft's documentation on this feature is contradictory. In one sentence Microsoft state that the feature "does not add a great deal of overhead to your Windows XP computer's work load", implying that it does add some overhead, though they are not willing to state the level of that overhead. In the same documentation Microsoft proceed to state that if you have a small network where few resources are added or infrequent changes are made, or if you use a laptop that is regularly disconnected from the network then "...having Windows XP use any resources at all to perform this chore might be counter-productive", thus implying greater overhead than Microsoft are willing to admit to.

You can manually search your network for new printers in the Add New Printer Wizard, and you can manually locate new computers and shares on your network using standard URI notation in Windows Explorer, for example:

\\machine_name\share_name

If you wish to prevent XP from regularly searching your network and performing "counter-productive chores" then follow these simple instructions:

Open the Control Panel and select Folder Options. If you use the Control Panel Category View you'll find Folder Options under Appearance and Themes.
Click the View tab.
In the Advanced Settings list, click to clear the Automatically Search for Network Folders and Printers check box.
Click OK.

Tweak #10
Don't disable unwanted Windows services.

Does that tweak surprise you? How can doing nothing be considered a performance tweak?

There are thousands of requests on Internet Web forums and Usenet newsgroups for advice on services that can be disabled, and there are an equal number of Windows-related Websites offering lists of services that can be disabled. So, given that large body of knowledge and apparent expertise in service disabling, you may be surprised to learn that russellnomer.com asserts it is potentially foolish, certainly it's counter-productive, and it is technically naive.

Why is it so? There are four main reasons.

First, services that are loaded often do not run when they are unused. At worst, an unused service will consume RAM; RAM is cheap, and adding RAM to your machine is one of the best tweaks you can perform anyway. When a service starts up, it tells the Operating System that it needs to be invoked when such and such an event takes place, and the OS dutifully does not invoke the service until such and such an event actually does take place. Thus the service lies dormant until it is invoked by the operating system. Services like the Indexing Service and Perflib (Performance Monitor, see Tweak #11) execute at regular intervals and can be disabled if they are causing performance issues, but there are very few other services in this class. If you need proof of this, just start Task Manager and look at the list of services sitting there, doing nothing other than consuming marginal amounts of RAM.

Second, disabling services that you feel you do not need now can lead to major problems when you do need a certain disabled service to run. This is especially going to be a problem if you forget that you have disabled particular services and are unaware that you need the service running to use an application. What happens if you disable the Windows Fax and Scan service, then, say some months later, decide to install Microsoft Office, for example, and try to send a fax or scan a document from within Office? It isn't going to work, and unless you immediately remember that you've disabled the Windows Fax and Scan service, you're going to be spending far more time troubleshooting the problem than you will save over the entire life of several computers by disabling it.

Still with the second reason for not disabling services, some websites, no doubt managed by the technically incompetent in many cases, suggest that the DNS Client Service can be disabled, especially if you have a modem/router that performs DNS services; the idea being, "if the modem/router performs the DNS tasks, why let XP do it?". The fact of the matter is, the Windows DNS Client Service is a cache of IP and Web addresses, so if you disable this service then you disable the cache. Since caches are intended to boost performance, it should be obvious that disabling a cache will reduce performance. If the DNS cache is enabled then your OS already knows the IP address of the site it wants to communicate with, and it can do so directly, without the router needing to look up the host name on a remote name server in order to retrieve the IP address. To put this in simple terms, by disabling the DNS cache in XP, you force your modem/router to lookup the IP address on a name server somewhere in the big-Internet-cloud-in-the-sky before every single connection is made to a site using its name, and this can take up to several seconds, even if you have a high-speed connection.

Third, any performance gains from disabling services that don't execute unless they're needed anyway will be so insignificant that you will not be able to perceive a performance increase at all. So, if a performance gain cannot be perceived, why bother? To be worthwhile, a performance tweak must have a perceptible performance gain, and the best you can expect from disabling unused services is a few hundred nanoseconds in operating system boot time, which in the scheme of things for today's PCs, is much less than a small fraction of the time it takes to blink.

Fourth, there are a number of idle-time tasks that must be performed on a regular basis by the OS. The Task Scheduler runs at regular intervals to check if the system is idle, i.e. not being used, and if the machine is idle, the idle-time tasks are executed. It is pointless to disable tasks that only run when the system is not being used.

So don't disable apparently unused, running services or tasks.

Tweak #11
All versions of Windows NT (NT 4.0, win2k, XP and Vista) contain numerous counters that gather performance information from various parts of the system. The data is continually written to the registry and retrieved by performance monitoring tools, such as System Monitor. The issue with this process is that if you are not using any monitoring tools then the data is being written to the registry for no good reason, however this is balanced by the operating system maintaining a registry cache in memory.

If you do not use a performance monitoring tool or any third-party desktop gadgets that report performance data then you can disable all performance data gathering. To see the amount of activity generated by performance counters, type perfmon.msc into the Run box and click OK:

There is constant performance data gathering going on, and what you see initially on the Performance Monitor screen is not the half it. To see just how much data gathering is happening, right click any counter listed under Counter, at the bottom of the monitor, and add all the available counters:

WARNING
If you perform this tweak then the data from all performance objects and counters will not appear in any performance tool. You will not be able to use System Monitor or any other tool that uses Performance Library (perflib) data. Performance will merely be reported as 0 or 100, depending on the counter.

To disable all performance counters, run regedit and navigate to this registry key:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib

Add a new DWORD Value named DisablePerformanceCounters:

Set the value of DisablePerformanceCounters to 1 and either reboot or restart the registry service:

If you only want to disable certain performance counters then you can use a Windows 2000 Resource Kit utility named Extensible Performance Counter List (exctrlst.exe). Download the win2k Resource Kit here.

Tweak #12
If you have two or more hard disks, move your pagefile.

If you have only a single hard disk, see the end of this tweak before going to the next one.

There is no point in moving your pagefile if you have a single disk, even if the disk has multiple partitions, so this tweak requires at least two hard disks. It relies on the assumption that your second or subsequent hard disk is used much less than your system disk (the disk that your operating system and applications are installed on) so there is less disk activity on it, which means the pagefile can be accessed much more quickly on that drive. In addition, Input/Output (I/O) to and from the second disk is performed in parallel to any I/O on the first disk, which means Windows is not trying to batter the heads across the hard disk as it tries to load files at the same time it is accessing the pagefile.

If you have a single disk with partitions then there is no benefit to be gained from this tweak because the pagefile will still be on the same disk, and the disk heads will still have to move across the same hard disk to get to the pagefile. By moving the pagefile to a different disk you can obtain significant performance gains if your machine constantly page faults.

Note: A page fault is not an error condition. Page faults occur when the OS needs something that is stored in the pagefile, in other words, a page fault occurs when the computer reads the pagefile. Constant page faults are indicated by lots of disk activity when, for example, switching applications or starting new ones. If you perceive a lot of disk activity in these situations then you really need to apply Tweak #8.

This pagefile tweak will perform best if the second or subsequent drive is empty to start with. Failing that, a disk defragment should be performed before applying this tweak to help ensure a contiguous (unbroken) span of space is available for the pagefile.

Open the Control Panel and select the System applet
Alternatively, right-click "My Computer" on the desktop and select Properties
On the Advanced tab, select Settings under the Performance group:

On the Performance Options dialog box, click Change, which is under the Virtual Memory group:

Click on the hard disk that currently contains the pagefile (1.) then click No paging file (2.), then click Set:

Click on the hard disk that you want to contain the pagefile (1.), then click Custom size (2.) and enter the same value as shown in the Recommended field (3.). Finally, click Set then OK:

You do not have to use a fixed-size pagefile if you do not want to, however if you elect to allow the system to choose the pagefile, the pagefile will need to grow at a later date, and your system will slow down during the pagefile growth stage. It is suggested that you use a fixed size pagefile of the recommended size.

You must reboot to make this change take effect.

Tweak #13
In performance, perception is everything.

The Start menu has a built-in delay of just under half a second. Set the delay to 0 for an instantaneous response.

Start regedit and navigate to this key:

HKEY_CURRENT_USER\Control Panel\Desktop\

Set the value of MenuShowDelay to 0 and exit regedit.

Tweak #14
If you perceive that you have experienced an immediate and dramatic decline in hard disk or optical disc device performance then you may be dealing with a serious corruption problem caused by a hardware fault. If hard disk or optical disc performance has always seemed slow then it could be corruption, or it could be that you have an early version of XP that does not enable Ultra DMA mode on hard disks and high-speed optical devices. You can apply this check and the associated modification for either reason.

Both XP and Vista have options for "PIO Only" and "DMA if available" on IDE channels, which can be accessed through Device Manager in the System control panel applet in XP.

If slow disk performance is caused by corruption due to a hardware fault then this test and modification will always revert your hard disk or high-speed optical device to PIO mode, no matter how many times you set it to "DMA if available". PIO is woefully slow and the OS will always force your disks or optical devices into the much slower PIO mode if there are six or more cyclic redundancy check (CRC) errors on the device.

If you find that your IDE channels are set in PIO mode and you change them to "DMA if available", then, if the setting change causes the device to stay in DMA mode, you probably have an early edition of XP that did not automatically set DMA mode; this generally happens on older equipment that has an Intel chipset.

Perform this test and, if necessary, apply the changes to both the Primary IDE Channel and the secondary channel.

Start the System control panel, then start Device Manager (by selecting the Hardware tab in XP).

Right-click on the selected IDE channel:

Choose Properties then choose the Advanced Settings tab:

If Transfer Mode is set to "PIO Only", set it to "DMA if available".

Click OK and repeat for the secondary channel, then reboot.

If the device is not faulty, DMA mode will stay selected (shown under Current Transfer Mode) during normal use and you will experience an incredible performance boost due to the disks running at their maximum throughput. If the device is generating CRC errors then the OS will force the transfer mode back to PIO mode, which means you have a faulty hard disk, or if the device is optical, you may have either a faulty device or a faulty optical disc. See the Data Corruption & Hard Disk Troubleshooting guide if your devices continually fall back to PIO mode.

If hard disk performance remains poor even though DMA mode remains active, defragment your hard disk.

Keeping your Machine Well-Oiled and Greased
Fragmentation

When files are stored on disk they are stored in blocks. A set of blocks can be contiguous or fragmented. Contiguous means adjacent. A contiguous file is composed of a sequence of blocks that is stored in an unbroken chain. A fragmented file has gaps in the block sequence, and the gaps are usually occupied by blocks that belong to other files. If a file is fragmented, or non-contiguous, the hard disk has to skip expanses of blocks as it tries to read a file from start to end, which means that fragmented files cause slower performance.

A fragmented hard disk is a disk that has a lot of fragmented files. A defragmented hard disk means faster read/write access, which, in turn, means better overall disk performance.

Regularly defragment your hard disk, every week if necessary, and certainly at least once a month. Also defrag your disk after deleting a large number of files, cleaning out your browser cache, uninstalling applications, or after using the Windows Disk Cleanup Utility.

The Windows XP Disk Defragmenter is a crippled version of a commercial product called "DiskKeeper" and has a number of limitations:

The User Interface is not intuitive.
The defragmentation process is rudimentary at best.
Large gaps are left between individual files, i.e. the disk is not compacted.
It can only defragment one volume at a time.
It cannot be run on a schedule
While the built-in XP defragmenter is ok for average users, power users who need more from a defragmenter might consider looking at UltraDefrag, which is an Open Source defragmenter for Windows that supports both x32 and x64 versions of XP and Vista. UltraDefrag offers:

Very fast defragmentation, the work is done via a kernel mode driver that has an optimal defragging algorithm.
Very small engine written in pure C.
The full download is under 200k in size.
Nice graphical interface, which is both compact and functional.
Safe, because file moving is accomplished with Microsoft's own Defrag API.
Simple to use.
Can generate html reports of fragmentation status.
Can include/exclude files based on simple filters.
Free: Distributed with full source code under the GNU General Public License.
Has a Compact option to remove gaps between files
If you decide to use defragmentation as a performance-enhancing tool then also download and install Microsoft's PageDefrag tool. Most defragmenters cannot defragment pagefiles and registry hives because those files are open while the defragmenter is running. If you want to optimise your pagefile and other system files, especially if you have only a single hard disk, then this tool is highly recommended.

Unused Files

One of the most common causes of slow disk performance is the presence of lots of small files, which are often unused. Major culprits include the IE browser cache and Windows temporary file directories. Use the XP Disk Cleanup tool (Accessories menu, System Tools) often:

The Disk Cleanup utility can take a while to run on laptops when you execute it for the first time, so be prepared to sit around for a while, or maybe a read a good book. However subsequent cleanups will run much quicker if you perform this task regularly.

The Disk Cleanup utility will empty your Internet Exploder cache, but if you use the Firefox browser, you'll have to empty its cache manually. On the Tools menu, select Options then select the Privacy tab. In the Private Data group, click Clear Now... then click Clear Private Data Now. Make sure that you don't clear passwords unless you really want to do that:

Removing unused or unwanted files before executing a defragmentation can free up space that will be better occupied after a defrag, this is because files will load faster if they are located closer to the start of the drive.

Protect your System Against Malware

Apart from possibly compromising your private data, malware can have a significant performance impact on your computer. Visit the russellnomer.com Malware and Virus page and keep your system free of obnoxious packages.

ICE Innovative Technologies, LLC

2009-09-17T23:15:00.000-07:00

I encourage you to see what ICE Innovative Technologies, LLC has been working on in the realms of T-Commerce and enhanced online advertising. If you are looking to increase your click through ratios, obtain better intel about your marketing campaign, or generate revenue from a televised broadcast, ICE Innovative Technologies is a pioneer you want to contact. Visit them online at http://www.iceit.tv

Social Network Millionaire's Network

2009-07-05T05:26:00.001-07:00

Russell Nomer is offerring special secrets for leveraging social networks to create wealth. If you are interested in finally finding the freedom you desire, for a small monthly fee of $4.99, Russell will share with you his special tips and techniques for online success. Don't be scammed by the other programs that are out there that charge you an arm and a leg to just upsell you on more secrets to buy. Russell does not believe in that approach, which is why he has priced his techniques at a manageable rate that anybody can afford. For just $4.99 a month, that's less than 17 cents a day, you can turn your life around with this special network membership. In addition to tips and techniques, Russell will be sharing insight from additional business successes and mentors that have enabled him and his clients to succeed in online business ventures.

Click here to Subscribe

Satellite TV for PCS and Laptops

2009-07-05T05:06:00.000-07:00

The cable companies have been milking the consumers for way too long and have provided little in the way of value add. Rather than continue feeding this pig, why not leverage the Internet to get better programming at a fraction of the cost?

For more information, visit: http://2cba4bpaqfo3qb24zhln2a1za7.hop.clickbank.net/?tid=SATELLITETVFORPCS

Technology War Stories/Tales from The Trenches: Internet Explorer Hand versus Arrow

2009-07-05T04:47:00.000-07:00

Technology War Stories/Tales from The Trenches: Internet Explorer Hand versus Arrow

Internet Explorer Hand versus Arrow

2009-07-05T04:36:00.000-07:00

Panning hand is located under the view menu. This is the dumb feature that places a white hand on your mouse pointer that does not allow you to highlight text. In Microsoft's infinite wisdom, they enabled this feature on install and did not provide sufficient documentation on how to turn it off. Nice work MSFT, perhaps if you did not lay off as many people as you recently did, the use case would have been properly managed.

Preventing Layer 2 security threats

2007-03-30T07:16:00.000-07:00

As I was cleaning out some old Cisco articles, I came across this tidbit and thought it was worth listing here as the layer 2 security threats are still very real. Read on and learn....

Preventing Layer 2 security threats

24 Sep 2004 | John Bartlomiejczyk and Marcus Phipps, Cisco Systems

Layer 2 switched environments, typically found in enterprise customer wiring closets, can be easy targets for network security attacks.
One of the most common security threats in the Layer 2 domain, and one of those least likely to be detected, is the threat targeted at disabling the network or compromising network users with the purpose of gleaning sensitive information such as passwords. These attacks exploit normal protocol processing such as a switch's ability to learn MAC addresses, end-station MAC address resolution via Address Resolution Protocol (ARP-RFC 826), or Dynamic Host Control Protocol (DHCP) server IP address assignments.

Because any user can gain access to any Ethernet port and be a potential hacker, open campus networks cannot guarantee network security. Because the OSI model was built to allow different communications layers to work without knowledge of each other, Layer 2 security is critical. If this layer -- which provides hackers access to the information power hackers seek -- is being hacked, security is compromised without communication between the other layers being affected and without any users being aware their application-layer information had been compromised.

It is important to understand that use of authentication and security features such as IEEE 802.1x and access control lists, while an integral part of an organization's threat defense policies, cannot prevent the Layer 2 security attacks outlined in this article. An authenticated user may still have malicious intentions and can easily execute all of the attacks outlined in this article.

Fortunately, there are features available that can be used to prevent these attacks. This article will provide a working understanding of the most common types of Layer 2 security attacks and how to prevent them using integrated security features.

These attacks include:

MAC address flooding
DHCP server spoofing
"Man-in-the-middle" attacks using gratuitous ARP
IP host spoofing
MAC address flooding
Denial-of-service (DoS) attacks are intended to prevent a network from carrying legitimate users' data. An attack of this type causes a network component to stop forwarding packets or to forward them improperly. Normally, in a secure or uncompromised network, a Layer 2 forwarding table is built based on the MAC addresses. The MAC address is the physical address of the device.

Normal switch behavior is to flood frames destined to unknown destination MAC addresses and to populate the content addressable memory (CAM) table with the source address and port of every arriving packet. The switch has a bound memory space for the number of MAC addresses that can be learned. This is how a switch or bridge performs the forwarding, filtering, and learning mechanisms at Layer 2. The forwarding table, however, has only a finite address space. Attacks that attempt to flood or overflow this table exploit the inherent MAC address learning capability and forwarding behavior of switches.

This attack exploits this natural hardware restriction by flooding the switch with unknown MAC addresses, which the switch will then learn. However, once the Layer 2 forwarding table limit is exceeded, packets are flooded to all ports in a virtual LAN (VLAN), enabling a hacker to eavesdrop or sniff network connections over a switched network while disrupting network performance.

Port Security is a dynamic feature that can be used to limit and identify the MAC addresses of the stations that allow access to the same physical port. When an administrator assigns secure MAC addresses to a secure port, the port does not forward packets with source addresses outside the group of defined addresses.

If a port is configured as a secure port and the maximum number of secure MAC addresses is reached, a MAC address of a station attempting to access the port that is different from any of the identified secure MAC addresses triggers a security violation. A violation is also flagged if a station with a secure MAC address configured or learned on one secure port attempts to access another secure port. In both cases, the offending station's traffic is blocked. Limiting the number of allowable MAC addresses on a switch port using port security effectively shuts down a MAC address-flooding attack.

DHCP server spoofing and man-in-the-middle attacks
A rogue DHCP server is typically used in conjunction with a network attacker who launches man-in-the-middle (MitM) attacks. MitM is an attack technique in which the attacker exploits normal protocol processing behavior to reroute normal traffic flow between two endpoints. A hacker will broadcast DHCP requests with spoofed MAC addresses, thereby exhausting the address space of the legitimate DHCP server. Once the addresses are exhausted, the rogue DHCP server provides DHCP responses to users' DHCP requests. These responses would include DNS servers and a default gateway, which would be used to launch a MitM attack.

The traffic now flows through the attacker's end station, allowing a hacker to capture or observe traffic between the two unsuspecting targeted endpoints. Keep in mind, however, that DHCP IP address exhaustion is not required to introduce a rogue DHCP server into a network. For example, a nonmalicious user may accidentally bring up a DHCP server on a network segment and begin inadvertently issuing IP addresses.

To prevent this type of attack, a feature known as DHCP Snooping should be enabled on all Layer 2 ports. This feature defines trusted ports, which can send DHCP requests and acknowledgements, and untrusted ports, which can forward only DHCP requests. It is assumed that trusted ports are those that connect to either the DHCP server itself or switched ports, such as uplinks, that in turn connect the switch to the rest of the network.

