Thursday, October 29, 2009
The malicious executable is linked to the Bredolab botnet, which has been linked to massive spam runs and identity-theft related attacks.
According to Websense, the address of the sender is spoofed to display “email@example.com,” a trick commonly used to trick targets into believing it’s a legitimate e-mail from the popular social network.
The messages contain a .zip file attachment with an .exe file that connects to two servers to download additional malicious files and joins the Bredolab botnet which means the attackers have full control of the PC, such as steal customer information, send spam emails. One of the servers is in the Netherlands and the other one in Kazakhstan.
Monday, October 26, 2009
Over the past two years, government officials and experts have seen an increasing number of children leave home for life on the streets, including many under 13. Foreclosures, layoffs, rising food and fuel prices and inadequate supplies of low-cost housing have stretched families to the extreme, and those pressures have trickled down to teenagers and preteens.Federal studies and experts in the field have estimated that at least 1.6 million juveniles run away or are thrown out of their homes annually. But most of those return home within a week, and the government does not conduct a comprehensive or current count.
Saturday, October 24, 2009
According to Paul Thurrott, who writes the Supersite for Windows blog, Microsoft's upgrade media and product keys can be used to do a full installation of Windows 7 on PCs that do not have an earlier version of the OS.
Microsoft's Windows 7 upgrades are designed to do "in-place" or "custom" installs on PCs running Windows XP, Windows Vista or one of the preview editions of Windows 7. But Thurrott said that a few simple steps lets users install upgrade editions, which are considerably cheaper than the full versions designed for fresh installations.
Windows 7 Home Premium, for example, costs $119.99 as an upgrade, but $199.99 for the full edition, a difference of $80. The full versions of Windows 7 Professional and Windows 7 Ultimate, however, cost $100 more than the corresponding upgrades.
Nearly three years ago, Thurrott showed users a similar trick with the then just-released Vista; that technique, however, required users to install Vista twice.
Today, Thurrott spelled out how to conduct a clean install using a Windows 7 upgrade license. The process requires users to install but not activate Windows 7 with the accompanying product key. After the installation is completed, users must make a minor change to the Windows registry, use the Windows "rearm" command, then reboot.
"When Windows 7 reboots, run the Activate Windows utility, type in your product key and activate Windows," Thurrott said. "Voila!"
The rearm command can also be used to run a copy of Windows 7 for up to 120 days without activation, a trick that Microsoft confirmed two months ago.
Microsoft allows users to install and run any version of Windows 7 for up to 30 days without requiring a product activation key, the 25-character alphanumeric string that proves the copy is legitimate. The rearm command can be used as many as three times at the end of each 30-day grace period to extend the activation-free ride for approximately four months.
Some users commenting on Thurrott's blog reported that they were able to do a clean install using a Windows 7 upgrade key without resorting to his registry hack and the rearm command. Thurrott, however, was skeptical.
Friday, October 23, 2009
Thursday, October 22, 2009
Dyslexia is not an optical illusion but it may be related. The way in which our eyes are deceived in this picture is similar to the way dyslexics see words on a page, they appear to move around.
Dyslexia is a real problem, especially in developing children and it becomes a severe handicap in young adults but there is a reason for it and there is help available.
There is a way of understanding what the child or adult is going through and how they are experiencing the world.
People who are dyslexic have a strong sense of visualisation, it is how they see the world and there is an excellent and succesful method of understanding their visions, engaging better control over their images and finally overcoming Dyslexia.
You cannot cure Dyslexia because it is not a disease. You cannot repair the faulty genes because it is not a genetic disorder. Dyslexia is a heightened sense of visualisation that should be a gift but it has become a burden because it is not understood, accepted or addressed, until now.
I have seen living proof that this approach works, in an amazingly short period of time. After years of failed attempts by the established methods, an 8 year old dyslexic boy was reading and spelling forwards and backwards in 2 different languages within 1 hour of meeting Olive Hickmott. He was not only won over to this way of learning but he was so motivated that his parents have trouble keeping him in books.
The key to it is knowing that Dyslexics are able to capture a word in a complete image not as a series of letters, which means that they do not care what language it is or in what order you want the letters, they can deliver it, easily and rapidly. Positive re-enforcement does the rest.
Once the Dyslexic overcomes the barriers that society have put in their way they become like sponges that can absorb and recall words, facts and data at a remarkable rate. The sooner they get the chance, the sooner they can get going. All you have to do is introduce them to this approach and to Olive Hickmott, they will do the rest.
