Article

HP Blogs – 6 steps for SMBs to become IPv6-ready – The HP Blog Hub

My Comments

There is all the talk of us running out of IPv4 public IP addresses for the Internet, and an increased awareness of IPv6 Internet technology. One major driver for the IPv6 technology is the rolling out of next-generation broadband services; where this feature will be seen as being part of the “next generation” mould.

In the near time, the typical IPv6 network will operate as a “dual-stack” setup where there is an IPv6 network and an IPv4 network operating over the same network space. A device such as an IPv6-ready router will typically bridge the gap between the dual-stack devices and the IPv4-only devices by assisting in the discovery of the devices and transferring data between the two different network stacks.

Outside IT contractors

If you do regularly engage outside contractors for your IT needs such as your POS / property-management technology, it would pay to ask whether the technical staff know about IPv6 and how to deploy it. Most of these contractors may think that small business doesn’t need IPv6 but as the Internet moves to this technology, it pays to be future-proof.

ISPs and Webhosts

It is worth making sure that your business’s ISP and Internet hosted services such as your Webhost are ready for IPv6 or have intentions to roll out a customer-facing IPv6 service.

Most ISPs and Webhosts are likely to have the backend of their services working on IPv6 technology but their customer-facing services like the Web services or Internet service may not be ready. This may be due to the presumption that most customer setups will fail when confronted with IPv6. The exception may be the ISPs that serve a “switched-on” audience that knows their way around the Internet technology; or ISPs and Webhosts that offer customer-facing IPv6 service as a limited-user beta test and they may offer a “dual-stack” setup.

It also pays to check that your domain host supports domain records that are compatible with IPv6 setups. This includes having AAAAA-form DNS records that can resolve your domain name to IPv6 addresses.

Hardware

Computers that run Windows Vista or 7, MacOS X Lion or recent Linux distributions will be ready for IPv6; with Windows XP having support through a downloadable module from Microsoft’s Web site. Relatively-recent computer equipment can be upgraded from prior operating systems to the newer IPv6-compliant operating systems. For the mobile platforms, the IOS (iPhone / iPad / iPod Touch), Android, Symbian and Windows Phone 7 platforms do support IPv6. They will typically operate on a “dual-stack” arrangement by being able to service an IPv4 network and an IPv6 network at the same time through the same network interface,

Similarly, most network printers pitched at the business end of the market that were released over the last few years would have support for IPv6 in a dual-stack setup.

As for routers, managed switches, access points and other network hardware, I would suggest that you check for firmware that supports IPv6 for your existing equipment. Keep an eye on the manufacturer’s Website for newer firmware updates that support IPv6.  If you are purchasing or specifying newer network equipment, make sure that it does support IPv6 or has future support for this in a planned firmware update. Most unmanaged switches, HomePlug-Ethernet bridges and devices that don’t use a Web or SMNP user interface would not need to be compliant with IPv6. This is because these devices work at levels below the IP stacks.

In the case of routers, the device should work as a “dual-stack” unit with support for routing between the two different IP network types. It should also be able to cope with working with a dual-stack Internet service especially as the business Internet services that provide IPv6 will do so in a dual-stack manner.

When I review any network hardware including printers, I will identify those pieces of equipment that are IPv6-ready so as to help you know whether the equipment will be future-proof.

Software

As for software on these computers, any desktop firewall software or other network-utility software that you run would need to support IPv6 operation. This is something that recent versions of this software would cater for, but you should make sure of this when you specify new software. It also holds true for any other network-management programs that need to work on an IP level.

The application software that serves office functionality or line-of-business needs wouldn’t be of concern in relation to IPv6 because the operating system would be handling the network-resource requests for these programs.

Conclusion

The key issue with assuring IPv6 compatibility for your small business network is to make sure that your computer equipment works on dual-stack IPv4/IPv6 software and / or there is a router that works as n IPv4/IPv6 bridge on both sides of the network-Internet “edge”. As well, the IT contractors and services that you engage would need to be knowledgeable about IPv6 and the impending rollout for your business.