By intercepting all DHCP messages within the VLAN, the switch can act much like a small security firewall between users and the DHCP server. DHCP Snooping builds a DHCP binding table, based on dynamic address assignment, which is stored in each wiring closet switch. In non-DHCP environments such as data centers, the binding entries may be statically defined. Each DHCP binding entry contains the client IP address (either a static address of one gleaned from the DHCP server), client MAC address, port, VLAN number, lease time, and binding type (either static or dynamic).

DHCP Snooping is a prerequisite for the dynamic configuration of other preventive identity spoofing security features outlined below.

More on MitM
Address Resolution Protocol (ARP), in its most basic function, is used by an end station to bind a MAC address to an IP address. This allows two stations to communicate on a LAN segment. A station sends an ARP request as a MAC broadcast. The station that owns that IP address in the request will give an ARP response to the requesting station with its IP and MAC address. The requesting station will cache the response in its ARP cache that has a limited lifetime.

ARP also makes the provision for a function called "gratuitous ARP." Although gratuitous, ARP has a legitimate use for stations that need to take over an address for another station on failure. Gratuitous ARP is an unsolicited ARP reply, usually sent as a MAC broadcast. All stations on a LAN segment that receive a gratuitous ARP will cache the unsolicited ARP reply, which acknowledges the sender as the owner of the IP address contained in the gratuitous ARP.

Gratuitous ARPs containing a spoofed IP address, however, can also be sent. The terms "ARP spoofing" or "ARP poisoning" are used interchangeably to describe a technique in which a gratuitous ARP is used to misdirect traffic to a malicious computer so that this computer will be in the middle of IP sessions between two end stations on a particular LAN segment.

An attacker can send an ARP packet with a spoofed source address, causing the default gateway or another host to learn about it and store it in its ARP table. The ARP protocol will then create an entry for any such malicious host without performing any type of authentication or filtering, making the network vulnerable.

The most effective way for an attacker to eavesdrop a connection is to spoof the default gateway by sending a gratuitous ARP reply containing the IP address of the default gateway to other devices on the LAN. The gratuitous ARP packet causes the devices to overwrite the old entry with the new one, effectively making the attacker the new default gateway for those devices. The attacker can use IP forwarding to relay the traffic between the devices and the default gateway without the other devices being aware what is happening. The attack is only simplex, but another attack could be launched on the default gateway to make it duplex. Therefore, the attacker could see traffic from the host to the default gateway and also the return traffic from the default gateway.

These attacks can be prevented through Dynamic ARP Inspection (DAI), which helps to ensure that the access switch relays only "valid" ARP requests and responses. DAI intercepts every ARP packet on the switch, and verifies valid IP-to-MAC bindings before updating the local ARP cache or forwarding them to the appropriate destination. The validity of the bidings is ensured by checking the DHCP Snooping binding table which was created using the DHCP Snooping switch feature, outlined above.

The DHCP Snooping binding table contains the IP-MAC bindings associated with the specific switch port. Invalid ARP packets are dropped. Ports may be configured as trusted or untrusted. If ARPs are received on a trusted interface, no checking is done. If the ARPs are received on an untrusted interface, the packet is switched only if a valid IP-MAC binding is present. Therefore, DHCP Snooping is a prerequisite for DAI. Use of DAI is dynamic and does not require any changes on the connected client hosts.

IP host spoofing
In addition to ARP spoofing, an attacker may also spoof IP addresses. This is commonly done to perform DoS attacks on a second party by sending packets through a third party, thus masking the identity of the attacking system. A simple example of this involves an attacker who pings a third-party system while sourcing the IP address of the second party under attack. The ping response will be directed to the second party from the third-party system.

Aggressive Transmission Control Protocol (TCP) SYN flooding originating from spoofed IP addresses is another common type of attack used to overwhelm a server with TCP half sessions. An IP address spoofing attacker can impersonate a valid address either by manually changing an address or running a program designed to perform address spoofing. Internet worms may also use spoofing techniques to disguise their origins.

When a feature known as IP Source Guard is deployed on the network, an attacker cannot launch an attack by assuming a valid user's IP address. This feature will only permit forwarding of packets that have valid source addresses that are consistent with the IP Source binding table, which is derived from the DHCP Snooping binding table. Therefore, DHCP Snooping is a prerequisite for dynamically implementing this feature. The binding table may also be configured statically for those environments where DHCP is not used. IP Source Guard may also be configured to filter not only on source IP address abut MAC address as well. Therefore, only IP traffic with IP and MAC addresses matching the IP source binding table is permitted.

Guard every port
The interior of enterprise networks have historically been designed as an open utility, and as a result, almost all of today's enterprise network ports are "open." "Open" networks and computing resources can be accessed simply by plugging a laptop into a network port and obtaining a DHCP address. As a result, network security is entirely dependent upon the physical security of all places in the enterprise.

A recent CSI/FBI survey has shown that information theft is the number-one growing trend and that 75% of all attacks that caused monetary losses were from inside the network. As a result, the interior of enterprise networks must be provisioned in more innovative ways. If every port on the network is viewed as a "perimeter" port with potentially hostile entities gaining access, network administrators must be aware of the what these potential threats are and what new security features, such as those discussed in this article, need to be deployed to lock down those ports and prevent these potentially damaging Layer 2 security attacks.

--------------------------------------------------------------------------------
About the authors:
John Bartlomiejczyk is currently a product manager with the Cisco Systems' Gigabit Systems Business Unit, and is actively involved in Cisco's security initiative. John holds CCIE certification and has served eight years with Cisco, with roles ranging from systems engineer and technical marketing engineer. John has more than 20 years of internetworking industry experience.

Marcus Phipps is a senior marketing manager supporting the Catalyst switching group at Cisco Systems. He has more than nine years of technical and marketing experience with Cisco, and has worked with the Catalyst product line, including the Catalyst 5500 and 6500, since 1995. He holds an engineering degree from Cal Poly State University in San Luis Obispo.

Information Security Awareness Training

2007-03-29T03:52:00.000-07:00

More and more organizations are realizing the importance of Information Security Awareness within their organization. Web based training and education are extremely valuable within an organization because not only does it permit a low cost solution for ongoing training, but it also provides a mechanism by which staff can demonstrate a sound understanding of the policy to which they agree to adhere.

For an example of such a training policy, I encourage you to visit:

http://irtsectraining.nih.gov/CSA/0100005.aspx

Technology War Stories/Tales from The Trenches: Rudy Giuliani for President

2007-03-23T05:31:00.000-07:00

Technology War Stories/Tales from The Trenches: Rudy Giuliani for President: "http://www.joinrudy2008.com/index.php?section=4"

Rudy Giuliani for President

2007-03-23T05:08:00.000-07:00

If you are a New Yorker who has lived through this man's leadership, you know the deal.

America needs strong leadership that can address tough issues and get things done.

Rudy is not a pontificater. Rudy is not the kind of guy who cares about sound bytes and news clips. Rudy is all about making the necessary changes for a better quality of life. If he can do it for New York, he can do it for America.

This man is a true worker who gets things done. This is why Rudy Giuliani has my full support.

http://www.joinrudy2008.com/index.php?section=4

Ex-UBS Systems Admin Sentenced To 97 Months In Jail

2007-03-20T07:39:00.000-07:00

"Ex-UBS Systems Admin Sentenced To 97 Months In Jail
Roger Duronio was found guilty of computer sabotage and securities fraud for writing, planting, and disseminating malicious code that took down up to 2,000 servers.
By Sharon Gaudin
Courtesy of InformationWeek
December 13, 2006

The former systems administrator convicted this past summer of launching an attack on UBS PaineWebber four years ago was sentenced to 97 months in jail in U.S. District Court in Newark, N.J., on Wednesday.
Roger Duronio, 63, of Bogota, N.J., stood quietly and didn't react as Judge Joseph Greenaway Jr. handed down the sentence. "This is a sophisticated crime," said the judge. "This wasn't an instance when an individual argues that 'I had a bad day and I made a mistake.' Its undoubtedly that Mr. Duronio, having felt wronged, came up with an elaborate, sophisticated scheme to take down a company." Judge Greeaway added that he was struck by Duronio's attempt to not only disrupt the company but to derive financial benefit from it.

Duronio was found guilty of computer sabotage and securities fraud for writing, planting, and disseminating malicious code -- a so-called logic bomb -- that took down up to 2,000 servers in both UBS PaineWebber's central data center in Weehawken, N.J., and in branch offices around the country. The attack left the financial giant's traders unable to make trades, the lifeblood of the company, for a day in some offices and for several weeks in others.

Executives at UBS, which was renamed UBS Wealth Management USA in 2003, never reported the cost of lost business, but did say the attack cost the company more than $3.1 million to get the system back up and running.

"If it doesn't send a message, people aren't listening," said Assistant U.S. Attorney V. Grady O'Malley, a prosecutor on the case. "If giving the maximum for this crime doesn't send a message to people with the ability to commit a crime and to the people who employ them, they're not paying attention. The potential for the impact of an insider is uncalculable."

In his first statement in open court, Duronio called himself a simple man who lead a simple, productive life. "In the Judeo-Christian way of looking at things the just thing to do would be to be merciful. I hope to have the opportunity to keep making contributions." UBS was hit on March 4, 2002, at 9:30 in the morning, just as the stock market opened for the day. Elvira Maria Rodriguez, an IT manager in charge of maintaining the stability of the servers in the branch offices, testified during the trial that she was working when the servers began to go down. She told the court that she heard her computer beep, saw the words "cannot find" on the screen, and then her system froze. Then she glanced at her phone, which generally might have two or three lights flashing, and saw that 60 calls had come in at once.

That happened when 17,000 brokers suddenly discovered they were unable to make trades.

Rodriguez also testified that UBS is still suffering damage four years after the attack. Some of the information on the approximately 2,000 Unix-based servers in the home office and the 370 branch offices that were hit by the malicious code was never fully restored.

"I don't believe we were ever back to that point," said Rodriguez during the trial. "We were always having issues with these large-scale servers [after the attack]. We never had the luxury to focus on completely going over all the servers. We just didn't have the time."

Duronio worked at UBS as a systems administrator until he quit a few weeks before the attack. Witnesses testified that he quit because he was angry he didn't receive as large an annual bonus as he expected. The government argued that Duronio wasn't just looking to cause trouble for UBS, he also was looking to cash in. Duronio built and planted the time bomb ahead of time and then bought stock options -- using money that he got cashing out his and his wife's $20,000 IRA -- that would only pay out if the company's stock took a dive within 11 days. By laying out a short expiration date -- 11 days instead of maybe a year or two -- the gain from any payout would be much greater.

Prosecutors argued that Duronio planned on making sure that that's exactly what would happen by crippling the company's network.

During the investigation, U.S. Secret Service agents found copies of the malicious code on two of Duronio's home computers and on a printout sitting on his bedroom dresser.

Keith Jones, the government's expert witness and a 10-year forensics professional, spent more than three years analyzing backup tapes, logs, and source code from UBS's network. Jones testified during the trial that he not only found the malicious code, but he also linked it directly back to Duronio's home computer.

The defense argued that the UBS network was riddled with security holes that would have allowed any number of people to masquerade as Duronio and move around the network unnoticed. They also argued that the evidence available -- in the form of backup tapes for the damaged servers -- was incomplete, leaving holes in the picture of what happened in the months before the security incident. The jury deliberated for 20 hours before delivering the verdict, which included an acquittal on two charges of mail fraud.

Duronio was ordered to make restitution, but it is unlikely that UBS will ever get the $3.1 million they paid out in cleanup costs. Duronio also was banned from working as a systems administrator, network administrator, or computer consultant. He will report to the prison system in about 45 days."

Source: http://banktech.com/news/showArticle.jhtml?articleID=196700866

Electronic Discovery: E-mail Trail Withstands the Delete Key

2007-03-20T07:36:00.000-07:00

"A sex discrimination case that has been closely followed by the legal community is now likely to draw the attention of the business world as well, thanks to a $29.2 million verdict which, according to plaintiff’s counsel, is the largest single plaintiff sex discrimination verdict in U.S. history. The discrimination and retaliation lawsuit, Laura Zubulake v. UBS Warburg LLC, pending in United States District Court of the Southern District of New York, has already distinguished itself for its breakthrough case law on the subject of electronic discovery, resulting in four widely cited opinions on that subject.
One of the most important lessons that businesses must learn from this case has almost nothing to do with sex discrimination or hiring and firing practices, but rather relates to the impact of electronic discovery, or e-discovery, on all lawsuits regardless of size. In a society where the storage and transmission of data has gone, almost overnight, from paper to megabyte, our legal system, and the discovery process in particular, is now forcing litigants to come to grips with this technology.

While the term “e-discovery” includes all computer data, such as graphics, databases, unpublished drafts or “metadata” (i.e., computer codes and hidden data revealing history, revisions and “data about data”), it is e-mail that has become the lightning rod among judges, lawyers and legal scholars in a gathering storm over electronic discovery.

Anecdotes abound, from funny to downright frightening, which demonstrate that e-mails are all too often sent with little forethought. Moreover, litigants are now realizing that e-mails – even “deleted” e-mails – continue to reside in
electronic format in many places."

Source: http://www.duanemorris.com/alerts/static/A_LitigE-Discovery042605.pdf

What is an American?

2007-03-20T07:14:00.000-07:00

My brother sent me this chain email today. I thought it was well written enough to earn a posting here in my blog:

What is an American..........

To Kill an American

You probably missed it in the rush of news last week, but there was actually a report that someone in Pakistan had published in a newspaper an offer of a reward to anyone who killed an American, any American.

So an Australian dentist wrote an editorial the following day to let everyone know what an American is . So they would know when they found one. (Good one, mate!!!!)

"An American is English, or French, or Italian, Irish, German, Spanish, Polish, Russian or Greek. An American may also be Canadian, Mexican, African, Indian, Chinese, Japanese, Korean, Australian, Iranian, Asian, or Arab, or Pakistani or Afghan.

An American may also be a Comanche, Cherokee, Osage, Blackfoot, Navaho, Apache, Seminole or one of the many other tribes known as native Americans.

An American is Christian, or he could be Jewish, or Buddhist, or Muslim.
In fact, there are more Muslims in America than in Afghanistan. The only difference is that in America they are free to worship as each of them chooses.

An American is also free to believe in no religion. For that he will answer only to God, not to the government, or to armed thugs claiming to speak for the government and for God.

An American lives in the most prosperous land in the history of the world.
The root of that prosperity can be found in the Declaration of Independence, which recognizes the God given right of each person to the pursuit of happiness.

An American is generous. Americans have helped out just about every other nation in the world in their time of need, never asking a thing in return.

When Afghanistan was over-run by the Soviet army 20 years ago, Americans came with arms and supplies to enable the people to win back their country!

As of the morning of September 11, Americans had given more than any other nation to the poor in Afghanistan. Americans welcome the best of everything...the best products, the best books, the best music, the best food, the best services. But they also welcome the least.

The national symbol of America, The Statue of Liberty , welcomes your tired and your poor, the wretched refuse of your teeming shores, the homeless, tempest tossed. These in fact are the people who built America.

Some of them were working in the Twin Towers the morning of September 11, 2001 earning a better life for their families. It's been told that the World Trade Center victims were from at least 30 different countries, cultures, and first languages, including those that aided and abetted the terrorists.

So you can try to kill an American if you must. Hitler did. So did General Tojo, and Stalin, and Mao Tse-Tung, and other blood-thirsty tyrants in the world. But, in doing so you would just be killing yourself. Because Americans are not a particular people from a particular place. They are the embodiment of the human spirit of freedom. Everyone who holds to that spirit, everywhere, is an American.

Regulations & Info for Disaster Recovery & Business Continuity

2007-03-19T03:57:00.000-07:00

Health Industry: Covered Entities (CEs) must maintain reasonable and appropriate
administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of their electronic protected health information (EPHI) against any reasonably anticipated risks.

Public Companies: The Securities and Exchange Commission (SEC) rules state that public companies must maintain “Reasonable safeguards for information” and for availability. The Board of Directors and senior management will be held accountable.

E-Commerce: Consumer Credit Protection Act (CCPA) section 2001 Title IX mandates
availability of data in Electronic Funds Transfers including Point of Sale.

All Businesses: IRS Procedure 86-19 requires offsite protection and continuous availability of computer records containing any tax information.

Redundant Array of Independent Disks (RAID), which provides disk redundancy and fault tolerance for servers, is a popular hardware technology that uses an array of disks to provide failover services.

Six RAID levels are available, with each level providing a different method of failover configuration. (RAID-1 and RAID-5 are the most common deployments). RAID is useful for keeping local servers available to users.

Disk replication, in which data is written to two different disks (the main server and the backup server) to ensure that two valid copies of the data are always available. Disk replication can be performed locally or between two locations.

Two data replication techniques are available:
1. Synchronous (Mirroring). This method uses a disk-to-disk copy, applying changes to the backup server at the same time changes are written to the main server. This method can degrade performance on the main server, and should be implemented only over short physical distances (within the local LAN) where bandwidth will not restrict data transfers between servers.

2. Asynchronous (Shadowing). This method continuously captures data changes in the main server to a log, and writes the log to the backup server. This is the recommended mode for offsite replication. Electronic vaulting, where the server is connected to an electronic vaulting provider to create automatic backups offsite. Data is transmitted to the electronic vault as changes occur on the server between regular automatic backups. The data can be restored to the original server, or another server (which can be in another location).
Remote journaling, where transaction logs are transmitted to an offsite location, either continuously or through batch uploads. The logs are used to recover changes that occurred after the last server backup has been restored.

To properly protect yourself from a devastating loss of data, your planning for business continuity must involve more than computer data recovery through a restore process. To ensure that your business can continue to operate, your disaster recovery
plan must focus on maintaining uninterrupted business operations.

For more info, visit www.neverfailgroup.com

I am often asked for help with QuickBooks not starting...here is some info that will help...

2007-03-19T03:14:00.000-07:00

Quickbooks is a financial package that many businesses use to keep track of income and expenses. Many accountants rely upon this program, as it helps to expedite the process of completing taxes for clients. It has been my experience that the application works well on the first installation. However, when you upgrade your system, you can run into some significant problems. The following information has been pulled from various resources including intuit's help files. Rather than jumping around to each reference, it is my hope that consolidating this information in one spot with make troubleshooting easier for you. Good Luck. The info follows:

Title: QuickBooks does not start when program icon is double-clicked
KB ID#: 20ffaac7
What is happening: When I double-click the QuickBooks icon, either nothing happens or QuickBooks "flashes" quickly on the screen and then closes immediately.

Why is this happening: Intuit is aware of this issue and working to resolve it as quickly as possible. The following information has been found to resolve some instances but may not resolve every one

How to fix the problem: This article provides instructions on how to attempt to resolve this issue using the system configuration.

Detailed instructions:
Some errors can cause QuickBooks to "flash" when you attempt to launch the program. This may appear as an hourglass icon that disappears after a few seconds or the program may appear briefly and then vanish from your screen.

To resolve this issue, first click the Microsoft(R) Windows(R) Start button, choose Run, type "reboot.bat" (without the quotation marks) in the Open field, and then click OK.

