My Paranoiaz, watch them grow

Researchers Take Over Dangerous Botnet
Dark Reading (05/04/09) Higgins, Kelly Jackson

University of California-Santa Barbara (UCSB) researchers temporarily commandeered an infamous botnet known for stealing financial data and found that the threat it represents is even greater than had been originally assumed.

The Torpig/Sinowal/Anserin mini-botnet targets organizations and users to steal bank account information or other sensitive personal data. It is considered more dangerous than big-name botnets because of its small scale and stealthiness. Torpig uses drive-by download attacks as its initial mode of infection, and upon infection the botnet can unleash crafty phishing attacks that produce bogus but authentic-looking Web pages and forms that trick users into exposing their credentials.

The UCSB researchers accumulated approximately 70 GB of data for the 10 days they were in control of Torpig, and in that period the botnet stole banking credentials of 8,310 accounts from more than 400 financial institutions, including PayPal, Capital One, E-Trade, and Chase. Nearly half of the 1,660 stolen debit and credit card accounts the researchers counted belonged to victims in the United States.

“The level of sophistication, the amount of data that it is able to steal, and the fact that it has been active for more than three years is truly remarkable,” says UCSB researcher Brett Stone-Gross. The researchers’ disclosures provoked debate on whether the information they exposed about Torpig, its workings, and its victims could compromise efforts to eventually undo the botnet. “This [research] does create a road map … for the [botnet] criminals to fix, and not just for others to exploit,” says RSA’s Sean Brady.

Various vexations in Virginia

I have my hotel room window Wide Open – haven’t been in a hotel room with a suicide window in a long time.  I’ve kept it open most of the time I’m here.  This morning I’ve been hearing loud calls from big Canadian geese circling the buildings.  They act like they lost something, keep coming back looking for it.  Their calls draw me to the window every time.  I hang out the window and call back to them, just in case it’s me they’re looking for.  I should put some clothes on.

I’m packing up; we’re leaving at 11 but I thought I’d get some hotel bashing in first.  The room, particularly the bathroom, smells like a #hobovagina (and did before I went in there!) and the carpet reeeeeallly needs to be cleaned.  My shower curtain rod was only connected on one end so I could theoretically have aimed the water toward the sink and still been covered.  Free coffee downstairs all the time and it’s drinkable.  Cookies sometimes, too, which I have been working (mostly successfully) to avoid. Staff has all been trained to say “Hi!” in a sprightly manner when you’re concentrating on something else (like all the coffee you’re hijacking to your room) and each time it makes me jump.  Good job!  

They have in-room exercise kits, that was cool! Mostly cool because their little gym is 80 degrees and moist from the pool.  No fans.  Makes working out in there more or less impossible if you need any degree of comfort while you do it.  The in-room kit has an 8 lb ball with handles, a yoga block and mat, and some handweights.  Should have a jump rope, too, but maybe that would be too noisy.  Anyway, I can do a little muscle work in-room and a little yoga and my various stretching things so it’s not all bad.  Downstairs they have a nice little pool replete with jr lifeguard.  I went down there and did some water aerobics, that was fun except for the chlorine OD.  It’s always something.

I have many bad things to say about the training we received here, but I’ll save that for another post.  I’ve got to get packing. Literally.

Security: They’re doing it wrong

P2P Networks Rife With Sensitive Health Care Data, Researcher Warns

Computerworld (01/30/09) Vijayan, Jaikumar 

Sensitive medical data is easily available through peer-to-peer (P2P) file-sharing networks, reveals a study by researchers at Dartmouth College. During the study, the researchers used search terms related to the top 10 publicly traded U.S. healthcare organizations to see if they could find medical data on P2P networks such as Gnutella, FastTrack, Aries, and e-Donkey.

Dartmouth professor Eric Johnson says the searches yielded a plethora of information from healthcare companies, suppliers, and patients. For example, Johnson says he was able to find a 1,718-page document containing Social Security numbers, dates of birth, insurance information, treatment codes, and other sensitive data belonging to roughly 9,000 patients at a medical testing laboratory.

Johnson and the other researchers were able to obtain the information because employees at healthcare providers installed P2P networks on their computers, which allow users to download and share music and videos from shared folders but also can allow users to obtain other types of files if care is not taken to control which folders users have access to.

Johnson says the study underscores the need for hospitals and other healthcare providers to be aware of the dangers of inadvertent data leakage as well as the need to put improved controls in place to monitor, detect, and stop them.

Best post about Twitter, ever [LOOOONG]

This is from the Zappos CEO blog – I’ve been following this dude for a couple of months now.

