FBI accuses Twitter user of massacre threats
An Oklahoma City man who allegedly threatened on Twitter to turn a tax protest into a massacre has been arrested on suspicion of making interstate threats in what is believed to be the first federal prosecution based on posts made to the micro-blogging site.
The FBI arrested Daniel Knight Hayden, 52, after agents identified him as Twitter user CitizenQuasar. Using the micro-blogging site, Hayden allegedly threatened to start a “war” against the government at the Oklahoma City Capitol where a “Tea Party” tax protest was planned.
“START THE KILLING NOW! I am willing to be the FIRST DEATH!,” read a message posted at 8:01 p.m. on April 11, which was followed by, “After I am killed on the Capitol Steps, like a REAL man, the rest of you will REMEMBER ME!!!” Another post said: “I really don’ give a (expletive) anymore. Send the cops around. I will cut their heads off the heads and throw the(m) on the State Capitol steps.”
Hayden directed many of his tweets toward another Oklahoma City man he erroneously thought was an organizer of the protest. Wired tracked down Earl Shaffer, a 68-year-old retiree who Hayden allegedly tweeted about, including posts with his phone number.
“He seemed to know stuff about me, but I don’t know how or why,” Shaffer told Wired. “He called me a few days before that tea party and let me know somehow he got my name as one of the organizers. I don’t have the energy.”
Shaffer told ZDNet Asia’s sister site CNET News.com that he has never met Hayden and is unnerved by the situation.
“I have no idea who this guy is,” Shaffer said. “It is very much a concern that he mentions my being killed.”
One of the last messages posted to the site on April 15 says CitizenQuasar is “Locked AND loaded for the Oklahoma State Capitol. Let’s see what happens.”
Hayden was arraigned on April 16 and released to an Oklahoma City halfway house, according to various media reports.
The U.S. intelligence community has expressed concern that terrorists might use Twitter to coordinate attacks. A draft Army intelligence report prepared by the 304th Military Intelligence Battalion and posted to the Federation of American Scientists Web site examined the possible ways terrorists could use mobile and Web technologies such as the Global Positioning System, digital maps, and Twitter mashups to plan and execute terrorist attacks.
This article was first published as a blog post on CNET News.
Social Network maybe Compromised with Namechk.com around
A new Web 2.0 name “NameChk“ can be a tool for hackers. What this does is it search for every social network for the particular USERNAME that you’re looking for and in real life people do not create a unique password for every social network account.
Most would stick with one password for all Social Network accounts.
Here is a detailed video which i explain of what it does
Top 13 Twitter Don’ts
The number of new Twitter users has soared over the past few months, as the microblogging service has taken the media by storm. If you’re one of those new users, you may be baffled by Twitter’s peculiar culture, or nervous that you’ll commit some kind of microblogging faux pas.
Don’t worry, we’re here to help. While there aren’t specific rules for how to use Twitter, avoiding these 13 Don’ts will help you fit right in—and may even gain you some adoring new followers.1. Don’t live-tweet TV shows. @CorinneIOZO warns that lots of people use DVRs or watch shows on Hulu these days, so spoiling big moments (“OMG, the smoke monster was actually from outer space! No way!”) is a major no-no. As an alternative, tweet an inside joke that the show’s viewers will get, but that doesn’t give away any important details.
2. Don’t say anything that could get you fired or prevent you from getting a job. @JoelSD points out that if your tweets are public, they really are open to everyone, as has been demonstrated time and time again.
3. Don’t be boring. A simple rule that @kmonson follows is “Never tweet about food or the weather.” If your friends see one more “Good morning Twitterverse!” or “I had some awesome corn flakes for breakfast,” you’re getting un-followed.
4. Don’t forget the Twitter lingo: RT is retweet, and @name is how you respond or give props to someone. Feel free to be generous with both your RTs and your @s.
5. Don’t tweet more than ten times a day, or more than five times an hour, says @JasonCross00. It gets annoying and takes space and attention away from other Twitterers’ links and observations. If you have that much to say, maybe it belongs on a blog.
6. Don’t reply to every single tweet. As @seanludwig points out, it gets old fast.
7. Don’t tweet drunk, cautions @whitneyarner. Just like in real life, your followers might get a kick out of your drunk tweets, but you’ll probably regret them in the morning.