If running reboot.bat did not correct the problem, follow these steps:

To start your computer in Selective Startup mode, click the Windows Start button, and then choose Run.
Type "msconfig" in the Open field, and then click OK.
In the System Configuration Utility window, click the General tab, and then select Selective Startup.
Click OK, and then click Restart.
Verify that QuickBooks opens normally.
Now, please follow these steps to restart your computer in Normal Startup mode:
Click the Windows Start button and choose Run.
Type "msconfig" in the Open field, and then click OK.
In the System Configuration Utility window, click the General tab, and then select Normal Startup.
Click OK, then click Restart. When prompted, you must restart your computer for some of the changes made by the system configuration utility to take effect.
Verify that QuickBooks now opens normally.
If the issue is not resolved, please continue with these steps:

If you have a firewall installed on the computer that is experiencing this problem, verify that the following QuickBooks files have been granted full access through the firewall: QBW32.exe, QBUPDATE.exe, QBDBmgr.exe, and QBDBmgrN.exe.
Log on as the computer administrator and attempt to start QuickBooks. If you are able to do this, then either the Windows user experiencing this problem does not have Administrator or Power User rights, or the user setup is damaged.
Set up a new user with Administrative or Power User rights on the system where QuickBooks is installed and verify that this user can start QuickBooks successfully.
If you are still not able to start QuickBooks, please check for possible virus infection by following these steps:
Click the Windows Start button and choose Run.
Type "msconfig" in the Open field, and then click OK.
In the System Configuration Utility window, click the Startup tab and look for the following process in the Command column: C:\Windows\System32\*.exe reg_run (where * can be any number of random characters). This entry indicates that you are dealing with a potential virus infection.
Note: For additional information on virus issues, please see the following site:

http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=43264. A computer consultant or your local administrator should be able to help clean up all virus and spyware on your system.

See also:
366829 - Why do I receive the following error when I try to install QuickBooks in Safe Mode? "The Windows Installer Service could not be accessed."

Title: Error: "The Windows Installer Service could not be accessed."
KB ID#: 366829
What is happening: The following error message occurs when installing QuickBooks in Safe Mode:

Error: "The Windows Installer Service could not be accessed."

Why is this happening:
QuickBooks no longer uses InstallShield to install QuickBooks; it now uses Microsoft Installer.

How to fix the problem: This article explains how to install QuickBooks in Selective Startup Mode rather than in Safe Mode. For Windows 2000 users, it describes the installation from a hard disk if the installation from CD-ROM was not successful.

Detailed instructions:
QuickBooks no longer uses InstallShield to install QuickBooks; it now uses Microsoft Installer.

I Windows(R) XP and Windows(R) 2000 the installer is run as a Service, because of this Windows XP and Windows 2000 can not be run in Safe Mode to trouble shoot an install. If a user were to try to install QuickBooks while running Windows XP or Windows 2000 in safe mode they can expect to get the following error:

"The Windows Installer Service could not be accessed. This can occur if you are running Windows in Safe Mode, or if Windows Installer is not correctly installed. Contact your support personnel for assistance."

Instead of installing in Safe Mode when running Windows XP, use the following steps to restart your computer in Selective Startup Mode and then install QuickBooks.

Click for Windows 2000 instructions.

From the Microsoft Windows Start button, select Run.
In the Open field, type MSCONFIG, and then clickOK.
Click the General tab, and then chooseSelective Startup.
Select Load System Services and make sure to clear Load Startup Items.
On the Services tab, make sure to clearHide all Microsoft Services.
Click Disable all to clear all selected services.
Select the Windows Installer service and then click OK.
Click Restart. When prompted, you must restart your computer for some of the changes made by the system configuration utility to take effect.
Run the QuickBooks installation from the CD-ROM. The QuickBooks installation should start automatically after placing the QuickBooks installation CD-ROM in your CD-ROM drive. If it does not:

Double-click My Computer on the Microsoft(R) Windows(R) desktop.
In the My Computer window, select the CD-ROM drive.
Double-click the file named Setup.exe (or Setup) to begin the QuickBooks installation.

Follow the prompts to complete the installation.
After installing, complete the following steps to revert your system to its previous configuration:

Click the Windows Start button, and then choose Run.
In the Open field, type MSCONFIG, and then click OK.
Click the General tab and chooseNormal Startup.
Click OK and then clickRestart. When prompted, you must restart your computer for some of the changes made by the system configuration utility to take effect.
If the installation is not successful, you will need to install using a hard disk installation, which involves copying the installation files to the hard drive of your computer:

Right-click the desktop, choose New, and then choose Folder. This will create a folder named New Folder on the desktop.
Place the QuickBooks program CD-ROM in the CD-ROM drive.
If a message prompting you to install QuickBooks appears, clickQuit.
Double-click My Computer on the desktop.
In the My Computer window, select the CD-ROM drive.
With the CD-ROM drive selected, from the File menu, choose Open. The contents of the CD-ROM will be displayed.
Select the folder labeled Qbooks.
From the Edit menu, chooseCopy.
Close the My Computer window.
Open the New Folder that was created in step 1.
In the New Folder window, from the Edit menu, choose Paste. This will copy the contents of the QuickBooks program from the CD-ROM to the hard disk.
Note: If the folder does not copy successfully, this indicates a problem with the CD-ROM or with your CD-ROM drive. Attempt to use the CD-ROM on another computer to see if you still experience difficulties. Otherwise, contact Customer Service for a replacement disk.

When the copy is complete, the Qbooks folder will appear in the New Folder window.
Double-click the Qbooks folder, and then double-click the file named Setup.exe (or Setup) to begin the QuickBooks installation.
Follow the prompts to complete the installation.
After the installation completes, follow the above steps to revert your system to its previous configuration.
To bypass issues when installing on Windows 2000:

Close all open applications.
Press Ctrl+Alt+Delete, and then selectTask List.
On the Applications tab, select each application and choose End Task.
To install QuickBooks after closing all running applications, insert the installation CD-ROM into the CD-ROM drive. The installation should automatically begin. If it does not:

Double-click My Computer on the desktop.
In the My Computer window, select the CD-ROM drive
Double-click the file named Setup.exe (or Setup) to begin the QuickBooks installation.
If the installation is not successful, you will need to install using a hard disk installation, which involves copying the installation files to the hard drive of your computer:

Right-click the desktop, choose New, and then choose Folder. This will create a folder named New Folder on the desktop.
Place the QuickBooks program CD-ROM in the CD-ROM drive.
If a message prompting you to install QuickBooks appears, clickQuit.
Double-click My Computer on the desktop.
In the My Computer window, select the CD-ROM drive.
With the CD-ROM drive selected, from the File menu, choose Open. The contents of the CD-ROM will be displayed.
Select the folder labeled Qbooks.
From the Edit menu, chooseCopy.
Close the My Computer window.
Open the New Folder that was created in step 1.
In the New Folder window, from the Edit menu, choose Paste. This will copy the contents of the QuickBooks program from the CD-ROM to the hard disk.
Note: If the folders do not copy successfully, this indicates a problem with the CD-ROM or with your CD-ROM drive. Attempt to use the CD-ROM on another computer to see if you still experience difficulties. Otherwise, contact Customer Service for a replacement disk.

When the copying is complete, the Qbooks folder will be displayed in the New Folder window.
Double-click the Qbooks folder, and then double-click the file named Setup.exe (or Setup) to begin the QuickBooks installation.
Follow the prompts to complete the installation.

Update your program to the most current release. Here is the update site.

http://quickbooks.com/helpcenter/ProductUpdates.aspx
ftp://ftp.quicken.com/pub/quickbooks/2003/qbcf.exe

If you still have the problem after installing the program updates continue with the steps below.

Open the Microsoft(R) Windows(R) Task Manager, by pressing the Ctrl + Alt + Delete keys at the same time, or right click the Windows(R) task bar and click Task Manager.

Click the Processes tab, select the qbupdate.exe item from the list, and then click End Process.

Download and install this executable file. In the File Download window, click Save, and then select your Microsoft(R) Windows(R) desktop from the Save in drop-down list. Click Save.

Double-click qbcf.exe on your desktop and allow it to run completely.

If you updated QuickBooks through the automatic download or from within QuickBooks, Start QuickBooks and click Yes when you are asked to install the update.

1. Go to start->search->all files and folders and type in the "QBUpdateUtility.bat" Make sure that QuickBooks is not running and double click on the found utility. That should install the updates with no problem.

2. The other option is to go to the manual download page of QuickBooks Updates and download the latest update. The link there is: http://www.quickbooks.com/support/index/ndxw_14_update.html

3. There is also a link to KB that sounds like the error message you are receiving. This could also help: http://www.quickbooks.com/support/faqs/qb2005/315719.html

Note* Be certain there is sufficient hard drive space when applying updates

http://www.quickbooks.com/support/faqs/qbw2003/202208.html

Also, keep in mind that quickbooks provides an online backup service: http://www.connected.com/QuickBooks03/started_questions.html What price can you put on your mission critical business data?

1. If your company file resides at C:/Program Files/Intuit/Quickbooks then
> move it to a safe place with easy access, like your Desktop.

> 2. Using Add/Remove Programs, uninstall Quickbooks

> 3. Reboot.

> 4. Reinstall Quickbooks.

The only thing I'd add to this is:

Before you reinstall QuickBooks, under Program Files, under Common Files,
rename the old Intuit folder to OLDIntuit (you may need to reinstall other
Intuit software after doing this), then when you reinstall QuickBooks,
reinstall to a clean directory (substitute QB for QuickBooks for example).
Reboot. Download the latest patch for 2003 to the desktop. Install it.
When it completes, reboot the machine and then,

> 5. Move your company file back to C:/Program Files/Intuit/Quickbooks OR
> the destination of your choice.

Then open up QuickBooks and point it to the data file and open it up.

This should fix you up in almost all instances.

This just in from Yahoo.UK regarding the Geocities abuse report I filed.

2007-03-14T14:58:00.000-07:00

Hello Russell,

Thank you for reporting this incident to Yahoo! UK & Ireland GeoCities.
We have evaluated that home page and have taken appropriate action against the account.

We encourage you to review the Yahoo! UK & Ireland GeoCities Guidelines
at:

http://uk.docs.yahoo.com/info/terms/geoglines.html

Thanks for writing to Yahoo! UKIE Customer Care.

Regards,

Customer Care Abuse Team - Yahoo! UK & Ireland

CONFIDENTIALITY NOTICE: This email and any attachment is confidential and may be legally privileged. It is intended for the named recipient only.

35917468

Original Message Follows:
-------------------------

Mail-Id: 1173829462-7225

What is the exact GeoCities URL on which the abuse is occurring?
BONGESSOTRUSTLTD.COM

Subject: Impersonation

Type your feedback here:
This website is part of an elaborate Nigerian scam. I have submitted the accompanying emails to your abuse department as well as to the United States Secret Service. If you have any questions, please contact me at russell@russellnomer.com or call me at 516 932
2121

While Viewing: http://help.yahoo.com/help/uk/abuse/abuse-01.html

Yahoo ID: unknown : no amt link
Browser: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; (R1 1.3); .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.2)
REMOTE_ADDR: 71.125.51.251
REMOTE_HOST: pool-71-125-51-251.nycmny.fios.verizon.net
Date Originated: Tuesday March 13, 2007 - 16:44:22
-------

How Yahoo has Responded to The Abuse Report

2007-03-13T17:23:00.000-07:00

From: Yahoo! UK & Ireland GeoCities
Email Address: uk-geo-abuse@cc.yahoo-inc.com
Subject: Regarding your email to Yahoo! (KMM68270550V2736L0KM)

Thank you very much for reporting this incident to Yahoo! UK & Ireland.
This is an automatic response to let you know that we have received your report regarding a Terms of Service Violation or Abuse issue involving a Yahoo! member.

We take reports of abuse on our site seriously and appropriate action, in accordance with our Terms of Service, will be taken against the offending account immediately.

If you seriously feel as though the safety of someone is being jeopardised, we suggest you contact your local police station.

Header Info:
Return-Path:
Delivered-To: russelln-russell@russellnomer.com
Received: (qmail 89909 invoked from network); 14 Mar 2007 00:19:51 -0000
Received: from unknown (HELO mrout2.corp.ukl.yahoo.com) (217.12.1.88)
by host211.ipowerweb.com with SMTP; 14 Mar 2007 00:19:51 -0000
Received: from kprod-app02.cc.ukl.yahoo.com (kprod-app02.cc.ukl.yahoo.com [217.12.15.70])
by mrout2.corp.ukl.yahoo.com (8.13.8/8.13.6/y.out) with SMTP id l2E0JfHW071364
for ; Wed, 14 Mar 2007 00:19:42 GMT
DomainKey-Signature: a=rsa-sha1; s=serpent; d=yahoo-inc.com; c=nofws; q=dns;
h=precedence:auto-submitted:date:to:subject:from:reply-to:
mime-version:content-type:content-transfer-encoding:x-mailer;
b=GpBvXv5cs33RR5FJ7T3sYD3BpZWHU1X5Sta6/Gt4HV5vZLQQGYV/grw+H4Ybonb5
Message-Id: <200703140019.l2E0JfHW071364@mrout2.corp.ukl.yahoo.com>
Precedence: bulk
Auto-Submitted: auto-replied
Date: Tue, 13 Mar 2007 16:19:41 +0000
To:
Subject: Regarding your email to Yahoo! (KMM68270550V2736L0KM)
From: Yahoo! UK & Ireland GeoCities
Reply-To: Yahoo! UK & Ireland GeoCities
MIME-Version: 1.0
Content-Type: text/plain; charset = "us-ascii"
Content-Transfer-Encoding: quoted-printable
X-Mailer: KANA Response 7.0.1.142

These people just don't learn

2007-03-13T16:23:00.000-07:00

I have received yet another follow up email to the scam that is being attempted against me. I guess the folks running the scam did not have the sense to read my website, or my blog. Nevertheless, we can have some fun with them at their expense and use their attempts as a learning experience.

Here is the most recent post with header info:
------------------------------------------------------------------------------------
Return-Path:
Delivered-To: russelln-russell@russellnomer.com
Received: (qmail 37228 invoked from network); 13 Mar 2007 19:16:08 -0000
Received: from unknown (HELO web27309.mail.ukl.yahoo.com) (217.146.177.170)
by host211.ipowerweb.com with SMTP; 13 Mar 2007 19:16:08 -0000
Received: (qmail 46503 invoked by uid 60001); 13 Mar 2007 19:16:06 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.co.uk;
h=X-YMail-OSG:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID;
b=bHCMapRoNqjkjib2Njh8YOTt8zesHuM8WuAjHJZI7jutvE5ohQNThlIfn2AToA10ZpGuTQy8QyfSSOB/C3fE87HfY8CM/7wB63X4iZikLu6yzSnPFR1dImfxJZxKqzJe+Rr8/OjzSz1n2MQ2WRK8A/1HqIcOD7seQhjyBx4Obns=;
X-YMail-OSG: 8n0QTZ0VM1lTYOnXACasMOVexf.htlkC7CZGAsWZVEsSrm379Pz4Soem4TByLBvhAlf2MaYGZPPtbzgWvzM0N1VpYM24W5sg8jXXYAbMNPKJxP0UcJrJCZXcNE8WfYo1srRqwfeF6JT5
Received: from [86.62.11.98] by web27309.mail.ukl.yahoo.com via HTTP; Tue, 13 Mar 2007 19:16:06 GMT
Date: Tue, 13 Mar 2007 19:16:06 +0000 (GMT)
From: marble corry
Subject: RE: FW: Remuneration
To: russell@russellnomer.com
In-Reply-To: <00ac01c76572$e0cee100$a26ca300$@com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-1536588243-1173813366=:46368"
Content-Transfer-Encoding: 8bit
Message-ID: <605886.46368.qm@web27309.mail.ukl.yahoo.com>

TO THE BENEFICIARY OF THE FUNDS WORTH USD$100,000.00

ATTENTION:MR RUSSELL NOMER

AFTER MAKING INQUIRIES AND PROPER VERIFICATIONS,I'VE FOUND YOU TO BE THE RIGHTFUL,LEGITIMATE AND AUTHORIZED BENEFICIARY OF THE FUNDS PRESENTED TO ME ON YOUR BEHALF BY MR.GILBERT CHARLES.I HEREBY INFORM YOU THAT I HAVE PRESENTED YOUR FUNDS DRAFT OF USD$100,000.00 TO THE BONGESSO TRUST BANK,SO IT CAN BE LODGED INTO YOUR BANK ACCOUNT.THE BONGESSO TRUST BANK OF BENIN-REPUBLIC IS WHERE THE DRAFT IS BEEN DEPOSITED FOR IT TO BE LODGED INTO YOUR NOMINATED BANK ACCOUNT,AS INSTRUCTED BY MR.GILBERT CHARLES.THE BONGESSO TRUST BANK IS A TOP COMMERCIAL BANK THAT HAS MANY BRANCHES AND OFFICES THAT CUTS ACROSS THE GLOBE.THAT ENTAILS EUROPE,ASIA AND AUSTRALIA. BENIN-REPUBLIC IS IN AFRICA,AND THE BANK HAS OTHER BRANCHES IN THE NEIGHBOURING COUNTRIES OF BENIN-REPUBLIC WHICH INCLUDES,GHANA,REPUBLIC OF CAMEROUN,TOGO,IVORY COAST AND NIGERIA.IT'S MAIN HEAD OFFICE IS SITUATED IN MY COUNTRY,BENIN-REPUBLIC. I'VE ADHERED OBEDIENTLY TO THE INSTRUCTION GIVEN TO ME BY MR.GILBERT CHARLES.THE NEXT THING YOU WILL DO NOW IS TO CONTACT MR.RON CASIE. HE IS THE PERSON AT THE HELM OF AFFAIRS AND IN CONTROL OF THE DEPARTMENT OF INTERNATIONAL TRANSFERS/FOREIGN REMITTANCES OPERATIONS.HIS DEPARTMENT OVERSEES THE AFFAIRS AND FINANCIAL ACTIVITIES OF ALL THE MEANS OF MONEY TRANSFERS THAT ENTAILS DRAFTS,WIRE TRANSFERS,TELEGRAPHIC TRANSFERS AND ACCOUNTS TRANSFERS.YOU WILL HAVE TO PROVIDE YOUR BANK ACCOUNT COORDINATES WHERE YOU WANT THE DRAFT TO BE LODGED/TRANSFERRED INTO.
THE CONTACT IS MANDATORY BECAUSE THE BANK NEEDS A PROPER IDENTIFICATION OF YOURSELF FOR CONFIRMATION,SO THAT IT WILL BE IN LINE WITH MY OWN PRESENTATION OF YOURSELF TO THE BANK OFFICIALS ,AS THE RIGHTFUL LEGITIMATE SOLE-BENEFICIARY OF THE DRAFT WORTH $USD100,000.00.MR.RON CASIE'S EMAIL CONTACT ADDRESS IS FOREIGNTRANSFERDEPT@BONGESSOTRUSTLTD.COM CONTACT HIM IMMEDIATELY SO THAT THE DRAFT WILL BE LODGED INTO YOUR NOMINATED ACCOUNT. I LOOK FORWARD TO HEAR THE FEEDBACK PROMPTLY.

BARRISTER.MARBLE CORRY (HONS,SAB,SENIOR ADVOCATE)

-------------------------------------------------------------------------------------

BONGESSOTRUSTLTD.COM actually points to a geocities website. No bank would ever host there, so that is the first clue to what's wrong with this picture.

A quick whois lookup of the domain provided this useful information:

Domain Name.......... bongessotrustltd.com
Creation Date........ 2005-11-18
Registration Date.... 2005-11-18
Expiry Date.......... 2007-11-18
Organisation Name.... Danny Wing Kin Li
Organisation Address. 3603 Gunnison Dr
Organisation Address.
Organisation Address. Lawrence
Organisation Address. 66049
Organisation Address. KS
Organisation Address. UNITED STATES

Admin Name........... Danny Wing Kin Li
Admin Address........ 3603 Gunnison Dr
Admin Address........
Admin Address........ Lawrence
Admin Address........ 66049
Admin Address........ KS
Admin Address........ UNITED STATES
Admin Email.......... *************@yahoo.com
Admin Phone.......... +1.785 832 8246
Admin Fax............

Tech Name............ YahooDomains TechContact
Tech Address......... 701 First Ave.
Tech Address.........
Tech Address......... Sunnyvale
Tech Address......... 94089
Tech Address......... CA
Tech Address......... UNITED STATES
Tech Email........... ***********@YAHOO-INC.COM
Tech Phone........... +1.619 881 3096
Tech Fax.............
Name Server.......... yns1.yahoo.com
Name Server.......... yns2.yahoo.com

I took the liberty of contacting Danny Wing Kin Li and he claims to have no knowledge of owning this domain. I advised him that I am forwarding the information to the Secret Service and encouraged him to contact his local field office to clear his own name.