Don't take my word for it. Ask Olive to put you in touch with other concerned parents who have endured hours of stress and worry trying to 'normalise' their child's life, people like yourself who have spent a fortune on gadgets and devices that don't help. Be prepared to be pleasantly surprised. Let them tell you about their experiences and then you can decide for yourself.
If you want to know more click on the picture or this link. You will be glad you did..........
Gartner: 'Worst year ever' for IT spending
Gartner says Silicon Valley no longer in the driver's seat
At the Gartner Symposium/ITExpo 2009 in Orlando, Fla., Peter Sondergaard, a senior vice president of research at Gartner, says 2009 was the worst spending cycle ever. He adds that Silicon Valley will no longer be in charge of the rebound and emerging regions will drive IT spending and how it's deployed.
Released Tuesday, Symantec's report on rogue security software noted that 250 rogue security programs launched some 43 million attempts to prompt user installation between July 2008 and June 2009.
Read also: Fake 'Conflicker.B Infection Alert' spam campaign drops scareware
Further analysis on the top 50 most reported scareware was carried out between July and August this year, during which Symantec found that 38 of the programs had been detected prior to Jul. 1, 2008.
"The continued prevalence of these programs emphasizes the ongoing threat they pose to potential victims, despite efforts to shut them down and raise public awareness," the security vendor said in the report.
The five most commonly reported rogue security applications during the study were SpywareGuard 2008, AntiVirus 2008, AntiVirus 2009, Spyware Secure and XP AntiVirus.
Whereas the theme remains the same, the botnet masters have slightly modified the message:
“Dear Microsoft Customer,The use of email as propagation vector for scareware campaigns (The ultimate guide to scareware protection), and in particular the use of email attachments is an uncommon practice, compared to the single most effective way of hijacking traffic through blackhat search engine optimization where the cybercriminals rely on real-time news events.
Starting 18/10/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected. To counteract further spread we advise removing the infection using an antispyware program. We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus.
Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt cooperation.
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division”
The campaign is an example of a — thankfully - badly executed one in the sense that with Microsoft’s Security Essentials recently gained momentum, even the average Internet user would notice the suspicious timing of the offered “antispyware program”.
Wednesday, October 21, 2009
The high-speed backbone of the internet is based on networks of glass optical fibres but this is too fragile and expensive to install in the small distances between local exchanges and the home – the last mile, where connections running over copper wires persist.
A cheaper alternative is to use plastic optical fibre (POF), but this has been unable to transmit data with the kind of speeds that would make it worth replacing copper. That may soon change.
In recent years, POF with a bandwidth of 1 gigabit per second over 100 metres has been demonstrated. Now Polycom, a European Union-funded collaboration between researchers across Europe, has shown how to squeeze more data into a POF, bringing it a step closer to the market.
Polycom has produced an all-optical switch within a POF that can turn an optical signal on and off on in a matter of femtoseconds. Using an array of these switches it is possible to introduce a technique called time division multiplexing, in which two or more data streams are divided into small chunks of short duration before the various segments are interleaved together and sent down the same fibre.
The new optical switch can be turned on and off so precisely that it could help separate out the time chunks belonging to a specific data stream, and recombine them.
The POFs used by the Polycom team are composed of a transparent plastic, PMMA, doped with around 0.02 per cent by weight of a polyfluorene. The fibres demonstrate good gain properties, which means a data signal passing through them can be amplified. That is necessary to maintain signal quality at optical-fibre splitters, where the signal is divided and sent along several fibres.
The report, by Human Rights Watch, asserted that the number of vanished Uighurs was likely higher, although the group could conclusively document only 43 cases during weeks of secret investigations in the Xinjiang region of China.
At least 197 people died and another 1,600 were injured during three days of protests and rioting by thousands of Uighurs in early July in Urumqi, the capital of Xinjiang. The riots, the worst ethnic violence in recent Chinese history, led police and security forces to round up hundreds of Uighurs, mostly men, in subsequent weeks.
State-run newspapers have reported that more than 200 persons were charged with crimes in connection with the protests, and 19 Uighur men were sentenced this month — 11 to death, 3 to life in prison — for their roles in the violence. In a separate trial, one man with an ethnic Han surname received a death sentence and another was given a prison term of 10 years.
The government has insisted that those accused of violence have been treated in accordance with Chinese law, which requires authorities to give detained suspects access to lawyers and to tell suspects’ families where they have been detained and why.
The Human Rights Watch report disputes that, stating that in most cases, “the men and boys detained in the course of these sweeps and raids have been missing since the security forces took them away.”