8. Don’t tell us about something cool or life-changing without a link or picture (use a service like TwitPic for your photos, and a URL shortener like TinyURL or is.gd for your links).
9. Don’t retweet something and leave off the original Twitter poster. Always give credit to those who wrote it first.
10. Don’t ignore people who send you a direct message or a reply, says @LanceUlanoff. Part of the Twitter experience involves conversing with your followers when possible.
11. Don’t #hashtag every topic. After a while, your topics will be ignored.
12. Don’t whine about people not following you, pleads @SaschaSegan. If you’re good at providing interesting stuff and you’re patient, you’ll get the followers you crave so badly.
13. Don’t tweet your bathroom habits. Seriously. Just don’t do it.
Many still vulnerable to Conficker
Sophos has sent an alert saying many users still have yet to patch their PCs against the exploit that makes them vulnerable to the Conficker worm.
Sophos’ senior technology consultant Graham Cluley, said in a blog post Thursday, the antivirus company found 11 percent of users who had taken an endpoint assessment test at its Web site did not have the Microsoft OS08-067 patch installed.
The patch, available since October last year, fixes a vulnerability which allows the Conficker worm to infect PCs.
The Conficker saga has been broiling for the last month or so, where it received a swarm of media attention leading up to Apr. 1–when it was expected to detonate. Its real effects were seen about a week later, when it started dropping a mystery payload on infected computers.
Microsoft has also put up a US$250,000 reward for information leading to the arrest and conviction of the criminals behind the worm.
Cluley said in his blog post the 11 percent of infected PCs is “pretty depressing news”, given the press coverage the worm has received.
“It appears that the percentage of computers not patched against the exploit is holding steady,” he added.
The goal of Conficker’s creators remains unclear. While researchers have said the worm’s payload dumping activity indicates a profit motive, such as stealing passwords or spam-generation, Conficker has yet to fully reveal its intended function.
There are a number of tests and checks online, including an eye chart from the endpoint assessment test for the Microsoft patch.
Sophos is offering a tool to remove the Conficker worm from infected PCs, as well.
Twitter spoofing: The next logical exploit
First it was spoofing e-mail, then IM, and now spoofing Twitter is the new means of exploit. How attractive really is the ROI for attackers?
I just completed an article titled “URL shortening: Yet another security risk“, in which I discussed URL shortening and how phishers/attackers subverted it to drive unsuspecting users to malicious Web sites.
After reading the many comments, I was happy to note that in general users are getting savvier about misdirection exploits.
This appears to apply to Twitter as well, even though messages or tweets, with shortened links make it more vulnerable.
Fortunately, Twitter has an additional advantage in that we the users get to pick who can send us tweets. This capability significantly reduces the risk simply because you know who’s sending you the message.
Well, maybe not
I’ve just finished reading an article by Washington Post’s Brian Krebs titled “Twitter security hole left accounts open to hijack“. It seems that it’s not that difficult to spoof Twitter messages.
Krebs quoted Lance James a security researcher and author of “Phishing exposed“:
“Anyone could authenticate and hijack a Twitter account by using SMS spoofing services, such as my-cool-sms.com, or phonytext.com. These Web sites allow users to mask what phone number they are texting from by letting the user input whatever phone number they want to appear in the from field.”
Oh great, this totally negates the one advantage that Twitter had over IM and e-mail. It’s not hard to see that phishers/attackers would want to leverage SMS spoofing along with URL shortening to redirect victims to malicious Web sites.
Help from the cellular network operators
One good thing that Krebs alluded to was the fact that SMS spoofing may only work if the attacker is located outside of the United States:
“Twitter co-founder Biz Stone wrote in an e-mail.[Mobile] carriers in the U.S. have their own systems for blocking SMS spoofing. Indeed, most U.S.-based mobile carriers have put in place measures to block SMS spoofing on their networks. But this is generally not the case for international mobile networks.”
It appears that United States is one of the few countries forcing cellular carriers to clamp down on SMS spoofing. That’s great, but spoofing Twitter messages is still possible just about everywhere else. I’ll give you two guesses where most phishing and malware exploits originate, and the first one doesn’t count.