I have forwarded this information to the United States Secret Service and will keep my readers posting regarding any updates.

Isn't it amazing how reality can be more interesting than fiction?

A Yahoo Spammer Exposed

2007-03-13T06:52:00.000-07:00

For some reason, spam originating from yahoo.UK keeps coming to me in a very curious manner. The spammers claim that they have a large sum of money waiting for me and that they need to confirm my identity. Other twists on the approach is that they have come into a large sum of money and they need my help investing it here in the United States. An even more interesting approach has been when I posted my boat up for sale on EBAY and was actually sent a certified bank check, which upon further due diligence, turned out to be fake. Crooks are really stupid if they think people are not going to call the issuing bank to verify available funds and the legitimacy of the check. When bad checks are issued, this constitutes a felony and you can get The United States Secret Service involved, as this is one of their areas of specialization.

In respect to the spammers who appear to originate from the UK, they can not overcome the fact that computer email messages can be traced by header information as well as suopenas to the ISP. Some providers, such as YAHOO have become so sick of having to deal with these problems, that they have established internal departments to handle the demand. If you have been contacted by a spammer who you feel is trying to scam you out of cash, yahoo does have some recourse for you.

In my situation, since the message came from the yahoo.uk system, I submitted proof of the message, the subject line, email address, message header, and message content to:
http://help.yahoo.com/fast/help/uk/mail/cgi_spam

This is how the email came to me:

ATTENTION:MR RUSSELL NOMER

I AM IN RECEIPT OF YOUR EMAIL MESSAGE.THE CONTENTS OF THE FORWARDED MESSAGE OF YOURS BY MR.GILBERT CHARLES ENTAILS YOUR COMPENSATION DRAFT CHEQUE OF USD$100,000.00 PRESENTED TO ME ON YOUR BEHALF BY YOUR BENEFACTOR MR.GILBERT CHARLES.
I WAS INSTRUCTED BY MR.CHARLES TO FORWARD YOUR FUNDS TO YOU IMMEDIATELY AFTER YOU'VE CONTACTED ME OFFICIALLY AND WITH PROPER SELF IDENTIFICATION.I WILL GET BACK TO YOU AFTER MY PROPER VERIFICATIONS TO ASCERTAIN THE LEGITIMACY OF YOU BEING THE NEW BENEFICIARY OF THE FUNDS WORTH USD$100,000 UNITED STATES DOLLARS DEPOSITED WITHIN MY CARE BY MR.GILBERT CHARLES.

RESPECTIVELY,

BARRISTER.CORRY MARBLE (HONS,SAB,ORDER OF BENIN REPUBLIC,SENIOR ADVOCATE)

This is the message header: (Note the IP, date and time stamps)

Return-Path:
Delivered-To: russelln-russell@russellnomer.com
Received: (qmail 34398 invoked from network); 13 Mar 2007 11:50:17 -0000
Received: from unknown (HELO web27305.mail.ukl.yahoo.com) (217.146.177.166)
by host211.ipowerweb.com with SMTP; 13 Mar 2007 11:50:17 -0000
Received: (qmail 50149 invoked by uid 60001); 13 Mar 2007 11:50:16 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.co.uk;
h=Message-ID:X-YMail-OSG:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;
b=1AdAT9viiu5J2l7hsiw1yXJVep04rxvDfx+SOxcjz4eq/Eg+8mznLgZiA5TaK+Ae6PFFlE1OJ9MzhOVAnLl397J5KqKC6kAclA5NUxqDl99V4xvP7z+EcAj7oyFtJerwfr4TrS5uAEFiz6IJkEjEOz1Svnk7ZPtk5PLvjcpwhJE= ;
Message-ID: <20070313115016.50147.qmail@web27305.mail.ukl.yahoo.com>
X-YMail-OSG: jwqXNFIVM1l3_LASyZUXWGG6rfTFxCu4fmsaOzVZCp3qH82o3OOO2d3zWWwDOrJSpHpnC8Nmst_ArRCPNDyM_ZKNmYnHBHimsPvP5wb7niE9IvGjMRI-
Received: from [86.62.11.98] by web27305.mail.ukl.yahoo.com via HTTP; Tue, 13 Mar 2007 11:50:16 GMT
Date: Tue, 13 Mar 2007 11:50:16 +0000 (GMT)
From: marble corry
Subject: Re: FW: Remuneration
To: russell@russellnomer.com
In-Reply-To: <000001c764e4$65e50f20$31af2d60$@com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-450757521-1173786616=:48398"
Content-Transfer-Encoding: 8bit

Technology Compliance Cliff Notes

2007-03-09T05:48:00.000-08:00

HIPPA:Technical Safeguards - controlling access to computer systems and enabling covered entities to protect communications containing PHI transmitted electronically over open networks from being intercepted by anyone other than the intended recipient
Information systems housing PHI must be protected from intrusion. When information flows over open networks, some form of encryption must be utilized. If closed systems/networks are utilized, existing access controls are considered sufficient and encryption is optional.
Each covered entity is responsible for ensuring that the data within its systems has not been changed or erased in an unauthorized manner.
Data corroboration, including the use of check sum, double-keying, message authentication, and digital signature may be used to ensure data integrity.
Covered entities must also authenticate entities it communicates with. Authentication consists of corroborating that an entity is who it claims to be. Examples of corroboration include: password systems, two or three-way handshakes, telephone callback, and token systems.
Covered entities must make documentation of their HIPAA practices available to the government to determine compliance.
In addition to policies and procedures and access records, information technology documentation should also include a written record of all configuration settings on the components of the network because these components are complex, configurable, and always changing.
Documented risk analysis and risk management programs are required. Covered entities must carefully consider the risks of their operations as they implement systems to comply with the act. (The requirement of risk analysis and risk management implies that the act’s security requirements are a minimum standard and places responsibility on covered entities to take all reasonable precautions necessary to prevent PHI from being used for non-health purposes.)

The Gramm-Leach-Bliley Act, also known as the Gramm-Leach-Bliley Financial Services Modernization Act, Pub. L. No. 106-102, 113 Stat. 1338 (November 12, 1999), is an Act of the United States Congress which repealed the Glass-Steagall Act, opening up competition among banks, securities companies and insurance companies. The Glass-Steagall Act prohibited a bank from offering investment, commercial banking, and insurance services. The Gramm-Leach-Bliley Act (GLBA) allowed commercial and investment banks to consolidate. For example, Citibank merged with Travelers Group, an insurance company, and in 1997 formed the conglomerate Citigroup, a corporation combining banking and insurance underwriting services. Other major mergers in the financial sector had already taken place such as the Smith-Barney, Shearson, Primerica and Travelers Insurance Corporation combination in the mid-1990's. This combination announced in 1993 and finalized in 1994 already violated the Glass-Steagall Act by combining insurance and securities companies. The law was passed to legalize these mergers. Historically, the combined industry has been known as the financial services industry.

Many of the largest banks, brokerages, and insurance companies desired the Act at the time. The justification was that individuals usually put more money in investments when economy is good, but they put their money into savings accounts when it turns bad. With the new Act, they would do both with the same company, so it would be doing well in all economic times.

Prior to the Act, most financial services companies were doing this anyway. On the retail/consumer side, a bank called Norwest led the charge in offering all types of financial services products in 1986. American Express attempted to own almost every field of financial business (although there was little synergy between them). Things culminated in 1997 when Travelers, a financial services company with everything but a retail/commercial bank, bought out Citibank, creating the largest and the most profitable company in the world. The move was technically illegal and provided impetus for the passage of the Gramm-Leach-Bliley Act.

Also prior to the passage of the Act, there were many relaxations to the Glass-Steagall Act. For example, a few years earlier, commercial Banks were allowed to get into investment banking, and before that banks were also allowed to get into stock and insurance brokerage. Insurance underwriting was the only main operation they weren't allowed to do, something rarely done by banks even after the passage of the Act.

Much consolidation occurred in the financial services industry since, but not at the scale some had expected. Retail banks, for example, do not tend to buy insurance underwriters, as they seek to engage in a more profitable business of insurance brokerage by selling products of other insurance companies. Other retail banks were slow to market investments and insurance products and package those products in a convincing way. Brokerage companies had a hard time getting into banking, because they do not have a large branch and backshop footprint. Banks have recently tended to buy other banks, such as the recent Bank of America and Fleet Boston merger, yet they have had less success integrating with investment and insurance companies. Many banks have expanded into investment banking, but have found it hard to package it with their banking services, without resorting to questionable tie-ins which caused scandals at Smith Barney.

Senator Phil Gramm led the Senate Banking Committee which sponsored the Act; he later joined UBS Warburg, at the time the investment banking arm of the largest Swiss bank.

Some restrictions remain to provide some amount of separation between the investment and commercial banking operations of a company. For example, licensed bankers must have separate business cards, eg. "Personal Banker, Wells Fargo Bank" and "Investment Consultant, Wells Fargo Private Client Services". Much of the debate about financial privacy is specifically centered around allowing or preventing the banking, brokerage, and insurances divisions of a company from working together.

In terms of compliance, the key rules under the Act include The Financial Privacy Rule which governs the collection and disclosure of customers’ personal financial information by financial institutions. It also applies to companies, regardless of whether they are financial institutions, who receive such information. The Safeguards Rule requires all financial institutions to design, implement and maintain safeguards to protect customer information. The Safeguards Rule applies not only to financial institutions that collect information from their own customers, but also to financial institutions – such as credit reporting agencies – that receive customer information from other financial institutions.

GLBA compliance is mandatory; whether a financial institution discloses nonpublic information or not, there must be a policy in place to protect the information from foreseeable threats in security and data integrity
Major Components put into place to govern the collection, disclosure, and protection of consumers’ nonpublic personal information; or personally identifiable information:

Financial Privacy Rule
Safeguards Rule
Pretexting Protection

(Subtitle A: Disclosure of Nonpublic Personal Information, codified at 15 U.S.C. § 6801 through 15 U.S.C. § 6809)

The Financial Privacy Rule requires financial institutions to provide each consumer with a privacy notice at the time the consumer relationship is established and annually thereafter. The privacy notice must explain the information collected about the consumer, where that information is shared, how that information is used, and how that information is protected. The notice must also identify the consumer’s right to opt-out of the information being shared with unaffiliated parties per the Fair Credit Reporting Act. Should the privacy policy change at any point in time, the consumer must be notified again for acceptance. Each time the privacy notice is reestablished, the consumer has the right to opt-out again. The unaffiliated parties receiving the nonpublic information are held to the acceptance terms of the consumer under the original relationship agreement. In summary, the financial privacy rule provides for a privacy policy agreement between the company and the consumer pertaining to the protection of the consumer’s personal nonpublic information.

(Subtitle A: Disclosure of Nonpublic Personal Information, codified at 15 U.S.C. § 6801 through 15 U.S.C. § 6809)

The Safeguards Rule requires financial institutions to develop a written information security plan that describes how the company is prepared for, and plans to continue to protect clients’ nonpublic personal information. (The Safeguards Rule also applies to information of those no longer consumers of the financial institution.) This plan must include:

Denoting at least one employee to manage the safeguards,
Constructing a thorough [risk management] on each department handling the nonpublic information, Develop, monitor, and test a program to secure the information, and
Change the safeguards as needed with the changes in how information is collected, stored, and used.

This rule is intended to do what most businesses should already be doing: protect their clients. The Safeguards Rule forces financial institutions to take a closer look at how they manage private data and to do a risk analysis on their current processes. No process is perfect, so this has meant that every financial institution has had to make some effort to comply with the GLBA.

(Subtitle B: Fraudulent Access to Financial Information, codified at 15 U.S.C. § 6821 through 15 U.S.C. § 6827)

Pretexting (sometimes referred to as "social engineering") occurs when someone tries to gain access to personal nonpublic information without proper authority to do so. This may entail requesting private information while impersonating the account holder, by phone, by mail, by email, or even by "phishing" (i.e., using a "phony" website or email to collect data). The GLBA has provisions that require the financial institution to take all precautions necessary to protect and defend the consumer and associated nonpublic information. Pretexting is illegal and punishable by law beyond any recognition by the GLBA

The GLBA defines “financial institutions” as: …”companies that offer financial products or services to individuals, like loans, financial or investment advice, or insurance. The Federal Trade Commission (FTC) has jurisdiction over financial institutions similar to, and including, these:

non-bank mortgage lenders,
loan brokers,
some financial or investment advisers,
debt collectors,
tax return preparers,
banks, and
real estate settlement service providers.
These companies must also be considered significantly engaged in the financial service or production that defines them as a “financial institution”.

Insurance has jurisdiction first by the state, provided the state law at minimum complies with the GLBA. State law can require greater compliance, but not less than what is otherwise required by the GLBA.

The Gramm-Leach-Bliley Act defines a ‘consumer’ as

"an individual who obtains, from a financial institution, financial products or services which are to be used primarily for personal, family, or household purposes, and also means the legal representative of such an individual." (See 15 U.S.C. § 6809(9).}
A ‘customer’ is a consumer that has developed a relationship with privacy rights protected under the GLBA. A ‘customer’ is not someone using an automated teller machine (ATM) or having a check cashed at a cash advance business. These are not ongoing relationships like a ‘customer’ might have; i.e. a mortgage loan, tax advising, or credit financing. A business is not an individual with personal nonpublic information, so a business cannot be a customer under the GLBA. A business, however, may be liable for compliance to the GLBA depending upon the type of business and the activities utilizing individual’s personal nonpublic information.

Under the GLBA, financial institutions must provide their clients a privacy notice that explains what information the company gathers about the client, where this information is shared, and how the company safeguards that information. This privacy notice must be given to the client prior to entering into an agreement to do business. There are exceptions to this when the client accepts a delayed receipt of the notice in order to complete a transaction on a timely basis. This has been somewhat mitigated due to online acknowledgement agreements requiring the client to read or scroll through the notice and check a box to accept terms.

The privacy notice must also explain to the consumer of the opportunity to ‘opt-out’. Opting out means that the client can say "no" to allowing their information to be shared with affiliated parties. The Fair Credit Reporting Act is responsible for the ‘opt-out’ opportunity, but the privacy notice must inform the consumer of this right under the GLBA. The client cannot opt-out of:

*information shared with those providing priority service to the financial
* institution marketing of products or services for the financial institution
* when the information is deemed legally required.

Violation of the GLBA may result in a civil action brought by the United States Attorney General. The penalties, as amended under the Financial Institution Privacy Protection Act of 2003 (108th CONGRESS - 1st Session - S. 1458; To amend the Gramm-Leach-Bliley Act to provide for enhanced protection of nonpublic personal information, including health information, and for other purposes., In The Senate of the United States, July 25 (legislative day, JULY 21), 2003)include,

”the financial institution shall be subject to a civil penalty of not more than $100,000 for each such violation”
“the officers and directors of the financial institution shall be subject to, and shall be personally liable for, a civil penalty of not more than $10,000 for each such violation”.

The Sarbanes-Oxley Act of 2002 (Pub. L. No. 107-204, 116 Stat. 745, also known as the Public Company Accounting Reform and Investor Protection Act of 2002 and commonly called SOX or Sarbox; July 30, 2002) is a United States federal law passed in response to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Peregrine Systems and WorldCom (recently MCI and now currently part of Verizon Businesses). These scandals resulted in a decline of public trust in accounting and reporting practices. Named after sponsors Senator Paul Sarbanes (D-Md.) and Representative Michael G. Oxley (R-Oh.), the Act was approved by the House by a vote of 423-3 and by the Senate 99-0. The legislation is wide ranging and establishes new or enhanced standards for all U.S. public company boards, management, and public accounting firms. The Act contains 11 titles, or sections, ranging from additional Corporate Board responsibilities to criminal penalties, and requires the Securities and Exchange Commission (SEC) to implement rulings on requirements to comply with the new law. Some believe the legislation was necessary and useful, others believe it does more economic damage than it prevents, and yet others observe how essentially modest the Act is compared to the heavy rhetoric accompanying it.

The first and most important part of the Act establishes a new quasi-public agency, the Public Company Accounting Oversight Board, which is charged with overseeing, regulating, inspecting, and disciplining accounting firms in their roles as auditors of public companies. The Act also covers issues such as auditor independence, corporate governance and enhanced financial disclosure. It is considered by some as one of the most significant changes to United States securities laws since the New Deal in the 1930s.

The House passed Rep. Oxley's bill (H.R. 3763) on April 25, 2002, by a vote of 334 to 90. The House then referred the "Corporate and Auditing Accountability, Responsibility, and Transparency Act" or "CAARTA" to the Senate Banking Committee with the support of President George W. Bush and the SEC. At the time, however, the Chairman of that Committee, Senator Paul Sarbanes (D-MD), was preparing his own proposal, Senate Bill 2673..

Senator Sarbanes’ bill passed the Senate Banking Committee on June 18, 2002, by a vote of 17 to 4. On June 25, 2002, WorldCom revealed it had overstated its earnings by more than $72 billion during the past five quarters, primarily by improperly accounting for its operating costs. Sen. Sarbanes introduced Senate Bill 2673 to the full Senate that same day, and it passed 97-0 less than three weeks later on July 15, 2002.

The House and the Senate formed a Conference Committee to reconcile the differences between Sen. Sarbanes' bill (S. 2673) and Rep. Oxley's bill (H.R. 3763). The conference committee relied heavily on S. 2673 and “most changes made by the conference committee strengthened the prescriptions of S. 2673 or added new prescriptions.” (John T. Bostelman, The Sarbanes-Oxley Deskbook § 2-31.)

The Committee approved the final conference bill on July 24, 2002, and gave it the name "the Sarbanes-Oxley Act of 2002." The next day, both houses of Congress voted on it without change, producing an overwhelming margin of victory: 423 to 3 in the House and 99 to 0 in the Senate. On July 30, 2002, President George W. Bush signed it into law, stating it included "the most far-reaching reforms of American business practices since the time of Franklin D. Roosevelt." (Elisabeth Bumiller: "Bush Signs Bill Aimed at Fraud in Corporations", The New York Times, July 31, 2002, page A1).

The Sarbanes-Oxley Act's major provisions include the following:

Creation of the Public Company Accounting Oversight Board (PCAOB)
A requirement that public companies evaluate and disclose the effectiveness of their internal controls as they relate to financial reporting, and that independent auditors for such companies "attest" (i.e., agree, or qualify) to such disclosure
Certification of financial reports by chief executive officers and chief financial officers
Auditor independence, including outright bans on certain types of work for audit clients and pre-certification by the company's Audit Committee of all other non-audit work
A requirement that companies listed on stock exchanges have fully independent audit committees that oversee the relationship between the company and its auditor
Ban on most personal loans to any executive officer or director
Accelerated reporting of insider trading
Prohibition on insider trades during pension fund blackout periods
Additional disclosure
Enhanced criminal and civil penalties for violations of securities law
Significantly longer maximum jail sentences and larger fines for corporate executives who knowingly and willfully misstate financial statements, although maximum sentences are largely irrelevant because judges generally follow the Federal Sentencing Guidelines in setting actual sentences
Employee protections allowing those corporate fraud whistleblowers who file complaints with OSHA within 90 days to win reinstatement, back pay and benefits, compensatory damages, abatement orders, and reasonable attorney fees and costs.

Auditing Standard No. 2' of the Public Company Accounting Oversight Board (PCAOB) has the following key requirements:

The design of controls-relevant assertions related to all significant accounts and disclosures in the financial statements
Information about how significant transactions are initiated, authorized, supported, processed, and reported
Enough information about the flow of transactions to identify where material misstatements due to error or fraud could occur
Controls designed to prevent or detect fraud, including who performs the controls and the regulated segregation of duties
Controls over the period-end financial reporting process
Controls over safeguarding of assets
The results of management's testing and evaluation

Under Sarbanes-Oxley, two separate certification sections came into effect—one civil and the other criminal. 15 U.S.C. § 7241 (Section 302) (civil provision); 18 U.S.C. § 1350 (Section 906) (criminal provision).