“Their families’ attempts to inquire about the relatives at local police stations or with other law-enforcement agencies proved futile,” the report stated. “The authorities either said they had no knowledge of the arrests, or claimed the inquiry was still ongoing without admitting the fact of detention, or simply chased the families away.”
The report called the 43 cases “enforced disappearances,” saying they “are serious violations of international human-rights law” as well as Chinese law.
A request for Chinese government comment on the report, sent by fax at the government’s request, was not immediately answered.
The 48-page report involved random interviews with “many dozens” of Uighur residents of Urumqi and at least two dozen Urumqi residents who were Han, the ethnic group that makes up 90 percent of China’s population. Most of the violence in the July riots was directed at the Han who have become the more prosperous majority in what was once a Uighur-dominated city.
The report states that while almost every Uighur interviewee claimed to know a friend, relative or acquaintance who had gone missing after being detained by security forces, only a few were willing to give detailed accounts of the disappearances for fear of punishment by authorities.
The unaccounted-for detainees, all males, were as young as 14, but most were in their twenties, the report stated. Many were said to have disappeared during large-scale roundups of Uighur men conducted by security forces in Urumqi neighborhoods in the days after the riots. But others were seized in what the report called “targeted raids” in ethnic Uighur parts of the capital.
Witnesses were sometimes uncertain who had detained the suspects, but other people interviewed for the report mentioned the Chinese military, the local police and the People’s Armed Police, a national paramilitary force that often responds to natural disasters and public disturbances.
The report cited witnesses’ accounts of the detentions of 11 Uighur men, none of whom has been seen since. In one case, witnesses were quoted as saying that some 150 police officers and soldiers sealed off a street in Saimachang, a predominantly Uighur neighborhood, on July 6, the day after the protests began.
“Women and elderly were told to stand aside, and all men, 12 to 45 years old, were all lined up against the wall,” one witness was quoted as saying. “Police and the military were examining the men to see if they had any bruises or wounds. They also asked where they had been on July 5 and 6. They beat the men randomly, even the older ones — our 70 year-old neighbor was punched and kicked several times.”
The witnesses said that 17 men were taken away, including the 25-year-old husband of one of the witnesses. “She has not heard anything about her husband’s fate since then,” the report stated.
A woman in a second Uighur neighborhood, Erdaoqiao, said that three men in civilian clothes came to her home July 28. Identifying themselves as police officers, they took away her 18-year-old son for questioning, saying he would be freed in a couple of days.
“It’s been more than three weeks and I have no idea where he is and whether he is still alive,” she said. “I went to the local police station twice — they did not say whether he was there or not, but said the inquiry was still ongoing.”
Another witness said the soldiers seized her 14-year-old brother, apparently injuring his leg, after he left his Erdaoqiao home to go to his father’s shop on the morning of August 7. Family members said they tracked the boy to a local hospital, where he was treated, but he was then placed in a truck and driven away.
The boy has not been seen since, the report said. Police officers in the neighborhood told the family that he is not on their list of detained people.
Human Rights Watch said the Chinese government has not responded to an August 24 request to give an account of the deaths, arrests and detentions stemming from the Urumqi riots. The group urged Navanethem Pillay, the United Nations high commissioner for human rights, to investigate the events in Xinjiang.
The group has posted its report on its Web site, which the Chinese government blocks its citizens from accessing.
Friday, October 16, 2009
Volume doesn't necessarily equal damage. 52% of malware lose it's power within 24 hours of being released into the wild (Cloud).
It's a surprising statistic that reflects the changing nature of malware. Many malware writers are using a malicious cloud computing model to capture valuable data. They're spreading worms and Trojans that either direct users to compromised or bogus Websites, or use a specific domain to send command and control instructions to their compromised clients.
McAfee recently reported, the volume of malware that's designed to monitor specific domains such as banks and gaming sites to stealthily steal access credentials increased more than 400 percent in 2008.
We already know that malware creators will not stick around, waiting to get caught. They're quickly moving or deactivating their controlling domains to avoid detection.
Also, carriers, hosting services and law enforcement are acting quickly to block or take down such malicious domains. The result is that those malware bots, dependent upon those malicious domains, are rendered inert within the first 24 hours. Therefore the impact power and surprise factor of malware, decreases over the next 72hours.
This is good news, right? Not always. It takes time for antivirus vendors and researchers to detect and create conventional signatures for new malware, somewhere in the order of 72 hours. This means most organisations are exposed to high infection rates and compromise, during the most dangerous time of malware infection.