Article

Apple releases Lion Recovery Disk Assistant, asserts its dominance over Snow Leopard | Engadget

Resource Links – Apple Support

Apple Lion Recovery Disk Assistant

Further Details

My Comments

Now that Apple are distributing the “Lion” version of the MacOS X operating system in an online manner, you may think of how you may be able to do a bare-metal recovery of your Macintosh computer. This is where the computer has a hard disk on board but it doesn’t have the operating system to work from. This is because there is no physical disk that came with the upgrade which you can install from when you need to reinstall the operating system.

Now Apple have provided a recovery disk program that allows you to create the recovery image on to an external disk like a USB memory key or a USB external hard disk. It avoids the need to reuse Snow Leopard (which may be on an install DVD) in order to download Lion again as part of the recovery process.

Normally, an upgrade to MacOS X Lion would create a recovery partition on the Mac’s system disk. This wouldn’t be good enough if that hard disk crashed. When you run this utility, you create a copy of the same recovery partition on an external disk which you can then boot from during a bare-metal install or system rebuild.

Like the internal copy, this would allow you to do a “ground-zero” OS install, reinstall from a Time Machine backup, use MacOS Disk Utility to check and repair the hard disk as well as use Safari to visit Web-based resources.

When you prepare the Recovery Disk, you would have to create a separate partition (logical disk) on the same USB physical disk which should be greater than 1Gb. As well, the Mac should have a Recovery HD partition created on it during the Lion OS install or upgrade. This is because the Recovery Disk Assistant formats the drive to create the partition. As well, the partition will be hidden from view when you use the file-system utilities like Finder or Disk Utility.

It will come in to play when you have the external disk connected to the Mac and you reboot it while holding down the Option key. Here, the new Recovery partition will be listed as an option in the Mac’s “Startup Manager” boot menu.

 Articles

Scareware Indictments Put Cybercriminals on Notice – Microsoft On The Issues

Swede charged in US over ‘scareware’ scheme | The Local (Sweden’s News in English) – Sweden

US-Behörden klagen Scareware-Betrüger an | Der Standard (Austria – German language)

From the horse’s mouth

FBI Press release

My comments

What is scareware

Scareware is a form of malware that presents itself as desktop security software. Typically this software uses a lot of emphasis on “flashing-up” of user-interface dialogs that mimic known desktop security programs, whether as add-on programs or functions that are integral to the operating system. They also put up dialogs requiring you to “register” or “activate” the software in a similar manner to most respected programs. This usually leads you to Web sites that require you to enter your credit-card number to pay for the program.

In reality, they are simply another form of Trojan Horse that is in a similar manner to the easy-to-write “fake login screen” Trojans that computer hackers have created in order to capture an administrator’s high-privilege login credentials. Some of the scareware is even written to take over the computer user’s interactive session, usually with processes that start when the computer starts, so as to “ring-fence” the user from vital system-control utilities like Task Manager, Control Panel or command-line options. In some cases, they also stop any executable files from running unless it is one of a narrow list of approved executable files. They are also known to nobble regular desktop anti-malware programs so that they don’t interfere with their nefarious activities. This behaviour outlined here is from observations that I had made over the last few weeks when I was trying to get a teenager’s computer that was infested with “scareware” back to normal operation.

Who ends up with this scareware on their computer

Typically the kind of user who will end up with such software on their computer would be consumers and small-business operators who are computer-naive or computer-illiterate and are most likely to respond to banner ads hawking “free anti-virus software”. They may not know which free consumer-grade anti-virus programs exist for their computing environment. In a similar context, they may have found their computer is operating below par and they have often heard advice that their computer is infested with viruses.

What you should do to avoid scareware and how should you handle an infestation

The proper steps to take to avoid your computer being infested with scareware is to make sure you are using reputable desktop security software on your computer. If you are strapped for cash, you should consider using AVG, Avast, Avira or Microsoft Security Essentials which have the links in the links column on the right of your screen when reading this article on the site.

If you have a computer that is already infected with this menace, it is a good idea to use another computer, whether on your home network or at your workplace, to download a “process-kill” utility like rkill.com to a USB memory key or CD-R and run this on the infected computer immediately after you log in. It may alos be worth visiting the “Bleeping Computer” resource site for further information regarding removing that particular scareware threat that is affecting your computer. This is because I have had very good experience with this site as a resource when I handled a computer that was infested with scareware.