Section 302 of the Act mandates a set of internal procedures designed to ensure accurate financial disclosure. The signing officers must certify that they are “responsible for establishing and maintaining internal controls” and “have designed such internal controls to ensure that material information relating to the company and its consolidated subsidiaries is made known to such officers by others within those entities, particularly during the period in which the periodic reports are being prepared.” 15 U.S.C. § 7241(a)(4). The officers must “have evaluated the effectiveness of the company’s internal controls as of a date within 90 days prior to the report” and “have presented in the report their conclusions about the effectiveness of their internal controls based on their evaluation as of that date.” Id..

Moreover, under Section 404 of the Act, management is required to produce an “internal control report” as part of each annual Exchange Act report. See 15 U.S.C. § 7262. The report must affirm “the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting.” 15 U.S.C. § 7262)a). The report must also “contain an assessment, as of the end of the most recent fiscal year of the Company, of the effectiveness of the internal control structure and procedures of the issuer for financial reporting.” Id. To do this, managers are generally adopting an internal control framework such as that described in COSO.

Under both Section 302 and Section 404, Congress directed the SEC to promulgate regulations enforcing these provisions. (See Final Rule: Management’s Report on Internal Control Over Financial Reporting and Certification of Disclosure in Exchange Act Periodic Reports, Release No. 33-8238 (June 5,2003), available at http://www.sec.gov/rules/final/33-8238.htm.)

In addition, outside auditors for companies must, for the first time, attest to managers' internal control assessment, pursuant to SEC rules, which currently require only large public companies comply with this part of SOX. This presents new challenges to businesses, specifically, documentation of control procedures related to information technology ("IT"). Public Company Accounting Oversight Board (PCAOB) has issued guidelines on how auditors should provide their attestations.

The PCAOB suggests considering the Committee of Sponsoring Organizations of the Treadway Commission (COSO) framework in management/auditor assessment of controls. Auditors have also looked to the IT Governance Institute's "COBIT: Control Objectives of Information and Related Technology" for more appropriate standards of measure. This framework focuses on information technology (IT) processes while keeping in mind the big picture of COSO's "control activities" and "information and communication". However, these certain aspects of COBIT are outside the boundaries of Sarbanes-Oxley regulation.

The financial reporting processes of most organizations are driven by IT systems. Few companies manage their data manually and most companies rely on electronic management of data, documents, and key operational processes. Therefore, it is apparent that IT plays a vital role in internal control. As PCAOB's "Auditing Standard 2" states:

"The nature and characteristics of a company's use of information technology in its information system affect the company's internal control over financial reporting."
Chief information officers are responsible for the security, accuracy and the reliability of the systems that manage and report the financial data. Systems such as ERP (Enterprise Resource Planning) are deeply integrated in the initiating, authorizing, processing, and reporting of financial data. As such, they are inextricably linked to the overall financial reporting process and need to be assessed, along with other important process for compliance with Sarbanes-Oxley Act. So, although the Act signals a fundamental change in business operations and financial reporting, and places responsibility in corporate financial reporting on the chief executive officer (CEO) and chief financial officer (CFO), the chief information officer (CIO) plays a significant role in the signoff of financial statements.

The SEC identifies the COSO framework by name as a methodology for achieving compliance. The COSO framework defines five areas, which when implemented, can help support the requirements as set forth in the Sarbanes-Oxley legislation. These five areas and their impacts for the IT Department are as follows:

Risk Assessment. Before the necessary controls are implemented, IT management must assess and understand the areas of risk affecting the completeness and validity of the financial reports. They must examine how the company's systems are being used and the current level and accuracy of existing documentation. The areas of risk drive the definition of the other four components of the COSO framework.

Control Environment. An environment in which the employees take ownership for the success of their projects will encourage them to escalate issues and concerns, and feel that their time and efforts contribute to the success of the organization. This is the foundation on which the IT organization will thrive. Employees should cross train with design, implementation, quality assurance and deployment teams to better understand the entire technology lifecycle.

Control Activities. Design, implementation and quality assurance testing teams should be independent. ERP and CRM systems that collect data, but feed into manual spreadsheets are prone to human error. The organization will need to document usage rules and create an audit trail for each system that contributes financial information. Further, written policies should define the specifications, business requirements and other documentation expected for each project.

Monitoring. Auditing processes and schedules should be developed to address the high-risk areas within the IT organization. IT personnel should perform frequent internal audits. In addition, personnel from outside the IT organization should perform audits on a schedule that is appropriate to the level of risk. Management should clearly understand and be held responsible for the outcome of these audits.

Information and Communication. Without timely, accurate information, it will be difficult for IT management to proactively identify and address areas of risk. They will be unable to react to issues as they occur. IT management must demonstrate to company management an understanding of what needs to be done to comply with Sarbanes-Oxley and how to get there.

In a recent article by the accounting and consulting firm of Deloitte Touche Tohmatsu entitled "Under Control", the need for "sustainable compliance" is encouraged. The article suggests leveraging lessons learned to shift to a long-term strategy. The following areas are described as impediments to the process:

"Project mindset: … many companies understandably treated section 404 compliance as a discrete project with a clearly defined ending point."
"Overextension of internal audit: If management continues to utilize internal audit for intensive 404 and 302 compliance-related work, then a significant infusion of resources (i.e., budget and headcount) to accommodate the additional workload will be needed."
"Poorly defined roles: Internal control-related roles and responsibilities, often poorly defined and segregated from the day-to-day routine of employees during the first year, will require greater clarity and integration going forward"
"Improvisational approach: Another symptom of deadline pressure showed up in the jerrybuilt practices that carried many companies through the first year."
"Underestimation of technology impacts and implications: …IT is recognized as critical for achieving the goals of the Act, and the impact and implications of technology are widely regarded as significant and pervasive. In many year-one projects, organizations focused heavily on business processes and did not consider the broader role that IT plays in managing financial information and enabling controls… IT will make a huge impact on compliance going forward. At a minimum, technology investments will be necessary to support sustainable compliance in several areas, including repository, work flow, and audit trail functionality. Technology will also be used to enable the integration of financial and internal control monitoring and reporting — a critical requirement at most large and complex enterprises."
"Ignored risks: Effective internal control is predicated on risk… the controls themselves — exist expressly for the purpose of minimizing the risk of financial reporting errors… In year one, risk assessment was treated as an afterthought — if addressed at all."
The future of SOX 404 will depend on the ability of businesses to respond to the areas noted above by making it a part of every-day business. Deloitte has developed the "Sustained Compliance Solution Framework". Key areas of the framework are also taken from "Under Control":

Effective and efficient processes for evaluating testing, remediating, monitoring, and reporting on controls
Integrated financial and internal control processes
Technology to enable compliance
Clearly articulated roles and responsibilities and assigned accountability
Education and training to reinforce the "control environment"
Adaptability and flexibility to respond to organizational and regulatory change.
Deloitte and the other auditing industry firms will generate significant revenue from these elaborate exercises.

The Foreign Corrupt Practices Act of 1977 (15 U.S.C. §§ 78dd-1, et seq.) is a United States federal law requiring any company that has publicly traded stock to maintain records that accurately and fairly represent the company's transactions; additionally, requires any publicly traded company to have an adequate system of internal accounting controls. The act does not only apply to public companies, it applies to all companies in the U.S. and all of those associated with it.

As a result of U.S. Securities and Exchange Commission investigations in the mid-1970s, over 400 U.S. companies admitted making questionable or illegal payments in excess of $300 million to foreign government officials, politicians, and political parties. The abuses ran the gamut from bribery of high foreign officials to secure some type of favorable action by a foreign government to so-called facilitating payments that allegedly were made to ensure that government functionaries discharged certain ministerial or clerical duties. Congress enacted the FCPA to bring a halt to the bribery of foreign officials and to restore public confidence in the integrity of the American business system.

The Act was amended in 1998 by the International Anti-Bribery Act of 1998 which was designed to implement the anti-bribery conventions of the Organisation for Economic Co-operation and Development (OECD)."

The antibribery provisions of the FCPA make it unlawful for a U.S. person, and certain foreign issuers of securities, to make a payment to a foreign official for the purpose of obtaining or retaining business for or with, or directing business to, any person. Since 1998, they also apply to foreign firms and persons who take any act in furtherance of such a corrupt payment while in the United States. The meaning of foreign official is broad. For example an owner of a bank who is also the brother of the minister of finance would count as a foreign official according to the U.S. government. There is no materiality to this act, making it illegal to bribe even a penny. The government focuses on the intent of the bribery more than the amount of it.

The FCPA also requires companies whose securities are listed in the United States to meet its accounting provisions. See 15 U.S.C. § 78m. These accounting provisions, which were designed to operate in tandem with the antibribery provisions of the FCPA, require corporations covered by the provisions to make and keep books and records that accurately and fairly reflect the transactions of the corporation and to devise and maintain an adequate system of internal accounting controls.

Regarding payments to foreign officials, the act draws a distinction between bribery and facilitation or "grease payments", which may be permissible if they are not against local laws. A company's legal department generally still has to approve such payments. The primary distinction is that grease payments are made to an official to expedite his performance of the duties he is already bound to perform.

Notable cases of the application of FCPA are with Lucent Technologies and Invision Technologies.

The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (Public Law 107-56), known as USA PATRIOT Act or simply the Patriot Act, is an American act which President George W. Bush signed into law on October 26, 2001. The Act passed in the Senate by a vote of 98 to 1, and in the House by a vote of 357 to 66. Although the Patriot Act has overwhelming support at all levels of the the federal government, Some feel to be over reaching and highly controversial.

Originally passed after the September 11, 2001 attacks on the World Trade Centers in New York, New York; the Act (full text) was formed in response to the terrorist attacks against the United States, and dramatically expanded the authority of American law enforcement for the stated purpose of fighting terrorism in the United States and abroad. It has also been used to detect and prosecute other alleged potential crimes, such as providing false information on terrorism. Federal courts declared some sections unconstitutional because they interfere with civil liberties. It was renewed on March 2, 2006 with a vote of 89 to 11 in the Senate and on March 7 280 to 138 in the House. The renewal was signed into law by President Bush on March 9, 2006.

Some of the more controversial provisions of USA PATRIOT act were largely inspired by the RICO act, which restricted due process for individuals involved in organized crime, racketeering, and drug trafficking. The USA PATRIOT Act essentially extended the qualifications to those involved in terrorism.

Among laws which the USA PATRIOT Act has amended are immigration laws, banking laws, and money laundering laws. It also amended the Foreign Intelligence Surveillance Act (FISA).

With respect to terrorism definitions, for example, section 802 of the Act created the new crime category of "domestic terrorism." According to this provision, which is found in the U.S. criminal code at 18 U.S.C. § 2331, domestic terrorism means activities that (A) involve acts dangerous to human life that are a violation of the criminal laws of the U.S. or of any state, that (B) appear to be intended (i) to intimidate or coerce a civilian population, (ii) to influence the policy of a government by intimidation or coercion, or (iii) to affect the conduct of a government by mass destruction, assassination, or kidnapping, and (C) occur primarily within the territorial jurisdiction of the U.S.

Section 2331 also includes the crime of international terrorism, which is identical to domestic terrorism, except that it transcends national boundaries. But this provision predates the Act.

Other terrorism definitions are found in section 411 of the Act, which amends sections 212 and 219 of the Immigration and Nationality Act (INA). 8 U.S.C. § 1182 (which is INA sec. 212) relates to "Excludable Aliens." This is where the definitions of "terrorist activity" and "terrorist organization" may be found. 8 U.S.C. § 1189 (INA s. 219) provides for the designation of foreign terrorist organizations.

These provisions interact with other provisions in the criminal code, for example, 18 U.S.C. § 2339A and 18 U.S.C. § 2339B, which criminalize "material support" to terrorists and to foreign terrorist organizations, respectively, drawing on the INA terrorism definitions.

In 1978, the Foreign Intelligence Surveillance Act (FISA) was passed to produce legal guidelines for federal investigations of foreign intelligence targets. Among the rules put in place were regulations governing:

Electronic Surveillance
Physical Searches
Pen registers and Trap and trace devices for Foreign Intelligence Purposes
Access to certain Business Records for Foreign Intelligence Purposes
In addition to defining how foreign intelligence investigations were to be performed, FISA also defined who could be investigated. Only foreign powers or agents of foreign powers were to be subject to FISA investigations. Thus, targets are primarily those foreign persons who are engaged in espionage or international terrorism. Section 6001 of the Intelligence Reform and Terrorism Prevention Act of 2004, expanded FISA to permit targeting of so-called "lone wolf" terrorists without requiring any showing that they are members of a terrorist group or agents of such a group or of any other foreign power.

The USA Act (Public Law 107-56) was passed on October 12, 2001, and subsequently folded into the USA PATRIOT Act. Under the USA Act, a terrorist who was not an agent of a foreign power could be the target of a federal investigation of foreign intelligence.

The Financial Anti-Terrorism Act was passed on October 17, 2001 by both Houses and also folded into the USA PATRIOT Act. It increases the federal government's powers to investigate and prosecute the financial supporters of terrorism.

Introduced into the House of Representatives as H.R. 3162 by Congressman James F. Sensenbrenner (R, WI), the Act swept through Congress remarkably quickly and with little dissent. House Resolution 3162 was introduced in the House of Representatives on October 23, 2001. Assistant Attorney General Viet D. Dinh and future Secretary of Homeland Security Michael Chertoff were the primary drafters of the Act. The bill passed in the House of Representatives on October 24, 2001, and in the Senate (Senator Russ Feingold (D-WI) cast the lone dissenting vote, and Senator Mary Landrieu (D-LA) was the sole non-voting member) on October 25, 2001. President George W. Bush signed the bill into law on October 26, 2001. The original Act had a sunset clause to ensure that Congress would need to take active steps to reauthorize it. Like many sweeping reform laws, the people of the United States needed time to test and implement its measures before deciding what provisions to keep and which to modify. One of the challenges to the original Act had been perceived civil liberties intrusions. The reauthorization resolution passed in 2006 contained the following civil liberties protections ("Safeguards")[1]:

Requiring High-Level Approval and Additional Reporting to Congress for Section 215 Requests for Sensitive Information Such as Library or Medical Records: Without the personal approval of one of these 3 officials (FBI Director, Deputy Director or Official-in-Charge of Intelligence), the 215 order for these sensitive categories of records may not be issued.
Statement of Facts Showing Relevance to a Terrorism or Foreign Spy Investigation Required for Section 215 Requests: The conference report requires that a Section 215 application must include a statement of facts demonstrating that the records sought are "relevant" to an authorized investigation to obtain terrorism or foreign intelligence information. This statement of facts civil liberty safeguard contained in the conference report does NOT exist under current law.
Explicitly Allowing a United States Foreign Intelligence Surveillance Act (FISA) Court Judge to Deny or Modify a Section 215 Request: The PATRIOT Act conference report explicitly provides a FISA Court judge the discretion to not only approve or modify a Section 215 application, but also to deny an application.
Requiring Minimization Procedures to Limit Retention and Dissemination of Information Obtained About U.S. Persons From Section 215 Requests: The PATRIOT Act conference report requires that the Attorney General create minimization procedures for the retention and dissemination of this data and that the FBI use these procedures. This civil liberty safeguard is not contained in current law and was requested by Senator Leahy.
Explicitly Providing for a Judicial Challenge to a Section 215 Order: Current law requires judicial review before a Section 215 can be issued. The pending PATRIOT Act conference report explicitly established a judicial review process after the 215 order has been issued, to allow the recipient of a 215 order to challenge the order before the FISA Court.
Explicitly Clarifying that a Recipient of a Section 215 Order May Disclose Receipt to an Attorney or Others Necessary to Comply with or Challenge the Order: Current law is silent as to whether a 215 order recipient may disclose the receipt of such an order to an attorney to comply with the order. The pending PATRIOT Act conference report clarifies this issue by stating explicitly that the recipient of a 215 order may disclose receipt to an attorney or others necessary to comply with or challenge the order.
Requiring Public Reporting of the Number of Section 215 Orders: At the request of Senator Leahy and other Senate Democratic conferees, the PATRIOT Act Conference report requires the Justice Department to report to the public annually the aggregate number of Section 215 applications submitted, approved, modified, and denied.
Requiring the Justice Department's Independent Inspector General to Conduct an Audit of Each Justice Department Use of Section 215 Orders: The PATRIOT Act conference report provides additional public information and congressional oversight by requiring the Justice Department's independent Inspector General to conduct an audit for each Justice Department use of Section 215 orders.
Explicitly Providing for a Judicial Challenge to a National Security Letter (NSL): Current Law does not specify that an NSL can be challenged in court and provides no process for challenging an NSL. The conference report provides explicit authority to challenge in court an NSL under all existing statutes authorizing NSLs. This civil liberty safeguard is stronger than the Senate-passed bill, which only addressed one of the NSL statutes, does not exist under current law, and was written by Rep. Jeff Flake (R-Ariz.).
Explicitly Clarifying that a Recipient of a National Security Letter (NSL) May Disclose Receipt to an Attorney or Others Necessary to Comply with or Challenge the Order: Current law is silent as to whether an NSL may disclose the receipt of such an order to an attorney to comply with or challenge the order. The pending PATRIOT Act conference report clarifies this issue by stating explicitly that the recipient of an NSL may disclose receipt to an attorney or others necessary to comply with or challenge the order.
Providing that a Nondisclosure Order Does Not Automatically Attach to a National Security Letter (NSL): Instead, a nondisclosure requirement will attach to an NSL only upon a certification by the government that disclosure could cause one of the harms specified in the conference report, such as endangering a witness or threatening national security.
Providing Explicit Judicial Review of a Nondisclosure Requirement to a National Security Letter (NSL): The NSL recipient may challenge the nondisclosure requirement in the U.S. district court for the district in which the recipient does business or resides.
Requiring Public Reporting of the Number of National Security Letters (NSLs): At the request of Senator Leahy and other Senate Democratic conferees, the PATRIOT Act conference report includes – for the first time – public reporting on the aggregate number of NSLs requested for information about U.S. persons.
Requiring the Justice Department’s Independent Inspector General to Conduct Two Audits of the Use of National Security Letters (NSLs): The PATRIOT Act conference report provides additional public information and congressional oversight by requiring the Justice Department’s independent Inspector General to conduct two audits on the use of NSLs during the years 2003 - 2006.
Requiring Additional Reporting to Congress by the Justice Department on Use of National Security Letters (NSLs): Specifically, the conference report requires the House and Senate Judiciary Committees to receive all classified reports regarding use of NSLs; currently these committees only receive classified reports under one of the five statutes authorizing NSLs.
Requiring the Justice Department to Re-Certify that Nondisclosure of a National Security Letter (NSL) is Necessary: If an NSL recipient challenges the prohibition on disclosure more than a year after the NSL is issued, the Justice Department must re-certify that nondisclosure is necessary, or else the nondisclosure requirement lapses.
Narrowing the Deference Given to the Justice Department on a National Security Letter (NSL) Nondisclosure Certification: At the request of Senator Leahy, this heightened degree of deference is only provided to certifications made by a few Senate-confirmed officials at the time the nondisclosure petition is filed.
Requiring a Report to Congress on Any Use of Data-Mining Programs by the Justice Department: The PATRIOT Act conference report enhances congressional oversight of data-mining programs by requiring the Justice Department to report to Congress on the use or development of any of these programs by the Justice Department.
Requiring Notice Be Given on Delayed-Notice Search Warrants Within 30 Days of the Search: The PATRIOT Act reauthorization conference report narrows and clarifies the reasonable amount of time standard by providing a Court the discretion to delay notice for up to 30 days after the search is executed.
Limiting Delayed-Notice Search Warrants Extensions to 90 Days or Less: The PATRIOT Act conference report narrows and clarifies the permissible delayed-notice extension period by providing a Court the discretion to extend the delay of notice for up to 90 days.
Requiring an Updated Showing of Necessity in Order to Extend the Delay of Notice of a Search Warrant: To ensure that a Court considering extending a delay of notice has the best and most up-to-date information, the PATRIOT Act conference report requires an updated show of necessity by the applicant in order to extend the delay of notice of a search warrant.
Requiring Annual Public Reporting on the Use of Delayed-Notice Search Warrant: Specifically, the annual public report will include the “number of applications for warrants and extensions of warrants authorizing delayed notice, and the number of such warrants and extensions granted or denied during the preceding fiscal year.”
Requiring Additional Specificity from an Applicant Before Roving Surveillance May be Authorized: The PATRIOT Act conference report addresses concerns about vagueness in applications for “roving” wiretaps in foreign spying and terrorism investigations by requiring additional specificity in these applications in order for a FISA Court judge to consider authorizing a “roving” wiretap.
Requiring Court Notification Within 10 Days of Conducting Surveillance on a New Facility Using a “Roving” Wiretap: The PATRIOT Act conference report addresses concerns the “roving” wiretap authority could be abused by requiring the investigators to inform the FISA Court within 10 days when the “roving” surveillance authority is used to target a new facility.
Requiring Ongoing FISA Court Notification of the Total Number of Places or Facilities Under Surveillance Using a “Roving” Wiretap: The PATRIOT Act conference report enhances judicial oversight to address any concerns that the “roving” wiretap authority could be abused. Specifically, the conference report requires the FISA Court to be informed on an ongoing basis of the total number of places or facilities under surveillance using a “roving” wiretap authority.
Requiring Additional Specificity in a FISA Court Judge’s Order Authorizing a “Roving” Wiretap: The PATRIOT Act conference report addresses concerns about vagueness about the target in a FISA Court judge’s order authorizing a “roving” wiretap in foreign spying and terrorism investigations by requiring additional specificity.
Providing a Four-Year Sunset on FISA “Roving” Wiretap: Despite no evidence that the FISA “roving” wiretap authority has been abused, the PATRIOT Act conference report aggressively attempts to avoid any potential abuse of FISA “roving” wiretaps by providing a four-year sunset of this authority.
The Library of Congress' legislative history website, THOMAS, tracks the 45-day passage of the 300-plus page act, including links to successive versions.