Proof of concept
H Security (a German security company) verified that SMS spoofing works in an article titled “Twitter spoofing fix fails in UK and Germany“. The article provides the following details of the process:
“In the UK, we had a mobile phone associated with a Twitter account. By taking only the number of the mobile phone and setting it as the sender field on PhonyText then sending an SMS to +447624801423, the UK number for sending SMS tweets, we were able to see our message appear in the tweets on the honline page.”
The article goes on to explain what this potentially means:
We then promptly removed the association between the phone and the Twitter account. An attacker could have created a message directing followers to malware sites, to other risky locations on the web, or posted tweets designed to ruin the reputation of the account owner.”
What this means
First, the ability to spoof a Twitter message enhances all the normal misdirection schemes that are already in play. The fact that shortened URLs are common place in Twitter messages makes it even easier to pull the scheme off.
The damages from the SMS spoofing and URL shortening exploit can be as simple as malware being loaded on victims’ computers to as complex as stealing sensitive financial information from the victims. Also a cruel joke could be played on Twitter accounts that don’t have unlimited texting. It would be easy to run up some monster phone bills as noted in the Twitter support section:
“Twitter charges you nothing, but how much it costs to use Twitter with text messaging depends on your text messaging plan. Standard text messaging rates (such as international text messaging fees) do apply. Consult your service provider to ensure that your text plan covers your Twitter usage.If you’re using our international number, give your provider the Twitter phone number you’ll be using to see if you’ll incur extra charges. If you’re using Twitter from outside of the US, please consult your carrier, as every provider has a different policy.”
Final thoughts
Following spoofing’s logical progression was easy for the phishers and malware creators of the world. Yet, from the comments I’ve read, it seems like it’s getting harder for them to find chinks in the armor. That’s good and should be heartening to all of the people who are trying to keep the Internet the amazing place it is.
Still, there needs to be awareness and vigilance as long as the possibility of a ROI is perceived by the dark side.
Eight ways IT consultants can succeed in a turbulent economy
Committing to client satisfaction, marketing creatively, and guarding expenses are among the best methods any IT consultant can employ to succeed. Find out what else Shaun Stanislaus recommends you should do — as well as what not to do — to succeed in this economic climate.
——————————————————————————————–
While growth opportunities exist for independent consultants, recessionary environments require that IT professionals carefully plan investments, resources, and initiatives. Intuit’s financial software application sales, for example, are performing well despite the economic downturn. But it doesn’t necessarily make sense for an IT consultancy to dedicate its entire focus to becoming a QuickBooks shop just because that segment is showing some life. Instead, it may make more sense to add those skills as an additional, complementary competency. Nor should IT consultants make rash decisions concerning other aspects of their business.
Here are actions IT consultants can implement to survive downturns and better manage financial storms.
#1: Focus on the client
When the economy sours, client satisfaction becomes paramount. Forging long-term relationships with clients, in which their specific needs and objectives come first, will help you stand a much better chance of prospering.
Even when PC and server shipments drop, businesses and charities still upgrade and replace older equipment and add new systems and software. By earning clients’ trust, you become a business partner during good times and bad.
When listening to clients’ needs, truly listen. If a client suggests he needs to update a CRM platform, refine a database, or smooth e-mail communications, don’t interpret that as the client saying he needs three new 64-bit servers loaded with quad-core CPUs to power the corresponding back end. Instead, the client is saying he has a problem that needs fixing. Remember that it may be possible to leverage existing equipment and systems, tweak network or firewall settings, or maybe just upgrade software applications, as opposed to replacing the entire infrastructure.
#2: Market your business at all times
People can’t hire you if they don’t know what you do. While it sounds simple, it’s amazing how often businesses miss opportunities to promote themselves.
For example, do you ever use a restaurant’s pen to sign the credit card receipt for dinner? Why do the pens waiters and waitresses hand you so often promote an insurance office or bank instead of their own establishment?
To brand yourself, always carry business cards and put professional logos on your vehicles. Visit local EmbroidMe and SIGNARAMA franchises for help promoting your business, whether you need signs, decals, briefcases and attaches, clothing, or more.
#3: Treat yourself as a client
Ask yourself what advice you’d give your organization if you were hired to help solve its problems. Really… you should try it.