The 24-hour window of vulnerability is an opportunity for solution providers to talk with customers about the benefits of adding synergistic security technologies that augment and complement traditional antivirus packages. Technologies such as data loss prevention, intrusion prevention, and Web and traffic monitoring and filtering can help detect and isolate malicious traffic and stop data loss.
The new spec, previously referred to by the codename 'Wi-Fi peer-to-peer' (does it count as a 'codename' if it is just called what it is in the simplest possible terms?), will be finalized soon and the Wi-Fi Alliance expects to begin certifying devices as Wi-Fi Direct compliant by mid-2010.
"Wi-Fi Direct represents a leap forward for our industry. Wi-Fi users worldwide will benefit from a single-technology solution to transfer content and share applications quickly and easily among devices, even when a Wi-Fi access point isn't available," said Wi-Fi Alliance executive director Edgar Figueroa. "The impact is that Wi-Fi will become even more pervasive and useful for consumers and across the enterprise."
In theory peer-to-peer wireless networking already exists. In addition to connecting to wireless routers or hotspot networks, many wireless devices are capable of creating an ad hoc network-- basically a peer-to-peer wireless network between two devices.
Ad hoc wireless networking has always been more complex and cumbersome than it is worth, and it maxes out at 11 Mbps. Wi-Fi Direct will connect at existing Wi-Fi speeds -- up to 250 Mbps. Wi-Fi Direct devices will also be able to broadcast their availability and seek out other Wi-Fi Direct devices.
Wi-Fi Direct devices can connect in pairs or in groups. With Wi-Fi Direct only one of the devices needs to be compliant with Wi-Fi Direct to establish the peer-to-peer connection. So, for example, a Wi-Fi Direct-enabled mobile phone could establish a connection with a non-Wi-Fi Direct notebook computer to transfer files between the two.
Wi-Fi Direct overlaps into Bluetooth territory. Bluetooth is a virtually ubiquitous technology used for wireless connection of devices like headphones, mice, or the ever-popular Bluetooth earpiece sticking out of everyone's head. Bluetooth uses less power, but also has a much shorter range and slower transfer speeds. Wi-Fi Direct can enable the same device connectivity as Bluetooth, but at ranges and speeds equivalent to what users experience with existing Wi-Fi connections.
There are potential security concerns that come with a technology like Wi-Fi Direct. Bluetooth has been the subject of security issues like Bluejacking which enables an attacker to connect anonymously with an insecure Bluetooth device and hijack it or compromise its data. Bluejacking is only a threat in a radius of 20 or 30 feet. Wi-Fi ranges are much greater which opens the possibility of attackers making anonymous connections from the parking lot or across the street.
The Wi-Fi Alliance, which includes members like Cisco and Intel, is aware of the security concerns as well as the risks Wi-Fi Direct could introduce for enterprise networks. Wi-Fi Direct will include support for WPA2 (Wi-Fi Protected Access 2) and AES encryption for more secure connections and measures are being developed to enable IT admins to exert some control over Wi-Fi Direct networks within their environment.
Security researchers say the cost of criminal services such as distributed denial of service, or DDoS, attacks has dropped in recent months. The reason? Market economics. "The barriers to entry in that marketplace are so low you have people basically flooding the market," said Jose Nazario, a security researcher with Arbor Networks. "The way you differentiate yourself is on price."
Criminals have gotten better at hacking into unsuspecting computers and linking them together into so-called botnet networks, which can then be centrally controlled. Botnets are used to send spam, steal passwords, and sometimes to launch DDoS attacks, which flood victims' servers with unwanted information. Often these networks are rented out as a kind of criminal software-as-a-service to third parties, who are typically recruited in online discussion boards.
DDoS attacks have been used to censor critics, take down rivals, wipe out online competitors and even extort money from legitimate businesses. Earlier this year a highly publicised DDoS attack targeted U.S. and South Korean servers, knocking a number of Web sites offline.
Are botnet operators having to cut costs like other businesses in these troubled economic times? Security researchers don't know if that's been a factor, but they do say that the supply of infected machines has been growing. In 2008, Symantec's Internet sensors counted an average of 75,158 active bot-infected computers per day, a 31 percent jump from the previous year.
DDoS attacks may have cost hundreds or even thousands of dollars per day a few years ago, but in recent months researchers have seen them going for bargain-basement prices.
Nazario has seen DDoS attacks offered in the US$100-per-day range, but according to SecureWorks Security Researcher Kevin Stevens, prices have dropped to $30 to $50 on some Russian forums.