If you are at a large workplace with a system administrator, ask them to prepare a “rescue CD” with the utilities from the “bleeping-computer” Web site or provide a link or “safe-site” option on your work-home laptop to this site so you can use this computer as a “reference” unit for finding out how to remove scareware from a computer on your home network.

How the criminal law fits in to this equation

The criminal law is now being used to target the “scareware” epidemic through the use of charges centred around fraud or deception. Like other criminal cases involving the online world, the situation will touch on legal situations where the offenders are resident in one or more differing countries and the victims are in the same or different other countries at the time of the offence.

This case could raise questions concerning different standards of proof concerning trans-national criminal offences as well as the point of trial for any such offences. 

Conclusion

Once you know what the “scareware” menace is, you are able to know that criminal-law measures are being used to tackle it and that you can recognise these threats and handle an infestation.

Disclaimer regarding ongoing criminal cases

This article pertains to an ongoing criminal-law action that is likely to go to trial. Nothing in this article is written to infer guilt on the accused parties who are innocent until proven guilty beyond reasonable doubt in a court of law. All comments are based either on previously-published material or my personal observations relevant to the facts commonly known.

 EU resolves Microsoft IE antitrust case | Microsoft – CNET News

From the horse’s mouth

European Union

Microsoft’s press release

My comments on this issue

Previously, there was talk of Microsoft having to supply European customers with “browser-delete” options for copies of Windows 7 operating system where they would have to explicitly download their browser of choice and wouldn’t be able to “get going” with Internet Explorer. Now, there is the requirement to provide a “browser-select” screen when you can install any of 12 alternative browsers and nominate one of the other browsers as the default browser. This will have the browsers organised in a random order so as not to favour Internet Explorer or a “browser-skin” with hooks to the Internet Explorer code.

One main improvement that I had liked about this is that you can deploy more than one browser from the “browser-select” screen, which will please Web-site developers who want to test their site in other browser environments. Similarly this will please users who are testing browsers for a proposed usage environment or replicating problems encountered with a particular browser.

It will be feasible for a computer supplier to “run with” a different default browser yet consumers can choose whichever browser suits them better. This would be more so with operations like Dell or the small independently-run High Street computer shops who build computers “to order” for individuals, rather than suppliers like HP/Compaq or Toshiba who build systems to particular packages to be sold through electronics chain stores.

The only issue is whether an individual or organisation can determine a particular browser as part of a Windows-based “standard operating environment” when they specify their computer equipment and not have to pass through the “browser-select” screen. Also, what will be the expectation for any proposed computer fleets and “standard operating environments”? Will the company who buys the computer equipment be able to determine which is the default browser for their environment or will they be required to allow individual staff members / end-users to choose which browser they are to work with? The reason I am raising this issue is because in some countries within the EEA like France, there is an organised-labour culture where the trade unions can exercise a lot of influence over what goes on in a workplace.

Another issue that may need to be raised is whether the European-specific “browser-choice” arrangements will be available outside of the European Economic Area. This may be of concern to independent system builders who may want to assure customers of browser choice as a differentiating factor or local, state or federal government departments who may want to be assured of this for computers supplied as part of their IT programs operating in their area or as part of a legislative requirement for their area. It may also be of benefit to PC users who want to load their computers with many browsers so as to, for example, test a Web site under many operating environments.

At the moment, there are an increasing number of PDAs, smartphones and mobile Internet devices that can be given extra functionality by the user after they buy the device. This is typically achieved through the user loading on to their device applications that are developed by a large community of programmers. This practice will end up being extended to other consumer-electronics devices like printers, TVs, set-top boxes, and electronic picture frames as manufacturers use standard embedded-device platforms like Android, Symbian or Windows CE and common “embedded-application” processors for these devices. It will be extended further to “durable” products like cars, business appliances and building control and security equipment as these devices end up on these common platforms and manufacturers see this as a way of adding value “in the field” for this class of device.