Would you recommend continuing to run Exchange, SQL Server, your test software environments, Remote Web Workplace, Outlook Web Access, file and print services, your company’s Web site, your organization’s SharePoint site, and Intranet, fax services, and more on your aging Pentium-powered server with 1 GB RAM? Or would you tell the client there’s nothing you can do to help until they upgrade their dangerously obsolete equipment?
#4: Leverage your investments
Be reasonable with expenses and ensure any investment has a direct tie to fueling existing business, generating new revenue, or reducing operating costs.
If you don’t know the exact return a significant new hardware, software, or systems investment will provide, sit down with trusted employees and/or advisors to review the expense. The toughest recession since the 1930s is no time to overextend the company’s finances, but it’s also no reason to forego carefully considered investments that can better position your organization for growth and success.
#5: Maintain your skills
Sure, maintaining your skills is easier said than done, but it’s critical to your success.
New technologies — including new Linux distributions and Microsoft server and desktop operating system platforms — will prove critical to the success of your consulting and contracting organization. Many clients will request information on such new releases, and these new systems could be the best fit for solving a variety of clients’ issues. Thus, it’s essential that you become familiar with the features and capabilities of new technologies. It’s also important that you learn the limitations, bugs, and workarounds inherent in all new systems.
There are a variety of sources to help maintain your knowledge, but you should start by researching vendor options.
Microsoft offers partners the Microsoft Action Pack Subscription (MAPS) program, which provides registered partners with internal-use, full-version software. Consultants can load new operating systems and applications on test machines to obtain first-hand experience installing, configuring, and troubleshooting important new products. In addition, Microsoft includes sales and marketing materials and tools in MAPS.
Training providers can prove helpful, too. If your personality is better matched to learning new material in a structured classroom environment, check out technology training classes in your area. You’re likely to find local colleges, technical schools, and other training providers who offer targeted instruction. New Horizons and ITT Technical Institute are two options.
Computer-based training is another option. Several respected companies, including CBT Nuggets, PrepLogic, and SkillSoft, offer products to help you train at your own pace.
#6: Keep your regular rates
Deflation is more often associated with an economic depression, as opposed to a recession. IT consultants have very real costs associated with their businesses (computers, fleet leases, Internet connectivity, mobile phones, accounting services, electricity, office rent, etc.). Don’t panic and lower rates. If your organization doesn’t cover its costs of conducting business, it cannot survive tough economies. Committing to client satisfaction, marketing creatively, and guarding expenses are among the best methods any organization can employ to succeed.
#7: Strengthen vendor relationships
You shouldn’t underestimate the importance of strong vendor relationships, particularly those providing general IT support and services. Consultants receive a serious competitive advantage when they can customize systems, fulfill orders quickly, and receive attractive pricing or discounted support services.
Vendors are much more likely to negotiate discounts and package deals during periods of recession, too. Strong long-term vendor relationships are just as important as long-term client relationships. Without flexible vendor relationships (which are built over time), you’ll find options for assisting their clients limited.
That’s not to say you should just start taking vendors to lunch. Instead, you should take time to contact sales representatives and vendor account executives to learn what’s new in the pipeline, what promotions and pricing strategies are becoming more important for the vendor, and what trends the vendor is noticing and/or tracking. By knowing a vendor’s needs and by becoming more familiar with important vendors’ products, services, and challenges, you can learn how a vendor’s products or services (and any unique benefits and advantages) might best address and solve clients’ needs.
#8: Choose niches carefully
IT consultants often target a specific niche, such as physicians’ offices, manufacturing firms, or energy companies. Software developers may not have a choice; the platform they develop may be so specialized that’s their only real outlet.
But if you have a choice, you should consider expanding your market focus to include multiple vertical industries. By targeting clients across a variety of industries, you can better insulate yourselffrom the effects of economic recession. Many Windows consultants, for example, are finding their services remain in demand. That’s a common factor, after all; dentists, physicians, manufacturing firms, and restaurants all are among those segments largely using Windows.
While not all consultants can target multiple industries, those who can should — now more so than ever.
Business Productivity
Business Productivity
Handshake is the place to meet your next friend, programmer, project manager, accountant, interface designer and more. By adding someone as a contact here, you can collaborate online in 8apps. Handshake is social networking with purpose.