And DDoS attacks aren't the only thing getting cheaper. Stevens says the cost of stolen credit card numbers and other kinds of identity information has dropped too. "Prices are dropping on almost everything," he said.
While $100 per day might cover a garden-variety 100MB/second to 400MB/second attack, it might also procure something much weaker, depending on the seller. "There's a lot of crap out there where you don't really know what you're getting," said Zulfikar Ramzan, a technical director with Symantec Security Response. "Even though we are seeing some lower prices, it doesn't mean that you're going to get the same quality of goods."
In general, prices for access to botnet computers have dropped dramatically since 2007, he said. But with the influx of generic and often untrustworthy services, players at the high end can now charge more, Ramzan said.
Google has reported an 8 percent jump in revenues. The optimism reflected what the company said was an across-the-board recovery in online advertising, with even the struggling financial services sector showing a return to growth.
While search engine advertising has held up better than most other forms of online media in the downturn, Eric Schmidt, chief executive, said the advertising revival appeared to have spread across the internet more broadly.
The news pushed the company's shares up 3 per cent in after-market trading, to $544, capping a run that has seen the shares climb 120 per cent from the bottom late last year.
The figures for the three months to the end of September point to a return to sequential quarterly growth for the search giant after two periods in which its revenues were either flat or down from the preceding quarter, the first time in its 10-year history it had been through such a decline. Investors often pay close attention to sequential quarterly comparisons for high-growth companies since they provide a more immediate view of the growth trajectory.
Drawing a clear line after the downturn, Mr Schmidt praised the company's management team for holding down costs in recent quarters but said the time had come for a return to the company's earlier ambitious expansion path.
Thursday, October 15, 2009
The United Kingdom, which was hit hard by the financial collapse of Iceland, will probably contract the most, as measured by gross domestic product (GDP).
The International Labour Organisation (ILO), a United Nations agency, predicts that 50 million jobs could be lost and 200 million more people could fall into absolute poverty around the globe in 2009. The global nature of the crisis highlights the desirability of a truly international response. The IMF has said the only way for the damage to be contained is through large-scale global action, such as coordinated stimulus programs and mutual co-operation.
Wednesday, October 14, 2009
"A lot of their problems may be a consequence of something that's almost like a learning difficulty," says Joseph Newman, a psychologist at the University of Wisconsin-Madison who investigated how prisoners with psychopathic personalities react when anticipating pain.
Previous experiments have suggested such people may not feel fear, while brain imaging studies have found abnormalities in the amygdala, a region that processes fear and other emotions. This has encouraged the perception that they are "emotionally shallow", Newman says. "People call them cold-blooded predators." But he questioned whether this was the whole story.
To tease apart why such people behave the way they do, Newman's team recruited 125 male prisoners convicted of serious crimes and scored them on traits characteristic of a psychopathic personality, including narcissism, impulsivity and callousness. About 20 per cent scored highly enough to be described as psychopathic - a proportion typical for criminals but well above the 1 per cent expected in the general population.
The researchers then hooked each prisoner up to a device that measures how strongly they blink - an indication of how afraid they are - and placed a screen in front of them. The subjects were warned that during tasks in which letters flashed on the screen, an electric shock would sometimes follow a red letter, but never a green one.
When instructed to push buttons to indicate whether letters were green or red, subjects with marked psychopathic characteristics flinched in response to red letters with the same strength as other subjects.
Yet when they were told to indicate whether letters were capitals or lower-case, the psychopathic prisoners barely blinked upon seeing red letters, while the others continued to anticipate the mild shock (Biological Psychiatry, DOI: 10.1016/j.biopsych.2009.07.035).
This suggests that psychopathic individuals sense fear as much as anyone, and only seem fearless because they find it harder to pay attention to what is scary and what is not, says Newman, who hopes his hypothesis can be used to discourage psychopathic repeat offenders. "They're famous for being difficult if not impossible to treat," he says.
Donald Hands, director of psychology at the Wisconsin Department of Corrections, is working with Newman to design a pilot treatment programme. Reminding psychopathic lawbreakers of the immediate consequences of their actions, such as getting arrested and sent back to prison, might help to dissuade them from reoffending, he says.
Newman's finding may also persuade prison authorities to treat psychopathic individuals differently. "I think this shows that there's some humanity there," Hands says. "It challenges the belief that they are robots."