The Act has ten titles, each containing numerous sections. These are:

Title I: Enhancing Domestic Security against Terrorism deals with measures that counter terrorism
Title II: Enhanced Surveillance Procedures gave increased powers of surveillance to various government agencies and bodies. There were 25 sections, with one of the sections (section 224) containing a sunset clause.
Title III: International money laundering abatement and anti-terrorist financing act of 2001
Title IV: Protecting the border
Title V: Removing obstacles to investigating terrorism
Title VI: Providing for victims of terrorism, public safety officers and their families
Title VII: Increased information sharing for critical infrastructure protection
Title VIII: Strengthening the criminal laws against terrorism
Title IX: Improved intelligence
Title X: Miscellaneous

The Act mostly incorporates the provisions of the earlier anti-terrorism USA Act (H.R. 2975 and S. 1510). The Senate passed the USA Act on October 11, 2001. The House passed it on October 12, 2001. The primary differences between the USA Act and the USA PATRIOT Act are:

The inclusion of the Financial Anti-Terrorism Act (H.R. 3004), which expands money laundering abatement to international terrorism.
Immunity against prosecution for the providers of wiretaps in accordance with the Foreign Intelligence Surveillance Act of 1978.
Request for a report on integrating automated fingerprint identification for ports of entry into the United States.
Start of a foreign student monitoring program.
Request for machine readable passports.
Prevention of consulate shopping.
Expansion of the Biological Weapons Statute.
Clearer definition of "Electronic Surveillance"
Miscellaneous benefits for victims of the September 11 attack and extra penalties for those who illegally file for such benefits.
Much criticism against the 2001 Act had been directed at the provisions for Sneak-and-Peek searches — a term coined by the FBI. Critics argued that Provision 213 authorizes "surreptitious search warrants and seizures upon a showing of reasonable necessity and eliminates the requirement of Rule 41 of the Federal Rules of Criminal Procedure that immediate notification of seized items be provided."[2]

In special cases covered by FISA (amended by the USA PATRIOT Act), the warrants may come from the Foreign Intelligence Surveillance Court (FISC) instead of a common Federal or State Court. FISC warrants are not public record and therefore are not required to be released. Other warrants must be released, especially to the person under investigation.

A second complaint against Sneak-and-Peek searches is that the owner of the property (or person identified in business/library records) does not have to be told about the search. There is a special clause that allows the Director of the FBI to request phone records for a person without ever notifying the person. For all other searches, the person must be notified, but not necessarily before the search. The judge providing the warrant may allow a delay in notification when there is risk of:

endangering the life or physical safety of an individual;
flight from prosecution;
destruction of or tampering with evidence;
intimidation of potential witnesses; or
otherwise seriously jeopardizing an investigation or unduly delaying a trial.
The delays are on average 7 days, but have been as long as 90 days. [1] Section 213, which federal agencies report they have used 155 times since 2001, does not expire later this year like other USA PATRIOT Act provisions.

The American Civil Liberties Union argues that the term "serious jeopardy" is too broad "and must be narrowly curtailed."[3]

However, "sneak and peek" searches have been in use for a long time in criminal cases. Title II of the USA PATRIOT Act was intended to bring the monitoring of foreign powers and the agents of foreign powers into line with such criminal legislation. The main difference between criminal and FISA delayed notification on search warrants is that FISA warrants use a different legal standard when approving such orders (they use reasonable cause, not probable cause).

Perhaps the most controversial section of the original Act was Section 215, dealing with a very narrow, implied right of federal investigators to access library and bookstore records. Section 215 allows FBI agents to obtain a warrant in camera (in secret) from the United States Foreign Intelligence Surveillance Court for library or bookstore records of anyone connected to an investigation of international terrorism or spying. On its face, the section does not even refer to "libraries," but rather to business records and other tangible items in general.[4] Civil libertarians and librarians in particular, argue that this provision violates patrons' human rights and it has now come to be called the "library provision." The Justice Department defends Section 215 by saying that because it requires an order to be issued by a FISA Court judge, it provides better protection for libraries.

On August 26, 2005, The New York Times reported that according to the ACLU, the FBI is demanding library records from a Connecticut institution as part of an intelligence investigation. This would be the first confirmed instance in which the Federal Bureau of Investigation has sought library records, federal officials and the ACLU said. Interestingly, though, the government did not seek the records under section 215, but instead used "National Security Letters," which are the FISA equivalent of grand jury subpoenas and do not require a court order and thus are easier to use than section 215. [5]

It is uncertain how many individuals or organizations have been charged or convicted under the Act. Throughout 2002 and 2003, the Department of Justice refused to release numbers. Former Attorney General John Ashcroft in his 2004 statement The Department of Justice: Working to Keep America Safer reported that there have been 368 individuals criminally charged in terrorism investigations, and later used the numbers 372 and 375. Of these he stated that 194 (later 195) resulted in convictions or guilty pleas. (The original statement [6]; the statement is reduced to a bullet list in 2004 Criminal Division Annual Report on page 9.). In June 2005, President Bush stated terrorism investigations yielded over 400 charges, more than half of which resulted in convictions or guilty pleas. In some of these cases, federal prosecutors chose to charge suspects with non-terror related crimes for immigration, fraud and conspiracy.

On September 11, 2005 the American Civil Liberty Union reports[7]:

30,000 National Security Letters Issued Annually Demanding Information about Americans: USA PATRIOT Act Removed Need for FBI to Connect Records to Suspected Terrorists
[...] According to the Washington Post, universities and casinos have received these letters and been forced to comply with the demands to turn over private student and customer information. Anyone who receives an NSL is gagged - forever - from telling anyone that the FBI demanded records, even if their identity has already been made public.
In New York and Connecticut, the ACLU has challenged the NSL provision that was dramatically expanded by Section 505 of the USA PATRIOT Act. The legislation amended the existing NSL power by permitting the FBI to demand records of people who are not connected to terrorism and who are not suspected of any wrongdoing. [...]

Provisions that would expire (original version)
§201. Authority To Intercept Wire, Oral, And Electronic Communications Relating To Terrorism.
§202. Authority To Intercept Wire, Oral, And Electronic Communications Relating To Computer Fraud And Abuse Offenses.
§203(b), (d). Authority To Share Criminal Investigative Information.
§206. Roving Surveillance Authority Under The Foreign Intelligence Surveillance Act Of 1978.
§207. Duration Of FISA Surveillance Of Non-United States Persons Who Are Agents Of A Foreign Power.
§209. Seizure Of Voice-Mail Messages Pursuant To Warrants.
§212. Emergency Disclosure Of Electronic Communications To Protect Life And Limb.
§214. Pen Register And Trap And Trace Authority Under FISA.
§215. Access To Records And Other Items Under FISA.
§217. Interception Of Computer Trespasser Communications.
§218. Foreign Intelligence Information. (Lowers standard of evidence for FISA warrants.)
§220. Nationwide Service Of Search Warrants For Electronic Evidence.
§223. Civil liability For Certain Unauthorized Disclosures.
§224. Sunset. (self-cancelling)
§225. Immunity For Compliance With FISA Wiretap.

Provisions that are permanent (original version)
§203(a), (c). Authority To Share Criminal Investigative Information.
§205. Employment of Translators by the Federal Bureau of Investigation.
§208. Designation Of Judges.
§210. Scope Of Subpoenas For Records Of Electronic Communications.
§211. Clarification Of Scope (privacy provisions of Cable TV Privacy Act overridden for communication services offered by cable providers, but not for records relating to cable viewing.)
§213. Authority For Delaying Notice Of The Execution Of A Warrant—"Sneak and Peek"
§216. Modification Of Authorities Relating To Use Of Pen Registers And Trap And Trace Devices.
§219. Single-Jurisdiction Search Warrants For Terrorism.
§221. Trade sanctions.
§222. Assistance To law enforcement agencies.

Kaseya Update

2007-03-08T06:41:00.000-08:00

Well the jury is in on Kaseya. The product itself comes across as a valuable tool, however; there are several cultural concerns worth mentioning.

First off, the monthly service fee is very high considering the patches being provided are based upon a free feed Microsoft provides. There is something about charging for a free feed that just does not sit well with me from an integrity perspective.

My additional concern is that the sales associates were quick to drop prices and to attempt high pressure closing techniques by saying, this price is only good for this amount of time. They also attempted to push for us to close the deal so they could obtain their comission in February rather than March. Evaluating what is best for a client has nothing to do with their comission, so once again the sales person managed to alienate me. Incidentally, for the sales people who are interested in ever sellings me something please note: hardline sales tactics only annoy me when I am evaluating a product. It's a bad idea! You are better off focusing on building the relationship and making sure that my needs are being properly met. If they can not be met, have the integrity to say so and ask me to go elsewhere. I will have more respect for you and your company.

Why We Audit Information Technology

2007-03-08T06:38:00.000-08:00

Regarding the protection of information assets, one purpose of an IT audit is to review and evaluate an organization's information system's availability, confidentiality, and integrity by answering questions like:

Will the organization's computer systems be available for the business at all times when required? (Availability)
Will the information in the systems be disclosed only to authorized users? (Confidentiality)
Will the information provided by the system always be accurate, reliable, and timely? (Integrity).

Types of IT:

Systems and Applications: an audit to verify that systems and applications are appropriate to the entity's needs, are efficient, and are adequately controlled to ensure valid, reliable, timely, and secure input, processing, and output at all levels of a system's activity.

Information Processing Facilities: an audit to verify that the processing facility is controlled to ensure timely, accurate, and efficient processing of applications under normal and potentially disruptive conditions.

Systems Development: an audit to verify that the systems under development meet the objectives of the organization, and to ensure that the systems are developed in accordance with generally accepted standards for systems development.
Management of IT and Enterprise Architecture: an audit to verify that IT management has developed an organizational structure and procedures to ensure a controlled and efficient environment for information processing.

Client/Server, Telecommunications, Intranets, and Extranets: an audit to verify that controls are in place on the client (computer receiving services), server, and on the network connecting the clients and servers.

Information Technology Audit Process
The following are basic steps in performing the Information Technology Audit Process:

Planning
Studying and Evaluating Controls
Testing and Evaluating Controls
Reporting
Follow-up

Kaseya Evaluation

2007-02-28T22:53:00.000-08:00

I have been evaluating a managed services product known as Kaseya for the past month. The product provides built in help desk, remote control management, scripted installations, audit, inventory, patch management, roll back, and backup components all within on web based console. The application comes across as a very rich feature set and is rather easy to install and use. However, the price tag on this particular application is not for those who lack financial resources. Kaseya is an ideal product for an enterprise environment that cares about restoring quality of life to it's IT staff. The tools provided can not only make support easier, but they can also permit less personnel to support larger groups of individuals. This in turn can permit reduced staffing costs or free up resources for additional projects. I will be writing more about Kaseya as the evaluation period continues. Check back soon for an update.

February 26, 2007 another "award"

2007-02-26T14:42:00.000-08:00

Poetry.com sent me a mailing today specifying that my work has been selected for an "award". Of course, for me to obtain a copy of the award, the CD they want my permission to record my work upon, and a book containing my work; I am expected to pay $49.00 So much for getting paid for creative abilities. I am just sending a reply that says no thanks.

The Value of Holistic Service

2007-02-20T04:47:00.000-08:00

In many of the IT Organizations I've serviced, the focus has been on running around like a chicken without a head as multiple fires are treated. All too often, the treatment amounts to little bandaids that help the business get through the day, but allows the wound to fester. In light of many of the available remote management tools such as Altiris, SMS, MOM, WSUS, CA Worldview, Dameware, VNC, Enteo, and Kaseya. Any shop that is still running around like a chicken without a head needs to educate the chickens that root cause analysis and a proactive, anticipatory approach to support will provide better business value. In the world of technology, there is always something new. The latest and greatest may not be the best thing, but there should be a mechanism in place for evaluating various products without implementing them into production environments. In light of virual machine environments capabilities, there is no legitimate excuse not to have some sort of testing/lab environment. Cost is not an acceptable excuse, as the cost of implementing something new into a production environment could very well cause a significant business impact that will result in downtime. No matter how you look at it, downtime always translates to a financial loss. So, what is a chicken to do? My answer is learn the apply the philosophy of Chinese medicine towards technology support. The cultural focus in this approach is on proactively keeping the patient healthy, as oppossed to just treating symptoms with radical measures or bandaids. The best thing a technology professional can do for their client is to really obtain an understanding of the client's business. Understand process flows and how the client earns a living. Once this concept is well understood, begin looking at how things flow and ask questions. Very often, this is a great way to uncover inefficiences that can be streamlined with some old fashioned re-engineering techniques. In my years of consulting, what thing that always holds true is that the client is often too close to the problem to really see it. This is where the consultant can come in and act like the therapist that holds up the mirror to convey to the client how they are living in the world. Furthermore, the real value of the holistic approach is that it helps to avoid many problems because it forces better planning and communication. This in turn, helps to build much stronger relationships. If the old adage, "People don't care how much you know until they know how much you care" holds true, then the holistic service approach is a symbiotic winner across the board.

Flawed Bean Counter Logic in Investment Banking Technology

2007-02-18T18:40:00.000-08:00

From my perspective, many of the bean counters in corporate financial services organizations have a flawed sense of logic. I spent several years consulting for one of the largest investment banks in North America. One of the main problems we heard about on a regular basis what that of missing equipment, especially laptops. Rather than institue a real management policy, the powers that be would task technicians with surveying desks and logging what equipment was present. This was a nice idea, however; there was no provision for missing equipment. These folks believed in working their teams harder, rather than working smarter as a team.

In my experience, this working smarter as a team provision could have been implemented at the purchasing level.

Now, when you think about this carefully, you would expect an investment bank to do everything possible to safeguard their technology investments as well as the data residing on their laptops. In my professional experience this is not the case at all in many environments.

On several occassions, I suggested to senior management that they ought to implement a program known as Computrace. For those of you who are unfamiliar with Computrace, think of it as lo-jack for laptops. The way this product works in quite unique, as you register the serial number for the laptop into a master database. If the laptop comes up missing, it can be tracked regardless of what OS is placed on it, or how many times the hard drive is formatted. Furthermore, this tracking mechanism enables an investigator to trace the laptop back to the thief.

You see, my thinking is quite simple. If someone steals your property, and you have a means of recovering that property, you should use the available means. This is especially true in the case of laptops, as it is very easy to make them walk out of a company that does not institute a proper equipment check in and check out policy. More important the the equipment loss, is the potential data loss and corporate integrity. Financial institutions are expected to be sanctuarys for information and funds. Unfortunately, many of the bean counters who run the IT departments are penny wise and pound foolish. The next time you run into one who does not have a program like computrace to protect their laptops, ask them why not? If they say it's too expensive, ask them what price they place on safeguarding data and the bank's reputation. You just might be surprised at the various answers you get. Especially if you are banking in Canada.

35 Trips Around The Sun and Counting

2007-01-25T14:05:00.000-08:00

Today is a milestone in my personal life. I can now officially run for President of The United States. Suffice it to say, until someone decides to begin an exploratory committee to determine whether or not my views are marketable to the American public, I will not be quitting my day job anytime soon.

Then again, perhaps my project managemnt and value added style is exactly what is needed to resolve the lingering problems that seem to never go away. I would venture to guess that most politicians are not formally educated in Project Management Institute practices. I would also suspect that many of them are not intimately familiar with project risk management and business continuity planning. From my perspective our political leaders focus more on getting re-elected and less on solving real problems. Solving problems and getting the their root cause is something I do on a daily basis. Does this qualify me to run the most powerful nation on earth? According to our Constitution, I only need to be born here in the United States and 35 years of age. Talk about low expectations. Truth be told, most of the people who would be good leaders have no desire to become President because of the lack of privacy and the media circus it creates. Sadly, this has allowed our Nation to fall victim to Political leaders who promote their own agenda rather than what's in the best interest for the masses. I am a firm believer in common sense and I think that our leaders should be focusing on domestic issues first. There is no valid reason why people should be hungry, or without health care, or lacking an education if they are willing to work. Yesterday I saw a Walmart greeter with no arms and legs proudly performing his job. Here was a person who could have easily looked for a handout and received it, yet his own sense of pride and self worth pushed him to put on his uniform and greet every patron with a genuine hello. I remember thinking that I wish more workers had this person's sense of enthusiasm. If you couldn't tell from the title of this post, Jimmy Buffett is one of my favorite creative personalities. Many know of his music, but he is also a writer, film maker, and humanitarian. In one of his songs he asks a cheerful street sweeper why he sweeps so cheerfully. The sweeper just replies, "It's my job". I believe that the secret to success is taking care of yourself, working diligently at whatever task you are performing, and serving others. Deep down inside we are all the captain of our soul and the master of our destiny. Thus far I have enjoyed 35 trips around the sun. When I reflect back on my past, I see a series of learning experiences that have helped to define who I am today. Some have joked with me that I am now officially middle aged and entitled to my mid-life crisis. All I can say is that the gift of life is anything but a crisis. It's a gift. Each day is a miracle. I hope I am blessed enough to share many more miracles with the people I love.

Despite What You've Heard, Making Money Online is Not As Easy As Others Will Lead You To Believe.

2007-01-25T02:41:00.000-08:00

This is not to say that it can't be done, it can. However, you must be ready to really put in alot of time and energy on writing copy, and content. You also must find the right types of advertisers for your website. In addition, the most important piece of the equation is finding and retaining quality traffic on a consistent basis to make your web real estate a worthwhile proposition for the advertisers you want. If you think this sounds easy, take a good look at the exponentially growing competition that is out there and define your niche and what makes you different. In addition to proper planning, you also have to consider design elements. Well written copy combined with easy navigation and simplicity is generally a better practice than overwhelming your visitor with excessive media, advertisements and pop ups. When someone visits your site, you want to make the visit a pleasant experience so the person will keep coming back. What's your hook? How are you going to keep them coming back for more?

In my own little web world, my hook is the content I provide based on over fourteen years of industry experience and painstaking research that can add value to your own business technology challenges.