BlueTie.com is a free Web-based email, calendaring, and file sharing for new and growing businesses. Each account includes up to 20 users with domain name support.
Business IT Online offers free online small business software applications that take away the need for a costly networked IT solution. It provides the host, maintain it, upgrade it, secure it and back it up so all you need to do is use it. Among the applications are the following:
- Calendar Online – an integrated online scheduling application to help you manage your personal activities and track team and resource availability.
- Cash Flow management software enables you to stay on top of your finances and avoid the number one reason why small businesses go out of business.
- Contacts Online keeps a secure and easily accessible central database of business contacts for your team. Business IT Online’s unique contact filter allows you to store contacts as individuals or companies and find the contact details you need, much faster.
- Documents Online If you want to work from home as well as the office, it might seem like a distant dream to be able to access all of your important files from multiple locations. Business IT Online is your solution.
- Marketing Online is a free online business profile (a ‘BIO’) to promote your products and services and win new business.
Central Desktop is a full work suite for project teams including spreadsheets, file sharing, calendar and more. It was created for business teams, not the IT department. That is why no technical knowledge or programming experience is required.
Colligo software enables mobile teams equipped with wireless capable laptops to instantly and securely network together no matter where they are working – at the client site or on the road. Once connected, they can share files, share an Internet connection, share a printer, collaborate on a document, chat, compare calendars and much more.
Concept Share allows you to easily share designs inside Workspaces that contain designs related to a certain topic or project. It’s easy to invite people into a workspace. Invite team members, managers, clients, and consultants to add and reply to comments, chat and markup designs. People do not have to be in the workspace at the same time to contribute. Workspace members can log-in anytime to any workspace they are member. If members do happen to be in the workspace at the same time they can collaborate with real-time chat and real-time comment updates and concept updates.
Confluence is an enterprise wiki that makes it easy for your team to collaborate and share knowledge. Adding, sharing and finding content has never been easier. These benefits come with all the additional features needed to make it a part of your business: enterprise security, simple installation and management, user-friendly WYSIWYG interface, powerful tools for structuring and searching your wiki, professional features such as PDF export and automated refactoring, and more.
Contact Office allows to easily manage your data (emails, contacts, meetings, documents, tasks, …) in your virtual office from any computer with a Web browser and an Internet connection. Share your data and access shared data efficiently in the context of work or leisure groups. Your data are safe and available anytime on the Web, on a PDA (online or offline) or on a WAP capable cell phone.
Copper is a web-based project management and collaboration tool used by teams to share and manage clients, projects, tasks, files, contacts and events quickly and easily.
Used by leading organizations like Apple, Cisco, Praystation, and Ogilvy One, yet affordable for all business sizes, discover how Copper can help your business by signing up for your free trial.
CrossLoop is a free secure screen sharing utility designed for people of all technical skill levels. CrossLoop extends the boundaries of VNC’s traditional screen sharing by enabling non-technical users to get connected from anywhere on the Internet in seconds without changing any firewall or router settings. It only takes a few minutes to setup and no signup is required.
Eloops software includes project management, calendar, data backup, and social networking software.
Foldera is a free and intuitive filing system of web-based folders that automatically organizes your work WHILE you work. Whether you work alone or in a workgroup environment, Foldera is super easy to use and makes working with multiple files and people seem practically effortless.
Google Docs & Spreadsheets is a free web-based word processing and spreadsheet program that keeps documents current and lets the people you choose update files from their own computers. You can, for example, coordinate your student group’s homework assignments, access your family to-do list from work or home, or collaborate with remote colleagues on a new business plan. Google Docs & Spreadsheets allows you to import your existing documents and spreadsheets, or to create new ones from scratch. You can edit your documents from anywhere. Google Docs & Spreadsheets accepts most popular file formats, including DOC, XLS, ODT, ODS, RTF, CSV, etc. Besides, you can publish your documents and spreadsheets online with one click, as normal-looking web pages, without having to learn anything new.
Huddle is a network of secure online spaces that combine powerful document, project and team tools with the simplicity of social networking site. It is ideal for brands, advertising, marketing, PR, design, legal and accountancy companies as well as freelancers and consultants. Use huddle to manage multiple projects from one interface, securely share and approve documents, deliver superior client service and add value to your existing relationships.