Tuesday, October 13, 2009
Today's published Commons order papers contain a question to be answered by a minister later this week. The Guardian is prevented from identifying the MP who has asked the question, what the question is, which minister might answer it, or where the question is to be found.
The Guardian is also forbidden from telling its readers why the paper is prevented – for the first time in memory – from reporting parliament. Legal obstacles, which cannot be identified, involve proceedings, which cannot be mentioned, on behalf of a client who must remain secret.
The only fact the Guardian can report is that the case involves the London solicitors Carter-Ruck, who specialise in suing the media for clients, who include individuals or global corporations.
Remarkable, even by the appalling standards of our libel laws and addled judiciary. This appears to be the question in, er, question:
From Parliament.uk, “Questions for Oral or Written Answer beginning on Tuesday 13 October 2009″
N Paul Farrelly (Newcastle-under-Lyme): To ask the Secretary of State for Justice, what assessment he has made of the effectiveness of legislation to protect (a) whistleblowers and (b) press freedom following the injunctions obtained in the High Court by (i) Barclays and Freshfields solicitors on 19 March 2009 on the publication of internal Barclays reports documenting alleged tax avoidance schemes and (ii) Trafigura and Carter-Ruck solicitors on 11 September 2009 on the publication of the Minton report on the alleged dumping of toxic waste in the Ivory Coast, commissioned by Trafigura.
And this is a report on how the oil company Trafigura tried to cover up pollution in Africa.
This country's libel laws have been a disgrace for years and one can only hope that egregious abuses of an already abusive system persuades folk that, dash it, something must be done.
UPDATE: The Twitterverse is going mental for #trafigura and I suspect that by the time all this is over far more people will be aware of the controversy swirling around Trafigura's African adventures than would have been the case had they kept quiet and not attempted to silence the press. Combatting this sort of bullying, however, is one thing the blogosphere is good at.
UPDATE 2: There is, at the time of writing, no mention of this story on the BBC's website. Why on earth not?
Sunday, October 11, 2009
What makes you think unsullied optimism is such a good idea? Americans have long prided themselves on being "positive" and optimistic - traits that reached a manic zenith in the early years of this millennium. Iraq would be a cakewalk! The Dow would reach 36,000! Housing prices could never decline! Optimism was not only patriotic, it was a Christian virtue, or so we learned from the proliferating preachers of the "prosperity gospel," whose God wants to "prosper" you.
In 2006, the runaway bestseller The Secret promised that you could have anything you wanted, anything at all, simply by using your mental powers to "attract" it. The poor listened to upbeat preachers like Joel Osteen and took out subprime mortgages. The rich paid for seminars led by motivational speakers like Tony Robbins and repackaged those mortgages into securities sold around the world. (Read "Yes, I Suck: Self-Help Through Negative Thinking.")
Optimism wasn't just a psycho-spiritual lifestyle option; by the mid-'00s it had become increasingly mandatory. Positive psychologists, inspired by a totally over-optimistic reading of the data, proclaimed that optimism lengthens the life span, ameliorates aging and cures cancer.
In the last few years, some breast cancer support groups have expelled members whose tumors metastasized, lest they bring the other members down. In the workplace, employers culled "negative" people, like those in the finance industry who had the temerity to suggest that their company's subprime exposure might be too high.
No one dared be the bearer of bad news. The purpose of work, at least in white-collar settings, was to flatter and reassure the boss, who had in turn probably read enough of the business self-help literature to believe that his job was to motivate others with his own relentless and radiant optimism. (Read "A Primer for Pessimists.")
Two years into the Great Recession, it's time to face the truth: Optimism feels good, really good, but it turns out to be the methamphetamine of run-amok American capitalism. Meth induces a "Superman Syndrome." Optimism fed into what Steve Eisman, a banking analyst who foresaw the crash, calls "hedge-fund disease," characterized by "megalomania, plus narcissism, plus solipsism" and the belief that "to think something is to make it happen."
The meth-head loses his teeth and his mind; the madcap optimists of Wall Street lost something like $10 trillion worth of pension funds, life savings and retirement accounts. (See five reasons for economic optimism.)
Fortunately, the alternative to optimism is not pessimism, which can be equally delusional. What we need here is some realism, or the simple admission that, to paraphrase a bumper sticker, "stuff happens," including sometimes very, very bad stuff. We don't have to dwell incessantly on the worst case scenarios ” the metastasis, the market crash or global pandemic ” but we do need to acknowledge that they could happen, and prepare in the best way we can. Some will call this "negative thinking," but the technical term is sobriety.