For example, many webmasters are always looking for advertising revenue resources for their websites. One of my web advertising resources once told me that web content should be relevant to the site, but should also be monetized if you want to earn a living from it. The advice makes sense, but I still believe there has to be a balance between commericial advertising and content. In my early advertising days at Z100 radio, I can recall what Steve Kingston, the program director at the time used to say, "Sales is four doors down on the left." His message was terse, but the root of what he meant was that without the content to keep people entertained, sales efforts are moot. There is certainly alot of truth to that, however; the flip side is that the fruit of the sales efforts is what ultimately pays the creative personnel the large salaries they demand. I often wondered how these two adverse departments would make out if they changed their relationship from step children who are forcing diplomatic relationships to creative partners who have a clear vision of each other's goals and expectations and truly partner to help one another. I suspect the latter approach would be more successful, but the challenge of implementing it is nearly as difficult as finding and maintaining quality traffic. Yet, there are people who have managed to earn substantial livings from doing just that. Is it impossible? The folks at Ezanga.com, Adorigin.com, and Blowsearch.com certainly don't think it's impossible because they have been doing it consistently. But they are not the only ones. There are folks who pick unique niche markets and focus on getting on the traffic they can from that particular market. A good example is vinduvin.com, a portal that is focused on mapping out vineyards all over the world. The owner of vinduvin is a good friend and colleague of mine. He is also very passionate about wine. The forums he developed are a great resource for anybody wanting to know particulars, and they are a great example of a good hook for repeat traffic. In addition, when you look at the design for Vinduvin.com or even Ezanga.com you will notice it is clean, simple and eye-catching. The artwork is done in a manner that draws your attention to key areas. This is not something you can just bang out with a simple frontpage template. Not if you really want to stand out from the pack. Speaking of standing out from the pack, in addition to publishing and advertising, there are other ways of earning revenue online by buying and selling domain names. If you want to know more about this method....

Click Here!

Offshore Development = Buyer Beware

2007-01-22T07:38:00.000-08:00

One of my mentors teaches classes in requirements gathering for development projects as well as project risk management for one of the leading training facilities in the country. Each week he meets technology executives and members of their staff who must accomplish very specific business driven technology initiatives. When these individuals come into a classroom environment to talk shop, it serves as an informal panel discussion. Without fail, when the topic of offshore development comes up, so do the groans and stories of painful experiences.

Outsourcing development projects can be a very costly and risky proposition if it's not handled properly. The challenges you will face include time zone differences, cultural differences and most importantly; communication disconnects where what you think the person understood you specify is not exactly what they heard. The feedback I have heard thus far is that the quality of work is often substandard, but it will hold up to service level agreement specifications. The analogy presented to me was that you can sometimes use a flat head screwdriver to screw in a Phillips head screw, but it's not the best way to get the job done. The job gets done, but the screw might be slightly damaged, or perhaps it's just not tight enough and will become a problem later. Most importantly, many large companies that attempted off shoring development efforts, had to throw away the work and start over from scratch here in the States. For whatever reason, there has been a cultural shift where buyers are attempting to obtain more for less without a regard for quality. If this trend does not stop and begin focusing once again upon quality and doing the job right the first time, I fear many companies will suffer financial losses as well as morale problems and customer retention. Ultimately, the customers you want will expect a quality product that is competitively priced.

Microsoft 2007 Launch Events

2007-01-15T05:15:00.000-08:00

As a professional consultant, I try to stay technology neutral, however; given Microsoft's dominance of the technology landscape, I think it is appropos to share information pertaining to official product launches.

As such, here is the link for Microsoft's 2007 Launch events pertaining to various products:

http://www.microsoft.com/business/launch2007/signup/default.mspx

How Communication Can Make or Break The Business

2007-01-14T09:19:00.000-08:00

Twelve years ago, several friends of mine set out to build an Internet advertising company. Out of respect for their privacy, and their current endeavors, I have changed the names to protect the guilty.

"Mark" had grown up with "Doug" and "Jim". Both "Doug" and "Jim" were brothers. I was a mentor to Mark and really got him started in the IT industry. He took to it well and learned very quickly. He also had the charisma and drive necessary to succeed. We spent many hours discussing the potential of the Internet prior to the dot com boom. It turns out that those discussions planted the seeds for something much larger. As the dot com craze really began to develop, "Mark" remembered something I had told him years before: "One day, there will be enough people on the Internet, that advertising dollars with either make access free, or they will find a way to pay people for advertising space." It turns out that my prediction was true, and with limited development knowledge, Mark enlisted the support of "Eric", an experienced developer/Unix Admin as well as his two childhood friends. Together they built an incentive based internet banner distribution system that would actually offer people money for allowing their banner service to use "screen real estate" on their desktop. The screen real estate would serve Internet Banner advertisements and the incentive was pennies on each advertising detail that was made with each advertiser. For example, if the advertiser was paying 10 cents for the impression, the person providing the real estate would get 2 cents and the remaining 8 cents would go to the advertising network. The model was interesting and worked well for a while. In fact, a number of other competitors had jumped into the space, but they made a critical mistake: They took on too much debt and mismanaged their funds. Early on, I had advised Mark not to take on investors, but to grow slowly and with their own funds for as long as possible. My advice proved sound, as they survived the dot com crash, and leveraged their financial success into the next realm of Internet gold mining, namely key word advertising on search engines. Things were looking well from the outside, as the company was running media campaigns, sponsoring special events, and the money was rolling in hand over fist. Unfortunately, there was a huge internal problem that was festering. Ambivalence between the partners was spreading like a Cancer. The communications mechanism the partners had in place was not effective for handling the problem and the matter got worse. Partners began pointing fingers at one another and accusing each other of not pulling their share. They collectively lost sight of the team effort and lost sight of the fact that there is no I in the word team. More importantly, lifelong friendships, and a family relationship were severed as a result of greed, law suits, mistrust and deception. The promising company decayed from within because they lacked the right process and people to help them through this challenge. In addition to destroying friendships, family bonds, and business relationships, the legal costs involved were astronomical. The problem here was never one of technology. The problem was people and process, or more simply and effective communications mechanism.

Now Mark and Eric have started up their own endeavor and appear to be successful with it. Doug now runs the old business and I have no idea what his brother Jim is doing. Doug recently called me to invite me to his wedding. He told me he feels bad about what happened and wishes the others would realize that "business is business and friendship is friendship". He misses his friends and his brother. Yet, he tells me he is happier now than he was before. In light of all the legal battles and ruined relationships, I have to wonder about his happiness claim. From my perspective, with the right process and people to guide them through the difficult periods, the four of them could still be accomplishing great things together. Anybody can make money. Managing relationships properly is an art. So is knowing when to partner. At Russell Nomer consulting, we can assist with vetting out these sorts of situations. The value we can bring in this sort of engagement is priceless.

About Electronic SPAM

2007-01-14T09:02:00.000-08:00

There are certain third party products such as Plaxo or Cardscan.net that allow business professionals to upload their business contacts to a web based repository. The keepers of the repository will periodically email the contacts with a review request to determine if the contact information is up to date. Be warned when using these sorts of services, as corporate email administrators might regard the update requests as SPAM. Although there are formal definitions of SPAM, some email administrators are very subjective about the formal definition. The remainder of this article is for those individuals who need to better educate themselves as to what SPAM really is. Incidentally, one of my consulting specialities is messaging systems. If you are looking for a comprehensive solution to combatting SPAM, my first reccomendation is a service known as Postini. If your are lacking budget for such a service, there are additional options such as Cloudmark, which I have found to be very effective in the residential markets.

According to Wikipedia, SPAM is defined as follows:

Spamming is the abuse of electronic messaging systems to send unsolicited, undesired bulk messages. While the most widely recognized form of spam is email spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, and mobile phone messaging spam.
Spamming is economically viable because advertisers have no operating costs beyond the management of their mailing lists, and it is difficult to hold senders accountable for their mass mailings. Because the barrier to entry is so low, spammers are numerous, and the volume of unsolicited mail has become very high. The costs, such as lost productivity and fraud, are borne by the public and by Internet service providers, which have been forced to add extra capacity to cope with the deluge. Spamming is widely reviled, and has been the subject of legislation in many jurisdictions.

E-mail spam is the most common form of internet spamming. It involves sending unsolicited commercial messages to many recipients. Unlike legitimate commercial e-mail, spam is generally sent without the explicit permission of the recipients, and frequently contains various tricks to bypass e-mail filtering.
Spammers obtain e-mail addresses by a number of means: harvesting addresses from Usenet postings, DNS listings, or Web pages; guessing common names at known domains (known as a dictionary attack); and "e-pending" or searching for e-mail addresses corresponding to specific persons, such as residents in an area. Many spammers utilize programs called web spiders to find e-mail addresses on web pages (see also address munging).
Many e-mail spammers go to great lengths to conceal the origin of their messages. They might do this by spoofing e-mail addresses (similar to Internet protocol spoofing). The spammer will modify the e-mail message so it looks like it is coming from another e-mail address. However, many spammers make it easy for recipients to identify their messages as spam by placing an ad phrase in the From field. Spammers try to circumvent the email filters by intentionally misspelling common spam filter trigger words. For example, "viagra" might become "vaigra", or other symbols may be inserted into the word as in "v/i/a/g./r/a". E-mail service providers have begun to use the misspellings themselves as a filtering test.
The most dedicated spammers—often those making a great deal of money or engaged in illegal activities, such as the pornography, casinos and Nigerian scam businesses—are often one step ahead of the providers. Retail e-mail services are updated constantly with improved spam filters, keeping track of spammers' technological progress by examining e-mails their users report as spam (many providers today have a prominent button to report spam).
So-called "spambots" are a major producer of e-mail spam. The worst spammers create e-mail viruses that render an unprotected PC a "zombie computer"; the zombie will inform a central unit of its existence, and the central unit will command the "zombie" to send a low volume of spam. This allows spammers to send high volumes of e-mail without being caught by their ISPs or being tracked down by antispammers; a low volume of spam is instead sent from many locations simultaneously.
Bill Gates, speaking at the World Economic Forum in Davos in January 2004, predicted that spam would soon be "a thing of the past", and that Microsoft was working on several temporary solutions, as well as on a permanent "magic solution", to spam. [1]

Messaging spam, sometimes termed spim (a portmanteau of spam and IM, short for instant messenger), makes use of instant messaging systems, such as AOL Instant Messenger or ICQ. Many IM systems offer a user directory, including demographic information that allows an advertiser to gather the information, sign on to the system, and send unsolicited messages. To send instant messages to millions of users requires scriptable software and the recipients' IM usernames. Spammers have similarly targeted Internet Relay Chat channels, using IRC bots that join channels and bombard them with advertising.
Messenger service spam has lent itself to spammer use in a particularly circular scheme. In many cases, messenger spammers send messages to vulnerable Windows machines consisting of text like "Annoyed by these messages? Visit this site." The link leads to a Web site where, for a fee, users are told how to disable the Windows messenger service. Though the messenger service is easily disabled for free, the scam works because it creates a perceived need and offers a solution. Often the only "annoying messages" the user receives through Messenger are ads to disable Messenger itself.

Chat spam can occur in any live chat environment like IRC and in-game multiplayer chat of online games. It consists of repeating the same word or sentence many times to get attention or to interfere with normal operations. It is generally considered very rude and may lead to swift exclusion of the user from the used chat service by the owners or moderators.
The application of the name "Spam" to unwanted communication originates in Chat-room spam. Specifically, it was developed in the chat-rooms of People-Link in the early 1980’s as a technique for getting rid of unwelcome newcomers. When someone would enter a chat-room full of friends who were in mid-conversation, and the newcomer tried to turn the conversation in an unwelcome direction (usually trolling for cybersex), two veteran members of the room would begin typing in the Monty Python “Spam” routine at high speed. They would fill the screen with “Spam Spam Spam eggs Spam Spam and Spam” etc, and make all other communication impossible. The other members of the room would just wait quietly until the newcomer got disgusted and moved on to a different room.

Newsgroup spam predates e-mail spam, and targets Usenet newsgroups and it consists of repetitious posting of a message (or substantially similar messages). The Breidbart Index was developed to provide an objective measure of the "spamminess" of a multi-posted or cross-posted message on Usenet. Spamming in an internet forum is when a user posts a message that is off-topic, has little relevance to the subject being discussed, or is a post that fails to contribute to the thread. Lastly, there is also the case where a person posts messages solely for the purpose of increasing his forum ranking.
Online message boards can sometimes be spammed with tens of thousands of meaningless messages in a few hours. The spam need not be restricted to the creation of new meaningless threads, it can involve the 'revival' of obsolete threads dating many weeks or months.
A recent form of forum spam is where a member registers, he/she never posts, but puts spam in his/her profile. (The members website is of porn or any other spam-related site.)
Mobile phone spam is directed at the text messaging service of a mobile phone. This can be especially irritating to customers not only for the inconvenience but also because of the fee that they are charged per text message. The term "SpaSMS" was coined at the adnews website Adland in 2000 to describe spam SMS.

Many online games allow players to contact each other via player-to-player messaging, chatrooms, or public discussion areas. What qualifies as spam varies from game to game, but usually this term applies to all forms of message flooding, violating the terms of service contract for the website.

Spamdexing (a portmanteau of spamming and indexing) refers to the practice on the World Wide Web of modifying HTML pages to increase the chances of them being placed high on search engine relevancy lists. It uses unethical means, "black hat SEO techniques." to unfairly increase the rank of sites in search engines. Many modern search engines modified their search algorithms to try to exclude web pages utilizing spamdexing tactics.

Blog spam, or "blam" for short is spamming on weblogs. In 2003, this type of spam took advantage of the open nature of comments in the blogging software Movable Type by repeatedly placing comments to various blog posts that provided nothing more than a link to the spammer's commercial web site. [2] Similar attacks are often performed against wikis and guestbooks, both of which accept user contributions.

The most common purpose for spamming is advertising. Goods commonly advertised in spam include pornography, unlicensed computer software, pills such as Viagra, credit card accounts, and fad products. Many of the products advertised are fraudulent in nature, such as quack medications and get-rich-quick schemes. Spam is frequently used to advertise scams, such as diploma mills, advance fee fraud, pyramid schemes, stock pump-and-dump schemes, and phishing.

There are a number of differences between spam and postal junk mail:
The costs of spam paid by the recipient's mail site, unlike junk postal mail, commonly approach or exceed the sender's costs, in terms of bandwidth, CPU processing time, and storage space. Spammers frequently use free dial-up accounts, so their costs may be minimal. Because of this offloading of costs, many consider spamming to be criminal conversion or theft.
Bulk mail is used by businesses that can be held responsible for what they send. Spammers frequently operate on a fly-by-night basis, using the anonymity of the Internet as their cover.
Postal junk mailers do not mask unsolicited pornographic material with a legitimate appearance so that it can be delivered to your mailbox. There are rules about the way sexually explicit materials are packaged, whereas spam has no limitations on what is viewable as soon as it is opened.
E-mail and other forms of spamming have been used for purposes other than advertisements. Many early Usenet spams were religious or political. Serdar Argic, for instance, spammed Usenet with historical revisionist screeds. A number of evangelists have spammed Usenet and e-mail media with preaching messages. A growing number of criminals are also using spam to perpetrate various sorts of fraud,[3] and in some cases have used it to lure people to locations where they have been kidnapped, held for ransom, and even murdered. [4]

In early July 2006 there has been an enormous increase in unsolicited messages from a spoofed address with approximately half a dozen random letter subjects, containing nothing but three lines from JRR Tolkien's The Hobbit. This follows fairly closely another similar form dubbed "discordian poetry" that appeared to used a random word generator of the same. The messages had no attempt to sell anything; it was theorised that this was a script kiddie ineptly running a spam suite. This was confirmed when shortly afterward the same format messages began appearing with image files overlaying the text (a common spam technique). It is suspected to be a variation from the same source and image overlays will begin appearing. [5]

Spamming has also been used as a denial of service ("DoS") tactic, particularly on Usenet. By overwhelming the readers of a newsgroup with an inordinate number of nonsense messages, legitimate messages and computing resources can be lost in the deluge. Since these messages are usually forged (that is, sent falsely under regular posters' names) this tactic has come to be known as sporgery (from spam + forgery). This tactic has for instance been used by members of the Church of Scientology against the alt.religion.scientology newsgroup (see Scientology versus the Internet) and by spammers against news.admin.net-abuse.email, a forum for mail administrators to discuss spam problems. Applied to e-mail, this is termed mailbombing. The Usenet Meow Wars (around 1996) were DoS attacks on various newsgroups aimed at specific posters that disrupted the newsgroups where they were active. The DoS attacks launched by Hipcrime, which continue today, are more crafted as DoS attacks on entire newsgroups. The alt.sex newsgroups were rendered uninhabitable by commercial porn site spammers, partially for advertising purposes and partially to destroy a perceived free competitor. (This spawned the creation of the moderated, unspammable soc.sexuality newsgroups.)
Forged e-mail spam has been used as a tool of harassment. The spammer collects a list of addresses, then sends a spam to them signed with the name of the person he or she wishes to harass. Some recipients, angry they received spam and seeing an obvious "source", will respond angrily or pursue revenge against the apparent spammer, the forgery victim. A widely known victim of this sort of harassment was Joe's CyberPost,[6] which has lent its name to the offense: it is known as a joe job. "Joe jobs" have been used against antispammers: in recent examples, Steve Linford of Spamhaus Project and Timothy Walton, a California attorney, have been targeted. Sometimes victims (such as ROKSO-listed spammers) are subscribed to lists that don't practice verified opt-in, such as magazine subscriptions and e-mail newsletters, a practise known as subscriptionbombing.
Spammers have abused resources set up for the purposes of anonymous speech online, such as anonymous remailers. Many of these resources have been shut down, denying their services to legitimate users.
E-mail worms or viruses may be spammed to set up an initial pool of infected machines, which resend the virus to other machines in a spam-like manner. The infected machines can often be used as remote-controlled zombie computers, for more spamming or DDoS attacks. trojans are spammed to phish for bank account details, or to set up a pool of zombies without using a virus.