Joyent is run by, and for, people who love publishing on the Web. Design, develop and deploy applications using our collaboration software, data backup services and on-demand computing solutions. The ease with which Joyent solutions scale to meet increased demand allows startups and developers to focus on growing their business – instead of watching over their servers.
LongJump is a dynamic business applications that manage and coordinate teams and information. The LongJump Catalog provides affordable, web-based applications you can subscribe to that power your business. It makes it easy to centralize your business data to share with your team, while also automating common business processes. Customize or create your own applications that address your unique business needs without writing a single line of code.
Mindquarry is an Open Source collaborative software platform for file sharing (documents, images, media files, etc.), task and project management, team collaboration and Wiki editing that meshes simplicity and functionality. As a result, knowledge workers are able to connect with team members and share information from wherever they are, effectively improving team-work and increasing productivity within the company.
Near-Time integrates wikis, weblogs, and file-sharing to deliver the fastest ROI for your collaboration investments.
Nexo is a free service that allows groups to collaborate online. Groups can share interactive calendars, pictures, videos, tasks, polls, comments, blogs, files and much more.
Octopz contains a full range of powerful features to enhance effective online collaboration including: one-click participation (recipients of an email invitation simply click on a link to join the virtual Meeting Room), on-screen annotation, support for digital Media/Content,
Text Messaging/VoIP/Webcams, archiving, administrative tools, and more.
OpenTeams.com is web-hosted collaborative software to foster a more innovative culture. In addition to project collaboration, blogging, social networking, community building, and knowledge management, OpenTeams is an innovative initiative development solution where employees collaboratively seed and mature new ideas for additional revenue, productivity, and cost-savings.
QuickBase.com is flexible online working application. With QuickBase from Intuit, your team finally has an easy way to organize, track and share information – all from a single web site. Watch productivity soar with QuickBase’s customizable online workgroup applications.
PlanHQ.com is an online business planning tool that takes your plan away from being a static document and turns it into a dynamic and up-to-date overview of where you’ve been, where you are and where you’re going. With PlanHQ, your business plan changes as your business changes, not just once or twice a year. Your whole team is actively involved in creating your plan and can align and prioritize all their work against goals. This means that everyone is always working to plan and ensures you achieve your goals.
ProjectSpaces is a simple, secure and powerful web-based workspace to help your project teams, workgroups, committees, partners, and others quickly and easily connect, share and collaborate. ProjectSpaces is easy to use and can be set up in just a few minutes. It was created for the average computer user – not techno geeks. You can share documents with project team members regardless of geographic constraints. At one glance, view and access your most recent tasks, announcements, events and discussions on your project homepage. Participants have the ability to directly update status of their tasks and other information.
Solodox allows to create a document right in your browser. Edit on any machine you can find anywhere. You can create a project for your group. Invite members to read or edit the project.
Share your document with your friends. Do a simultaneous editing with your friends.
Download documents as HTML/RTF/Word/Text file to the machine of yourself. Solodox supports English, Japanese and Chinese.
TeamWorkLive is an intuitive, secure, web-based project management and collaboration tool. It helps you run your projects more efficiently, promotes collaboration and accountability among team members, and makes your clients happier through increased transparency. TeamWork Live is hosted so there is no software to install or support. All you need to get started is a web browser and an Internet connection.
TheOpenDoc is a free collaborative application, that enables teams to work efficiently together over the Internet. Through workspaces you can easily create and share with friends, business partners and colleagues.
Thinkature is a real-time collaboration application for the web. Use it to record ideas on cards, show relations with connectors, draw diagrams to express complex ideas, add images from the web or from your own hard drive. You can separate ideas by color and more.
Tracbac is a visual collaboration platform for designers and clients to interact over a modern browser. It succeeds in narrowing the gap between designers & clients by providing a rugged and easy to use collaboration platform. TracBac is web based and does not require installation of any software. A regular PC or Mac with a browser and an Internet connection is all it needs to get going.
Uhroo is the fastest and easiest way for teams to connect, share, collaborate, and stay on the same page. Uhuroo provides everything a team needs to share information, manage collaborations, and ensure that all their information and conversations remain secure and available.
Vyew is a free online meeting service that brings people and content together. Use Vyew to host live conferences or collaborate over time. Vyew is safe, reliable, and you don’t need to configure anything. All you need is a web browser (IE 6+, Firefox, or Safari).