I was in Washington, DC last week and spent several days participating in inauguration-related events with various people including Evan Williams, the CEO of Twitter. So I thought this would be an opportune time to write about a topic that I’ve been thinking a lot about over the past few months: how Twitter has contributed to my own personal growth and made me a better person, and how you can take the same principles and apply them to yourself if you’d like.

I’ve talked a lot in the past about how we’ve used Twitter at Zappos for building more personal connections with both our employees and our customers. In fact, we recently debuted on FORTUNE MAGAZINE’s annual “100 BEST COMPANIES TO WORK FOR” list, and they began and ended the article talking about our use of Twitter to build more personal connections with people. That in itself is its own reward that has both personal and business benefits, but for this blog post, I wanted to share my stories and thoughts on how Twitter has helped me grow personally.

For me, it comes down to these 4 things:

  1. Transparency & Values: Twitter constantly reminds me of who I want to be, and what I want Zappos to stand for
  2. Reframing Reality: Twitter encourages me to search for ways to view reality in a funnier and/or more positive way
  3. Helping Others: Twitter makes me think about how to make a positive impact on other people’s lives
  4. Gratitude: Twitter helps me notice and appreciate the little things in life

The great thing about all 4 of these things is that not only have they helped me grow as a person, but they’ve also led to me being generally happier in life. And the benefits aren’t just personal — they also spill over into what we want the Zappos brand and business to be about: Zappos is about delivering happiness, whether for customers (through customer service) or for employees (through company culture). It’s been interesting thinking about how all of my personal learnings about happiness can be applied to delivering happiness in the business world as well.


#1 – TRANSPARENCY & VALUES
What would you do differently if you were always on camera? I’m not talking about being on a reality TV show, but what if there were a permanent public record of everything you do or say from now on that anyone in the world could view at anytime? How would you act differently in certain situations? Would you be friendlier to people? Would you be less negative and less judgmental?

If you were always on camera, then everything you did would go towards shaping your personal brand, whether positive or negative. What are your personal values, and what values do you aspire to?

At Zappos, we have 10 core values that act as a formalized definition of our company culture. Our core values weren’t formed by a few people from senior management that sat around in a room at a company offsite. Instead, we invited every employee at Zappos to participate in the process, and here’s the final list we collectively came up with:

1) Deliver WOW Through Service
2) Embrace and Drive Change
3) Create Fun and A Little Weirdness
4) Be Adventurous, Creative, and Open-Minded
5) Pursue Growth and Learning
6) Build Open and Honest Relationships With Communication
7) Build a Positive Team and Family Spirit
8) Do More With Less
9) Be Passionate and Determined
10) Be Humble

The cool thing about the Zappos core values is that I’ve used them as my own personal values as well. So it makes tweeting really easy for me… Whether I tweet about something personal or something related to Zappos, if I’m living my life through these 10 core values, it all goes towards building the Zappos brand while shaping me personally as well.

A lot of marketers are initially mystified by how Twitter, in which you’re limited to 140 characters or less per tweet, can actually help a company build a brand when you’re so restricted in the length of your tweet. Here’s the analogy I like to use:

Think of each tweet as a dot on a piece of paper. Any single tweet, just like any single dot, by itself can be insignificant and meaningless. But, if over time, you end up with a lot of tweets, it’s like having a lot of dots drawn on a piece of paper. Eventually there are enough dots for your followers to connect them together. And if you connect the dots, in the aggregate it paints a picture of you and/or your company, and it’s that total picture that is your brand.

I have to admit, like probably most other people, when I first joined Twitter I felt a bit uncomfortable publicly announcing what I was doing and what I was thinking. But because radical transparence was part of the culture of tweeting, I decided to give it a try and be as transparent as possible, both for myself personally and for Zappos. It was also consistent with Zappos Core Value #6: “Build Open and Honest Relationships With Communication”.

What I found was that people really appreciated the openness and honesty, and that led people to feel more of a personal connection with Zappos and me compared to other corporations and business people that were on Twitter.

By embracing transparency and tweeting regularly, Twitter became my equivalent of being always on camera. Because I knew that I was going to be tweeting regularly about whatever I was doing or thinking, I was more conscious of and made more of an effort to live up to our 10 core values.

A lot of people use Twitter to complain or vent, but I generally try to avoid doing so because it’s not in line with our core values. What I’ve noticed is that it’s also caused me to complain a lot less in real life, and because of that, I’ve found that my own personal happiness level has gone up.