From this, I have been observing the smartphone marketplace and am noticing a disturbing trend where platform vendors are setting up their own application-distribution platforms that usually manifest as “app stores” that run on either the PC-device synchronisation program or on the device’s own user-interface screen. These platforms typically require the software to be pre-approved by the platform vendor before it is made available and, in some cases like the Apple iPhone, you cannot obtain the software from any other source like the developer’s Web site, competing app store or physical medium. You may not even be able to search for applications using a Web page on your regular computer, rather you have to use a special application like iTunes or use the phone’s user-interface.

People who used phones based on the Windows Mobile or Symbian S60 / UIQ platform were able to install applications from either the developer’s Website or a third-party app store like Handango. They may have received the applications on a CD-ROM or similar media as the mobile extension for the software they are buying or as simply a mobile-software collection disc. Then they could download the installation package from these sites and upload it to their phone using the platform’s synchronisation application. In some cases, they could obtain the application through the carrier’s mobile portal and, perhaps, have the cost of the application (if applicable) charged against their mobile phone account. They can even visit the application Website from the phone’s user interface and download the application over the 3G or WiFi connection, installing it straight away on the phone.

The main issue that I have with application-distribution platforms controlled by the device platform vendor is that if you don’t have a competing software outlet, including the developer’s Web site, a hostile monopolistic situation can exist. As I have observed with the iPhone, there are situations where the platform vendor can arbitrarily deny approval for software applications or can make harsh conditions for the development and sale of these applications. In some cases, this could lead to limitations concerning application types like VoIP applications being denied access to the platform because they threaten the carrier partner’s revenue stream for example. In other cases, the developer may effectively receive “pennies” for the application rather than “pounds”.

What needs to happen with application-distribution platforms for smartphones and similar devices is to provide a competitive environment. This should be in the form of developers being able to host and sell their software from their Website rather than provide a link to the platform app store. As well, the platform should allow one or more competing app stores to exist on the scene. It also includes the carriers or service providers being able to run their own app stores, using their ability to extend their business relationships with their customers like charging for software against their customers’ operating accounts. For “on-phone” access, it can be facilitated in the form of uploadable “manifest files” that point to the app store’s catalogue Website.

As well, the only tests that an application should have to face are for device security, operational stability and user-privacy protection. The same tests should also include acceptance of industry-standard interfaces, file types and protocols rather than vendor-proprietary standards. If an application is about mature-age content, the purchasing regime should include industry-accepted age tests like purchase through credit card only for example.

Once this is achieved for application-distribution platforms, then you can achieve a “win-win” situation for extending smartphones, MIDs and similar devices

There is a very common mistake that I have seen being made concerning the implementation of popup-blocking software. It typically involves one running a third-party popup blocker like one that is part of an add-on toolbar like Google Toolbar in one of the recent crop of browsers like Microsoft Internet Explorer 7 that has integrated popup-control functionality.

The problem can lead to popups that are to be part of your Web experience, such as a transaction wizard, being blocked or, at worst, the browser program hanging or crashing frequently. This is due to competition between the different programs to manage the same site or pop-up screen.

To avoid this, make sure that you are running one popup blocker program only, whether the third-party program or the one that is integrated in your browser. Personally, I would prefer to use the one that is integrated in the browser because of it being tightly linked with the browser’s code, thus avoiding use of unnecessary system resources.

http://www.theregister.co.uk/2008/12/01/vista_sp2_april_rtm/

My comments

At least there is some accurate information regarding the arrival of Vista Service Pack 2 and what it will contain. This service pack could draw more people towards Windows Vista and offer something that can avoid the idea of going “back to XP”.

At least there are a few options that may benefit the laptop user and the modern WiFi-driven home computing environment. One would be to work hand in glove with WPS configuration as more routers come with “over-the-air” WPS configuration. As well, the Bluetooth Feature Pack which will offer what is expected of a Bluetooth setup will be available for people who buy Bluetooth functionality independent of the operationg system. This would encompass system builders; and those of us who provide Bluetooth functionality via an aftermarket device such as a USB dongle or move to Vista by buying it through the retail channel. The other desireable feature would be for the operating system to “natively” burn data to Blu-Ray discs; which would definitely come in handy with backing up hard disks or archiving old data.

In my honest opinion, this service pack can “tide us over” until Windows 7 comes on the scene as the next operating system.

Come on “I’m A PC”!