WebOffice makes working together easier. You can share documents, calendars, information, and conduct live meetings from the office or the road. WebOffice brings together powerful, professional web-based business applications specifically designed to make collaboration easy and cost-effective. Everything you need to manage your business on the web is together in an integrated, centralized place.
Wrike a leader in on-demand Online Project Management. Wrike helps to save time for marketing agencies, software development teams, event organizers, publishers, financial services firms, process engineering companies and many others. Wrike is a Web application, so you do not need to download or install anything. Our patent-pending technology works with your e-mail client. So you can keep track of tasks with e-mail. Wrike can help you to turn e-mail overload into nice-looking project plans.
Writewith is a web-based software application designed for anyone who needs to work on a document with anyone else. Writewith.com can be used for office memos, group projects, news stories or even drafting a letter with a friend.
Yugma is a free web collaboration service that enables people to instantly connect over the Internet to communicate and share content and ideas using any application or software. Whether you are using Windows, Mac or Linux computer, you can connect on-demand and real-time with co-workers, clients, friends and family — regardless of whether they are across the city, nation or even the globe.
Zimbra is open source server and client software for messaging and collaboration – email, group calendaring, contacts, and web document management and authoring. The Zimbra server is available for Linux, Mac OS X, appliances, and virtualization platforms. The Zimbra Web 2.0 Ajax client runs on Firefox, Safari, and IE, and features easy integration / mash-ups of web portals, business applications, and VoIP using web services.
Zoho – offers a word processor with collaboration features, spreadsheet, presentation tool to create, edit, publish, and show presentations, wiki writer, notebook, project management, CRM solution, database creator, calendar, web conferencing, email and chat and more.
Creative Collaboration
Kalabo.net is an online service that allows musicians of all skill levels to collaboratively mix and modify each others original work. Download original free tunes from around the world. Mix the tunes or record your own tracks over them. Share the tunes with others to mix themselves
Glypho.com is a site dedicated to group writing of fiction.
Novlet.com is a web application designed to support collaborative writing of non-linear stories in any language. With Novlet you will be able to read stories written by other users, create your own ones, and choose the plot you like most from several alternatives. Novlet stories are divided in passages, text sections usually made of a few paragraphs: users can continue stories or add alternative storylines by creating their passages after existing ones. The only limit is your fantasy.
WebBrush it is on-line multi-user web application for creating and discussing some charts, diagrams, schemes, sketchs; discussing some ideas, projects, plans, tasks; sharing your photos, some graphical materials.
WriteMaps.com is a free web-based tool that allows you to create, edit, and share site maps online. As a WriteMaps user, you and your team will be able to build and access your site maps from anywhere, without having to rely on proprietary desktop apps and static files. To get started, take the tour or sign-up for an account!
Family and Social Collaboration
Cozi Central helps busy families manage schedules, appointments, shopping and communications from wherever you are — the kitchen, car, office or even the grocery store. Cozi Central is available as a software download and in a Web version.
Famundo for Families is your family hub, making your family’s schedule manageable and giving you control over your daily life. It offers Family Calendar, Address Book, Message Board and Family Library.
Grouptivity is a web service platform that replaces “email a friend”. Grouptivity provides web publishers visibility over the distributed web content, and monetization opportunities.
It provides a significantly better experience for your web visitors to share and discuss web content.
LooseStitch lets you create and share outliner documents, brainstorm ideas, jot them down, call friends over, get feedback, and many more.
Mecanbe lets you create, customize and share Goal-Lists to help advance in any area of life. You can rate your goal performance periodically and view charts of your ongoing progress.
Share strategies for success and help empower the rest of the world.
Stixy is an online bulletin board. You can create as many Stixyboards as you like, one for each project. UseStixy to easily organize and share: your family’s schedule, projects at work, an upcoming holiday, your photos, or share a file or two with a friend.
Wamily is a social collaboration application. You can use it for your group, team, family or club organization.
Mindmapping
Bubbl.us is a simple and free web application that lets you brainstorm online. With bubbl.us you can create colorful mind maps online, share and work with friends, embed your mind map in your blog or website, email and print your mind map, save your mind map as an image .