#2 – REFRAMING REALITY

That’s not to say that I don’t get into situations that I’m not initially happy about. But now anytime something that used to get me upset or frustrated happens, I try to find the humor in the situation and think about how the situation can be reframed. I’ve found that almost every “bad” situation is actually an opportunity that can be entertaining to my followers on Twitter, which also forces myself to see things in a different light.

For example, last year I was staying at a hotel in Mexico and somehow managed to lock myself out on the balcony of my hotel room. I was stuck there for 45 minutes before I was finally rescued. This would haven normally been a very frustrating experience, but because I had my cell phone with me, I was able to tweet about it and it actually ended up being a very enjoyable 45 minutes as I tweeted about the progress of my situation and read all of my followers’ responses to it:

Went 2 my room after my speech, came out 2 balcony. Balcony door somehow locked behind me so now I am trapped outside. @ zappos_fred 2 rescue [http://twitter.com/zappos/status/812279213]

Hotel front desk is telling @zappos_fred it’s not possible for me to be locked out on balcony. I assure you it is, I am not pretending. [http://twitter.com/zappos/status/812287969]

Hotel security finally believed @zappos_fred, rescued me after 45 mins. Asked 4 ID so I could come in from balcony. No ID = stay on balcony [http://twitter.com/zappos/status/812292469]

in fact, I now almost looked forward to situations that would normally be frustrating, because I’ve learned that almost any situation can be reframed to be funny as a tweet, which then makes the situation in real life funny as well. For example:

Airport bathroom: guy tries washing hands – auto faucet motion sensor broken. He tries voice recognition instead by yelling “Wash!” at sink [http://twitter.com/zappos/statuses/806944443]

If it weren’t for Twitter, I would have instead probably been a bit annoyed waiting in line behind this man who was unfamiliar with motion-activated sink faucets. But instead, Twitter forced me to search for and find the humor in the situation by taking a step back and realizing that it actually was a pretty funny situation.


#3 – HELPING OTHERS

One of the great things about Twitter is the instant feedback loop. Within 5 minutes of sending out a tweet, you can find out whether people enjoyed or appreciated your tweet. When I first started using Twitter, I used to just tweet about what I was doing. Most of my tweets were very “me-focused”, because the guideline Twitter gives is to answer the question “What are you doing right now?”

Every once in awhile I might share an inspirational quote or funny story or link to an interesting article. What I found was that those types of tweets also garnered the most responses. So today, with most of my tweets I try to do at least one of the following:

  • Cause my followers to smile with something funny
  • Inspire my followers (for example, with an inspirational quote)
  • Enrich my followers’ perspectives (such as with a link to an interesting article)

In other words, I’ve become a lot less “me-focused” and instead do a lot more thinking and asking myself, “What can I tweet about that would brighten the day for my followers or enrich their lives somehow?”

And by regularly putting myself into the mindset of asking what I can do for others, it inevitably ends up spilling over to my regular life outside of Twitter. And somewhat ironically, becoming less “me-focused” has actually increased my overall level of happiness for myself personally.


#4 – GRATITUDE

In my research into the science of happiness, many studies have shown that gratitude activities (such as keeping a gratitude journal) helps people increase their overall happiness level in life. There are many ways to be thankful, and many things to be thankful for, but one technique is to make a more conscious effort to notice and appreciate the little things in life.

For me, because I try to tweet every day, I’ve found that I’m always looking for opportunities to have something to tweet about. So I end up noticing and appreciating things that I would normally not even give a second thought to. Here are examples of some tweets I’ve sent about things I’ve noticed that I would have normally ignored or forgotten about:

http://twitpic.com/rcli – Guy in New York with a cat on his head. Apparently this is normal. [http://twitter.com/zappos/status/1046534414]

http://twitpic.com/13fn1 – It’s so cold that the NY street food vendors’ tomatoes & lettuce are frozen [http://twitter.com/zappos/status/1124243255]

At Vegas airport. While in bathroom, I had an AMAZING revelation: Toilet seat covers are shaped exactly the same as life vests! [http://twitter.com/zappos/status/1109483429]

Enjoying just hanging out at home for my birthday. Looking at the full moon which is closest to earth today, happens once every 15 years. [http://twitter.com/zappos/status/1054918866]

So now, anytime I notice something that would normally be inconsequential, the very act of tweeting forces me to spend some time appreciating what would have otherwise been ignored or forgotten. And because of that, I’ve learned that every day, there are many, many opportunities to notice and appreciate the little things in life.


So for all of the reasons I’ve outlined above — Transparency & Values, Reframing Reality, Helping Others, and Gratitude — I’d like to say thank you to Twitter for helping me grow as a person.