The term "spamming" is used to mean something repetitious and disruptive by players ("spammers") of various video games, most often first-person shooters or fighting games. For shooters, it refers to "area denial" tactics—repeatedly firing rockets, grenades, explosive shells into an area—or to any tactic where a large volume of ammunition is expended in the hope of either scoring chance hits, covering teammates's advance with suppressive fire, clearing, or defending an area from an enemy. In fighting games, spamming refers to overuse of particularly powerful moves, especially if they are easy to use.
Whether such tactics are viewed as cheating or abuse varies from game to game, community to community. Analogous to camping, the tactical advantage gained by those engaged is the crux of the issue. If every player defensively "spams", and no one makes the offensive push, there will be no opportunities for players to come into conflict, and there will be no game. Games like Capture the Flag help to break this deadlock by providing incentive to invade enemy territory.
The same term may be used to describe those who flood the in-game chat with frequent messaging, similar to messaging spam mentioned above. Excessive messaging is unwelcome among most games. However, in the role-playing games MUD, MUSH, and MUCK, players happily continue using the word spam in its original sense, with no implication of abuse. When a player returns to the terminal after a brief break to find his or her screen wonderfully filled with pages of random chat, it's still called "spam".
Players of MMORPGs such as World of Warcraft who use a single move repeatedly to gain benefits are often referred to as "spamming" that move. This is seen as a "cheap" maneuver in PvP combat, but it is sometimes used as a viable tactic against powerful boss monsters. In World of Warcraft, specific moves are more likely to be spammed than others, and one of the most common is the Moonfire spell used by Druids. Blizzard referenced this in an April Fool's Day prank; one of the items on the menu of their fictional upcoming chain of restaurants, "Burgercraft" was "Moonfire Spam". [7]
The term spam is derived from the Monty Python SPAM sketch (see video in External Links), set in a cafe where nearly every item on the menu includes SPAM luncheon meat. As the server recites the SPAM-filled menu, a chorus of Viking patrons drowns out all conversations with a song repeating "SPAM, SPAM, SPAM, SPAM... lovely SPAM, wonderful SPAM," hence "SPAMming" the dialogue. The excessive amount of SPAM mentioned in the sketch is a reference to British rationing during World War II. SPAM was one of the few foods that was widely available.
Although the first known instance of unsolicited commercial e-mail] occurred in 1978 [8] (unsolicited electronic messaging had already taken place over other media, with the first recorded instance being via telegram on September 13, 1904[citation needed]), the term "spam" for this practice had not yet been applied. In the 1980s the term was adopted to describe certain abusive users who frequented BBSs and MUDs, who would repeat "SPAM" a huge number of times to scroll other users' text off the screen. [9] In early Chat rooms services like PeopleLink and the early days of AOL, they actually flooded the screen with quotes from the Monty Python Spam sketch. This was used as a tactic by insiders of a group that wanted to drive newcomers out of the room so the usual conversation could continue. It was also used to prevent members of rival groups from chatting -- for instance, Star Wars fans often invaded Star Trek chat rooms, filling the space with blocks of text until the Star Trek fans left.[10] This act, previously called flooding or trashing, came to be known as spamming. [11] The term was soon applied to a large amount of text broadcasted by many users.
It later came to be used on Usenet to mean excessive multiple posting—the repeated posting of the same message. The first usage of this sense was by Joel Furr in the aftermath of the ARMM incident of March 31, 1993, in which a piece of experimental software released dozens of recursive messages onto the news.admin.policy newsgroup. This use had also become established—to spam Usenet was flooding newsgroups with junk messages.
Commercial spamming started in force on March 5, 1994, when a pair of lawyers, Laurence Canter and Martha Siegel, began using bulk Usenet posting to advertise immigration law services. The incident was commonly termed the "Green Card spam", after the subject line of the postings. The two went on to widely promote spamming of both Usenet and e-mail as a new means of advertisement—over the objections of Internet users they labeled "anti-commerce radicals." Within a few years, the focus of spamming (and antispam efforts) moved chiefly to e-mail, where it remains today. [12]
There are three popular false etymologies of the word "spam". The first, promulgated by Canter & Siegel themselves, is that "spamming" is what happens when one dumps a can of SPAM luncheon meat into a fan blade. The second is the backronym "shit posing as mail." The third is similar, using "stupid pointless annoying messages."
Hormel Foods Corporation, the makers of SPAM luncheon meat, do not object to the Internet use of the term "spamming." However, they do ask that the capitalized word "SPAM" be reserved to refer to their product and trademark.[13] By and large, this request is obeyed in forums which discuss spam—to the extent that to write "SPAM" for "spam" brands the writer as a n00b. In Hormel Foods v SpamArrest, Hormel attempted to assert its trademark rights against SpamArrest, a software company, from using the mark "spam," since Hormel owns the trademark. In a dilution claim, Hormel argued that Spam Arrest's use of the term "spam" has engendered and damaged "substantial goodwill and good reputation" in connection with its trademarked lunch meat and related products. Hormel also asserts that Spam Arrest's name so closely resembles its luncheon meat that the public might become confused, or might think that Hormel endorses Spam Arrest's products. Hormel did not prevail. Attorney Derek Newman responded on behalf of Spam Arrest: "Spam has become ubiquitous throughout the world to describe unsolicited commercial e-mail. No company can claim trademark rights on a generic term." While Hormel stated on its website: "Ultimately, we are trying to avoid the day when the consuming public asks, 'Why would Hormel Foods name its product after junk email?'"
More recently two failed attempts to revoke the mark "spambuster".[14]
The California legislature found that spam cost United States organizations alone more than $10 billion in 2004, including lost productivity and the additional equipment, software, and manpower needed to combat the problem.
Spam's direct effects include the consumption of computer and network resources, and the cost in human time and attention of dismissing unwanted messages. In addition, spam has costs stemming from the kinds of spam messages sent, from the ways spammers send them, and from the arms race between spammers and those who try to stop or control spam. In addition, there are the opportunity cost of those who forgo the use of spam-afflicted systems. There are the direct costs, as well as the indirect costs borne by the victims - both those related to the spamming itself, and to other crimes that usually accompany it, such as financial theft, identity theft, data and intellectual property theft, virus and other malware infection, child pornography, fraud, and deceptive marketing.
The methods of spammers are likewise costly. Because spamming contravenes the vast majority of ISPs' acceptable-use policies, most spammers have for many years gone to some trouble to conceal the origins of their spam. E-mail, Usenet, and instant-message spam are often sent through insecure proxy servers belonging to unwilling third parties. Spammers frequently use false names, addresses, phone numbers, and other contact information to set up "disposable" accounts at various Internet service providers. In some cases, they have used falsified or stolen credit card numbers to pay for these accounts. This allows them to quickly move from one account to the next as each one is discovered and shut down by the host ISPs.
The costs of spam also include the collateral costs of the struggle between spammers and the administrators and users of the media threatened by spamming. [15]
Many users are bothered by spam because it impinges upon the amount of time they spend reading their e-mail. Many also find the content of spam frequently offensive, in that pornography is one of the most frequently advertised products. Spammers send their spam largely indiscriminately, so pornographic ads may show up in a work place e-mail inbox—or a child's, the latter of which is illegal in many jurisdictions. Recently, there has been a noticeable increase in spam advertising websites that contain child pornography.
Some spammers argue that most of these costs could potentially be alleviated by having spammers reimburse ISPs and individuals for their material. There are two problems with this logic: first, the rate of reimbursement they could credibly budget is not nearly high enough to pay the direct costs; and second, the human cost (lost mail, lost time, and lost opportunities) is basically unrecoverable.
E-mail spam exemplifies a tragedy of the commons: spammers use resources (both physical and human), without bearing the entire cost of those resources. In fact, spammers commonly do not bear the cost at all. This raises the costs for everyone. In some ways spam is even a potential threat to the entire e-mail system, as operated in the past.
Since e-mail is so cheap to send, a tiny number of spammers can saturate the Internet with junk mail. Although only a tiny percentage of their targets are motivated to purchase their products (or fall victim to their scams), the low cost may provide a sufficient conversion rate to keep the spamming alive. Furthermore, even though spam appears not to be economically viable as a way for a reputable company to do business, it suffices for professional spammers to convince a tiny proportion of gullible advertisers that it is viable for those spammers to stay in business. Finally, new spammers go into business every day, and the low costs allow a single spammer to do a lot of harm before finally realizing that the business is not profitable.
Some companies and groups "rank" spammers; spammers who make the news are sometimes referred to by these rankings.[16][17] The necessary secretiveness of the operations makes uncertainty about how they actually determine "how bad" a spammer is unavoidable. Also, spammers may target different networks to different extents, depending on how successful they are at attacking the target. Thus considerable resources are employed to actually measure the amount of spam generated by a single person or group. For example, victims that use common antispam hardware, software or services provide opportunities for such tracking. Nevertheless, such rankings should be taken with a grain of salt.

In all cases listed above, including both commercial and non-commercial, "spam happens" due to a positive Cost-benefit analysis result.
Cost is the combination of
Overhead: The costs and overhead of electronic spamming include bandwidth, developing or acquiring an email/wiki/blog spam tool, taking over or acquiring a host/zombie, etc.
Transaction cost: The incremental cost of contacting each additional recipient once a method of spamming is constructed, multiplied by the number of recipients. (see CAPTCHA as a method of increasing transaction costs)
Risks: Chance and severity of legal and/or public reactions, including damages and punitive damages
Damage: Impact on the community and/or communication channels being spammed (see Newsgroup spam)
Benefit is the total expected profit from spam, which may include any combination of the commercial and non-commercial reasons listed above. It is normally linear, based on the incremental benefit of reaching each additional spam recipient, combined with the conversion rate.
Spam is prevalent on the Internet because the transaction cost of electronic communications is radically less than any alternate form of communication, far outweighing the current potential losses, as seen by the amount of spam currently in existence. Spam continues to spread to new forms of electronic communication as the gain (number of potential recipients) increases to levels where the cost/benefit becomes positive. Spam has most recently evolved to include wikispam and blogspam as the levels of readership increase to levels where the overhead is no longer the dominating factor. According to the above analysis, spam levels will continue to increase until the cost/benefit analysis is balanced.

Spamming remains a hot discussion topic. In 2004, the seized Porsche of an indicted spammer was advertised on the internet; this revealed the extent of the financial rewards available to those who are willing to commit duplicitous acts online. However, some of the possible means used to stop spamming may lead to other side effects, such as increased government control over the Internet, loss of privacy, barriers to free expression, and even the commercialization of e-mail.
One of the chief values favored by many long-time Internet users and experts, as well as by many members of the public, is the free exchange of ideas. Many have valued the relative anarchy of the Internet, and bridle at the idea of restrictions placed upon it. A common refrain from spam-fighters is that spamming itself abridges the historical freedom of the Internet, by attempting to force users to carry the costs of material which they would not choose.
An ongoing concern expressed by parties such as the Electronic Frontier Foundation and the ACLU has to do with so-called "stealth blocking", a term for ISPs employing aggressive spam blocking without their users' knowledge. These groups' concern is that ISPs or technicians seeking to reduce spam-related costs may select tools which (either through error or design) also block non-spam e-mail from sites seen as "spam-friendly". SPEWS is a common target of these criticisms. Few object to the existence of these tools; it is their use in filtering the mail of users who are not informed of their use which draws fire.
Some see spam-blocking tools as a threat to free expression—and laws against spamming as an untoward precedent for regulation or taxation of e-mail and the Internet at large. Even though it is possible in some jurisdictions to treat some spam as unlawful merely by applying existing laws against trespass and conversion, some laws specifically targeting spam have been proposed. In 2004, United States passed the Can Spam Act of 2003 which provided ISPs with tools to combat spam. This act allowed Yahoo! to successfully sue Eric Head, reportedly one of the biggest spammers in the world, who settled the lawsuit for several thousand U.S. dollars in June 2004. But the law is criticized by many for not being effective enough. Indeed, the law was supported by some spammers and organizations which support spamming, and opposed by many in the antispam community. Examples of effective anti-abuse laws that respect free speech rights include those in the U.S. against unsolicited faxes and phone calls, and those in Australia and a few U.S. states against spam.
In November 2004, Lycos Europe released a screensaver called make LOVE not SPAM which made Distributed Denial of Service attacks on the spammers themselves. It met with a large amount of controversy and the initiative ended in December 2004

Attorney Laurence Canter was disbarred by the Supreme Court of Tennessee in 1997 for sending prodigious amounts of spam advertising his immigration law practice.
Robert Soloway lost a case in a federal court against the operator of a small Oklahoma-based Internet service provider who accused him of spamming. U.S. Judge Ralph G. Thompson granted a motion by plaintiff Robert Braver for a default judgment and permanent injunction against him. The judgment includes a statutory damages award of $10,075,000 under Oklahoma law. [18]
In the first successful case of its kind, Mr. Nigel Roberts from the Channel Islands won £270 against Media Logistics UK who sent junk e-mails to his personal account.

References:

^ Gates reveals his 'magic solution' to spam - CNET News, 2004-01-26
^ The (Evil) Genius of Comment Spammers - Wired Magazine, March 2004
^ See: Advance fee fraud
^ SA cops, Interpol probe murder - News24.com, 2004-12-31
^ Just An Online Minute... Hobbit Spam - MediaPost Publications, 2006-07-13
^ Spam Attack! - Joe's CyberPost
^ Blizzard Entertainment Presents Burgercraft - Blizzard.com, 2006-04-01
^ Reaction to the DEC Spam of 1978
^ http://www.templetons.com/brad/spamterm.html
^ The Origins of Spam in Star Trek chatrooms
^ Spamming? (rec.games.mud) - Google Groups USENET archive, 1990-09-26
^ Origin of the term "spam" to mean net abuse
^ SPAM and the Internet - Official SPAM Website
^ Hormel Foods Corpn v Antilles Landscape Investments NV (2005) EWHC 13 (Ch)
^ Thank the Spammers - William R. James 2003-03-10
^ Spamhaus' "TOP 10 spam service ISPs"
^ The 10 Worst ROKSO Spammers
^ Braver v. Newport Internet Marketing Corporation et al - U.S. District Court - Western District of Oklahoma (Oklahoma City), 2005-02-22
^ Businessman wins e-mail spam case - BBC News, 2005-12-27

Incidentally, one of my consulting specialities is messaging systems. If you are looking for a comprehensive solution to combatting SPAM, my first reccomendation is a service known as Postini. If your are lacking budget for such a service, there are additional options such as Cloudmark, which I have found to be very effective in the residential markets.

The Importance of Morale

2007-01-10T21:33:00.000-08:00

Human Beings are interesting creatures. Our thoughts trigger our emotions. Our emotions impact how we react to different stimuli. In a work environment with low morale, the negative energy spreads like wild fire and it ruins perfectly good people. Fortunately, there are things we can do to cure this epedemic of negativity. Tony Robbins speaks of Neuro Linguistic Programming and a number of other tactics you can use to help yourself. Long Before Robbins was on the scene, Og Mandino wrote of a God Memorandum that specified four laws of happiness:

1) Count your blessings
2) Proclaim your rarity
3) Go Another Mile
4) Use wisely your power of choice

More and more books on self help keep filling the book shelves, but is anybody reading them? If they are reading them, are the techniques being applied regularly, or is the world becoming a bitter place where you should just be happy if you have a job? I don't proclaim to have all the answers, but I do know one thing. In a society as technologically advanced as we are, there is something drastically wrong when prostitutes and criminals are earning more money than healers and teachers. I think this demonstrates a clear misalignment of society's priorities. This misalignment has a huge impact on morale. But, how do we fix it? How do we tell our children to stop playing the video games and eating at the golden arches? How do we push reading, and creativity, and exercise over getting to the next level in War Craft? Historically, the greatest civilizations decayed from within. If we do not remember our history, we will be condemned to repeat it.

So, how do we boost morale? Focus on taking care of yourself and those around you. Exercise, eat right, work hard, and play hard. Find balance and enjoy yourself while you do it. There is no reason why you can not have fun while working.

At Charthouse.com, you can get involved in a movement known as FISH. The power behind FISH! Culture is when people start using words and phrases like Be There, Play, Make Their Day, and Choose Your Attitude in their conversations, they begin to see the possibility of living a more creative, expressive, and rewarding work experience, and when applied with the units, they begin to see and act on new opportunities in their relationships with colleagues, customers, and every person they encounter as they go about their work.

The "Acres of Diamonds" Consulting Methodology

2007-01-10T21:09:00.000-08:00

When I was in High School, a rap group called Public Enemy had a song entitled, "Don't Believe The Hype." Walt Whitman once wrote: " You road I enter upon and look around! I believe you are not all that is here; I believe that much unseen is also here." Russell Conwell used to deliver a sermon about "Acres of Diamonds"

As Conwell told it, he was riding in 1870 in a camel caravan along the valley between the Tigris and Euphrates Rivers in Mesopotamia when he heard a guide weave tales to entertain his American tourists.

Conwell, then only 27, was deeply impressed by a legend about a prosperous Persian farmer, Ali Hafed. Lured by the stories of a Buddhist priest, Ali deserted his fruitful lands to search for immense wealth in mythical diamond fields.

Far and wide Ali Hafed roamed, footsore and weary. Youth and wealth disappeared, and he died far from home, an old and disillusioned pauper. Not long afterward, the guide related, acres of fabulous diamonds were found on Ali Hafed's own land.

To the other tourists, this was just another alluring story, but in Conwell's mind a great truth had been sown. To him it said: "Your diamonds are not in far-away mountains or in distant seas; they are in your own back yard if you will but dig for them."

They are also available within the people and resources who make up your business.

My Acres of Diamonds consulting methodology focuses on mining and leveraging information from the individuals working within an organization. When I first utilized this methodology, I was working for an Information Technology firm in Manhattan. The firm's client was a hedge fund that had some very significant technology challenges with respect to people, process and technology. Through asking the right questions to every stake holder, I managed to compile answers to these challenges. These answers were then shared with the proper project champions and we collectively facilliated an action plan. The plan was a huge success and my methodology became a model for future engagements.

Working Hard vs Working Smart

2007-01-10T20:58:00.000-08:00

Many of us who played sports often heard the phrase, "There is no I in team." Teamwork is a wonderful thing when utilized properly. Recently, while I was on a consulting project, I noticed that my client had a person on staff who thought working long hours and doing all the work himself should automatically make him eligible for large bonuses and raises. What this person failed to realize is that management also looks at how people work as a team. Sharing information, and cross training your colleagues should not be taboo in a professional technology environment. If we have learned anything at all, we should understand that a single point of failure can also occur from a knowledge management standpoint. It is dangerous for a company to have only one person on staff who completely understands and hordes vital information on pertaining to critical business systems. In my experience, documenting processes and procedures according to the Scientific Method is the best way to communicate effectively. If we think back to our days in a science lab, we will remember that the scientific method is used to others can repeat the exact same procedure so they can confirm the results. Yet, all too often, the documentation I see in professional environments is lacking the necessary details to actually accomplish the task. When putting together a technical procedure document, always assume that your reader is not technical. Try to write it so the janitor could pick it up and accomplish the task. Rather than worrying about writing yourself out of a job, focus on new technology and additional value you can add by continuing to produce valuable material. The law of attraction demonstrates that you get what you focus upon. If you are not familiar with this law, you should watch the movie entitled, "The Secret". It is available at www.thesecret.tv

Anticipating client needs

2007-01-10T20:50:00.000-08:00

Knowing how to fix and configure various types of technical devices and programs does not make someone a good technician. There is a bedside manner component to providing support that some people just do not understand. Aside from fixing what is broken, each time a technician works with a client, they have the ability to really make the client's experience memorable by adding value. Value can be added by anticipating needs, asking the client the right questions, and actively listening, empathizing, and communicating your understanding of the problem. In my experience, many support personnel are great at fixing problems, but communicating effectively often shoots them in the foot. Years ago, when I was studying Political Communications, I was told that people do not care how much you know until they know how much you care. Although this piece of advice was meant for a political campaign, I think it is appropos to most business situations. Take the time to understand your client's business. Anticipate what they might need and ask them. Technology and business only work effectively when they are partnered. It is impossible to partner effectively without having the proper communication lines open.

My Cingular Experience

2006-08-28T18:15:00.000-07:00

As someone who has been running his own business and supporting enterprise environments with thousands of users for well over 12 years, I consider myself to be somewhat of an expert on the topic of customer service. As such, historically when I would run into a bad customer service experience, I would walk away from the scenario shaking my head in disgust or go hit the gym or my heavy bag. Fortunately, now we have blogging, so we can collectively share our bad experiences. I have been a Cingular customer for several years now. When supporting Cingular enabled Blackberry devices at a major investment bank, the experience of calling Cingular for support was dreaded. This feeling of dread stemmed from excessive hold times as well as support staff who were often not empowered to solve the problem. Although Cingular does have certain aspects of support down pat, such as empathizing with the user, they are severely lacking in terms of empowerment and anticipating needs. A perfect example is my recent exchange in a Cingular store. The Cingular 8125 is the phone I presently use. It comes with stylus pens. Anyone who has worked with this soft of device knows how easy it is to have these pens disappear. In New York, there are Cingular stores all over the place. I walked into three different stores in search of replacement pens for my 8125, which is Cingular branded. None of the stores carried what I needed. More importantly, rather than offerring to order the pen for me, they told me to check online. My thought has been that the entire purpose of brick and mortar Cingular stores is convenience. They certainly spend enough money on them to promote their products. Perhaps I did not want to wait for the stylus pen. Perhaps it was needed so I could perform an important task on my smart phone. Nevertheless, each problem I have ever had with a Cingular phone has always been directed away from the store. My thought is that the store based Cingular employee should take ownership of the problem coming in their door. Rather than telling the customer to contact someone online, they should own that process, or at least give the customer the option of allowing them to own the process. When I walk into a Cingular store with a problem, I expect them to solve it. I know I can go online, or call their customer service number, however; the time on hold combined with lack of empowerment and passing the buck makes the experience of calling for support painful because it wastes valuable time. For business professionals, time is a precious commodity. Having time wasted by unempowered customer service personnel is part of a bigger problem. A problem that can be properly fixed with the right methodology. The Acres of Diamonds method is waiting for Cingular when they are ready.