Besides, the constant effort of maintaining optimism in the face of considerable counterevidence is just too damn much work. Optimism training, affirmations and related forms of self-hypnosis are a burden that we can finally, in good conscience, set down. They won't make you richer or healthier, and, as we should have learned by now, they can easily put you in harm's way. The threats that we face, individually and collectively, won't be solved by wishful thinking, but by a clear-eyed commitment to taking action in the world.
Shared via AddThis
Friday, October 9, 2009
1.Adjust Web site privacy settings to help protect your identity.
2.Be selective when adding contacts.
3.Limit access to your profile.
4.Disable options that you rarely use.
5.Be careful what you click on.
6.Be familiar with security settings and know how to recognize if your account gets hijacked.
7.Understand the process of how to report a hijacked account to the site owner.
Although this is not a comprehensive list, neither is it a guarantee of full protection, it is important to educate our colleagues and users about the possible security risks and the issues they face. Remember, their issues, if unresolved, will quickly become our problems. If we accept and consider them the weakest link in our security chain, what are we doing about it?
Wednesday, October 7, 2009
Yet in thsi high tech world, Derek Leiner's job title harks back to the days of the pharaohs, those early dictating people and papyrus scrolls. He's known as a 'scribe' but he doesn't use a quill.
Instead of pens, scribes use laptops as they walk behind the doctors,, going from bed to bed, taking detailed notes that will form part of each patient's electronic medical record.
While most other businesses scrapped their paper files decades ago, hospitals have lagged a long way behind. Several of the health reform proposals being considered would push the industry to convert to electronic records but I fear in the average physician's practice, you are still going to see closets and filing cabinets full of paper charts - et sanctum gloria!
Monday, October 5, 2009
Robert Sapolsky is a Stanford University neurobiologist who's spent 30 years studying stress and illness in baboons to better understand the effects of stress in humans.
We all live with stress—so much, in fact, that we accept chronic stress in our lives as a given, an inescapable force to which we're powerless. We feel we have no control over our stress, and indeed, our stress controls us—our behaviour, our emotions, our health. Some people go so far as to wear stress as a badge of honour. Their stress level, they believe, testifies to their importance, their valour and their work ethic.
By accepting chronic stress as a fact of life, we fail to realise that our resigned attitude toward this biological response will kill us. Chronic stress is an epidemic in American and European society, one that takes a devastating—even deadly—toll on our minds and bodies.
Chronic stress impairs our memory and brain function:
Sapolsky notes that we seem to have lost our innate ability to shut off our stress response. We're stressed out all the time. Everything from deadlines to awkward social situations causes our bodies to produce elevated levels of stress hormones that never seem to abate. Even after we've met the deadline, we allow new stressful tasks or situations to enter our lives and replace it.
Our rank at work and in society also impacts our stress level, perhaps not surprisingly. Sapolsky's research suggests that the amount of stress we experience is directly related to our social status.
Does that sound familiar? I'm sure you've observed similar behaviour —and its consequences—where you work. Ever feel like your boss's primary role is to make your life miserable? Perhaps he has too much time on his hands.
Sapolsky's findings on stress and rank corroborated an earlier study of British civil servants. The British study, which examined the health of British civil service workers, found that low-level civil servants had higher stress levels and were more prone to illness than high-ranking civil servants despite the fact that they all had access to the same healthcare.
Extrapolating from this research we can conclude that lower-level IT workers experience more stress and illness than IT executives, while IT executives are more stressed and sickly than the chief executives. What goes around comes around!
Under Section 404 of Sarbox, public companies and their independent auditors are each required to report to the public on the effectiveness of the companies' internal controls. Companies with a public float below $75 million have been given extra time to design, implement, and document their controls before their auditors must attest to the controls' effectiveness.
That extension will cease starting with the 10-K reports of companies with fiscal years ending on or after June 15, 2010. Formerly, that deadline was for fiscal years ending on or after December 15, 2009. The extension was granted so that the SEC's Office of Economic Analysis could complete a study of whether additional guidance provided to company managers and auditors in 2007 was effective in reducing the costs of compliance.
Because the study was published in September, less than three months before the December 15 deadline, the SEC decided that adding more time was "appropriate and reasonable so that small public companies and their auditors can better plan for the required auditor attestation," according to the SEC.
While the largest U.S. publicly traded companies are in their fifth year of complying with Section 404, smaller companies have yet to fully comply. It was only last year that nonaccelerated filers â€” defined by the SEC as those with a market capitalization of below $75 million â€” began filing management's assessments of internal controls with their 10-Ks. Now, such companies that have fiscal years ending June 15 of next year will have to get their auditors' signoff on their internal controls, also known as 404(b) reports, for the first time.