Tony Hsieh – CEO, Zappos.com


SOME QUESTIONS FOR YOU

Some questions for you to consider thinking about: What are your personal values? What do you want your personal brand and values to be? How can you use Twitter as a tool to help you grow as a person and be happier? If you’ve ever vented on Twitter, do you think you would be happier if you thought of Twitter as a tool for you to reframe your perspective? I’d love to hear people’s thoughts and comments below!

Another week down the tubes

Friday night, 9:50, I’m still trying to wrap up a work project. However, I’m so disgusted with it (and the person I’m working with, damn her to hell) that I’m going to give up and tear her a new arsehole on Monday. Long distance, so I won’t choke her and go to jail.

Gawd, I only had one nerve left today and between her and my complete retard of a German shepherd, that nerve has been thoroughly stomped. I can’t really go into it without sounding like more of an asshole than I already am, but FUCK, I expect people to be able to do their jobs after 10 years.
Gah. And the dog didn’t actually do anything, he’s just annoying. And stupid. The other two are angels by comparison.

To illustrate — Goober ate a bee on Sunday. He eats flies regularly, and he decided to try a bee. It immediately stung him on the tongue. He shook his head a bunch, spat it out, stared at it for one second, and snapped it back up and ate it. I was hoping his tongue would swell up and choke him but no such luck. I suppose it’s the Claritan we give him every night for his allergies.

How can one dog be so smart and the other such a peabrain? It’s like two completely different species. Sissy knows the names of the different rooms in the house and will go to the right one if you tell her you’re going there next. Goober knows two words: outside, and cookie. And the shake of the Claritan bottle, because it means a cookie is coming next.

Keerist, I just slopped wine down my bra. Where’s Bob when I need him? Hmm. I just had a good idea for releasing my frustration.
More later.

Useful technology

Adapting Websites to Users
Technology Review (06/09/08) Naone, Erica

Researchers at the Massachusetts Institute of Technology’s Sloan School of Management are working to enable Web sites to automatically adapt to each visitor so the sites present information in a way that each user wants to see it. Although some Web sites already offer personalized features, they primarily use information taken from a user’s profile, stored cookies, or lengthy questionnaires. The Sloan system adapts to unknown users within the first few clicks on a Web site by analyzing each user’s choices.

Sloan professor John Hauser says a Web site running the system would detect a user’s cognitive style, watching for traits such as whether or not they are detail oriented, and would adjust accordingly. Every time the system learned something new about the user the Web site would make a subtle change until the Web site suddenly feels more natural, comfortable, and easy to navigate. Hauser says users should not even realize the Web site is being personalized.

A prototype developed for British Telecom’s Web site is designed so that the first few clicks visitors make are likely to reveal aspects of their cognitive style. For example, the first page users see asks them to choose to compare plans using a chart or to interact with a broadband advisor. Within about 10 clicks, the system understands the user’s cognitive style and morphs the Web site. In addition to guessing each user’s cognitive style, the system can track which versions of the Web site are most effective for each cognitive style.

Work thing

Two of my cohorts and I watched a webinar today. We projected it so we could all see.

It was a geek trying to introduce some new software for people who belong to his organization to use to update their information. My opinion: Geeks do better under the covers/hood, sales people do better giving the presentations. Now and again there are people who can do both, but they are few and far between.

Kyle is not one who can do both. I’m not knocking him, I’ve known him for years and he’s Smart. But … he’s a geek.

He was using GoToWebinar, which is a lovely inexpensive piece of software for doing online webinars. Generally, it’s set up so only the organizer and the panelists can speak in the conference call. The rest of the audience is always muted. This works better than you might think.

There’s a chat box that each participant can see on their screen, and Kyle can see them all. During the presentation we could type questions via the chat screen, and when he was done he would answer them.  I was elected the typist for our little group.

We alternately made fun of and felt sorry for Kyle during the presentation and then more so during the Q and A. A lot of the questions were from non-geeks and were programmatical in nature – not his thing and he kept apologizing for not knowing the answers. I threw in a few geeky questions he could answer and some he couldn’t.

We were still mostly engaged, and he kept trying to wrap it up after a half hour with, “Are there any more questions? Oh, looks like there’s one more,” and he’d try and answer it. After maybe 6 or 7 times doing this routine, he asked one more time in a plaintive voice, “Are there any more questions?”

The woman sitting beside me leaned over and made typing motions to me. She growled, “Yeah, what are you wearing?”

—————-

Hah hah. Long ways to go for that one line. Maybe you had to be there. 🙂