Comapping is a tool for the globalized world where complex problems must be solved quickly and intelligently. This often implies that a team must collaborate to achieve the solution. Comapping unleashes the potential of such collaborations – even if the collaborators are separated by geographical and/or time-zones. It allows you to easily keep track of who should do what and when. It is straight-forward to agree on tasks while collaborating on how a specific challenge should be met.
Gliffy is free, easy and fun. It offers diagramming in your web browser without downloading additional software. You can add collaborators to your work and watch it grow. Link to published Gliffy drawings from your blog or wiki. Create many types of diagrams such as Flowcharts, UI wireframes, Floor plans, Network diagrams, UML diagrams, or any other simple drawing or diagram.
Kayuda provides many things to many people. Authors use it to create stories. Gamers use it to create campaigns. Businesses use it to collaborate on projects. Individuals use it to brainstorm ideas.
Mind42 is a browser based online mind mapping application. With mind42.com installing mindmapping tools is no longer needed- for a hassle-free mindmapping experience. Just open the browser and launch the application when needed. It allows to keep track of all your ideas, whether alone, with colleagues and friends or working together with the whole world.
Mindomo is a versatile Web-based mind mapping tool, delivering the capabilities of desktop mind mapping software in a Web browser – with no complex software to install or maintain.
Create, edit mind maps, and share them with your colleagues or your friends.
Mindmeister allows to create, manage and share mind maps online and access them anytime, from anywhere. In brainstorming mode, fellow MindMeisters from around the world (or just in different rooms) can simultaneously work on the same mind map – and see each other’s changes as they happen. Using integrated Skype calls, they can throw around new ideas and put them down on “paper” at the same time.
Conficker’s autorun and social engineering guide
We wrote several diaries about Conficker (or Downadup, depending on the AV tool you are using). F-Secure posted some interesting information about the number of infections which is almost certainly in millions (and who knows how many machines will stay infected as the owners will not even notice anything).
One of the reasons for infecting so many machines is that Conficker uses multiple infection vectors:
- It exploits the MS08-067 vulnerability,
- It brute forces Administrator passwords on local networks and spreads through ADMIN$ shares and finally
- It infects removable devices and network shares by creating a special autorun.inf file and dropping its own DLL on the device.
F-Secure also blogged about the autorun.inf file where they noticed that it contained a lot of garbage (about 60 kb of random binary data). This fooled some AV programs so they didn’t scan the device properly (otherwise, they would have picked up the referenced DLL also stored on the device).
After removing garbage, one can see a nice autorun.inf file containing all important keywords. This grabbed my attention:
[Autorun]
Action=Open folder to view files
Icon=%systemroot%\system32\shell32.dll,4
Shellexecute=.\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
So, as you can see, the first part, “Install or run program” is there because Vista detected an autorun.inf file containing the shellexecute keyword. However, the text comes from the Action keyword and the icon is extracted from shell32.dll (the 4th icon in the file) – and it’s the standard folder icon! This can easily fool a user in clicking this one and thinking it will open the USB stick in Windows Explorer instead of the second (the real one). The first option will run Conficker, of course. Very smart. For administrators among you, I would suggest that you disable AutoPlay in your environments, unless it’s really necessary. Depending on the environment you might even completely disable USB, if you don’t need it. The following article explain nicely how the AutoPlay feature works and how to disable it (http://technet.microsoft.com/en-us/magazine/2008.01.securitywatch.aspx). Or check this article on the Autorun registry key (http://support.microsoft.com/kb/953252). UPDATE – fixed a typo in the vulnerability, it is MS08-067 (not MS08-068) – Nick Brown sent a URL to his blog where he described another method for disabling Autorun by modifying the IniFileMapping registry key, see more at http://nick.brown.free.fr/blog/2007/10/memory-stick-worms.html
My Profile
My Twitter- An error has occurred; the feed is probably down. Try again later.
-
Archives
- September 2009 (2)
- August 2009 (4)
- July 2009 (1)
- May 2009 (1)
- April 2009 (9)
- March 2009 (3)
- January 2009 (1)
- December 2008 (3)
- November 2008 (5)
- October 2008 (8)
- August 2008 (1)
- July 2008 (1)
-
Categories
-
RSS
Entries RSS
Comments RSS