"Since there will be no further Commission extensions, it is important for all public companies and their auditors to act with deliberate speed to move toward full Section 404 compliance," SEC chairman Mary Schapiro said in a release.
The controversial Sarbox provision has long drawn the ire of companies â€” particularly small public issuers â€” because of its allegedly high cost of compliance. The act, passed following the wave of corporate accounting scandals that included Enron and WorldCom, requires the SEC to mandate that corporate internal-controls reports state management's responsibility for setting up and maintaining an adequate internal-controls structure and procedures for financial reporting. It also must contain an assessment of the effectiveness of the company's controls structure and procedures for financial reporting, as of the end of the company's most-recent fiscal year.
The part of Section 404 related to the SEC's current action requires a company's auditors to attest to and report on the internal-controls assessments made by the management of the companies the accountants audit.
While the reporting and auditor attestation grew out of the 2002 law passed by Congress, all U.S. public companies have been required to maintain internal-accounting controls since 1977.
Shared via AddThis
Sunday, October 4, 2009
The current preference is for expert-based “knowledge,” meaning that consultants present themselves as acting as trusted advisors to clients, providing outside diagnoses of problems.
Unfortunately, in many cases, these consultants’ suggestions are based on a well-defined body of academic and third-party research, but not necessarily on firsthand experience with the challenges faced.
The consulting approach of “knowing” is more hands-on, involving close cooperation with the client company. One of the advantages of this method, is that information about a given business, industry sector, or project is not merely transferred from consultants to clients, but rather created or learned, during a process of mutually beneficial or active collaboration.
When problems crop up the collaborators have a mutual incentive to solve them — an approach that ultimately spreads more information, accountability, and knowledge throughout the entire team.
Organisations will experience greater benefits if management consultants shift their focus away from the traditional expert-driven, learn-as-u-go approach and instead explore more collaborative and mutually beneficial, client–consultant projects.
Breaking into or even cracking that cage, involves radically changing the structure of the organisation's work itself. Reducing, softening or removing boundaries and increasing collaborative teamwork, can give women, cultural minority and aging employees the visibility, leadership experience, and strategic ties they need to develop and build, repeatable success.
Start by looking at the effectiveness of self-directed work teams, defined as; groups of employees pulled from diverse functional groups who met regularly to develop new ideas or tackle specific tasks. If you are extra cautious, first establish an experimental task force and monitor.
In addition to and in alignment with this, examine cross-training programs for employees, in which they learn about and experience what it is like to work in different positions and taking various roles, throughout the company. Monitor the effectiveness these efforts have on the employees’ potential for advancement to management-level jobs.
When managers get to know and trust the previously excluded; female, cultural minority and aging employees, through these team assignments and cross-training initiatives, they will be better able and more motivated to act as mentors and references for future job openings.
Therefore, when employers and organisations restructure their operations in favour of small, responsive, employee-directed teams, they greatly increase the collaboration efforts across departments and, in turn, greatly improve their management-level diversity.
When employers examine their prejudices closely, they will find little benefit in retaining these views and greater advantages in radically changing them. The first step is to blur the lines and responsibilities between employees and their roles. Soften the boundaries and encourage self-directed, collaborative, work teams, they can revolutionise and greatly increase your efficiency and diversity in management-level positions.
Managers have too many tasks to complete. All of them competing urgently for their close attention, and switching between them or worrying about one while working on another can often lead to inefficiencies and mistakes.
US studies that required people to simultaneously, complete a word puzzle and appraise a candidate’s resume, whilst giving different individual participants different deadlines, produced very strange results.
In the first instance, they found that finishing a task did not necessarily cause people to disengage from the initial job and move on to the next one. Instead, when people had no time pressure or constraints, they tended to have more “attention residue,” meaning that thoughts about how they performed on the first task affected their performance on the second.
In the second instance, when people were given a deadline in which to finish a job and did so, meeting the deadline, it gave them more confidence and a better sense of closure. They were also better able to disengage from the first task and shift their attention to the next.
Task-by-task performance improves when employees can quickly and clearly stop thinking about the last task they performed. Adding constraints and time pressures to task completion greatly helps people in shifting their attention and focus. Moving them on constructively and effectively.
The three main reasons that employees go around their boss are very clear.
You're not listening to me!
The greatest number of cases involve unresponsiveness; supervisor or managerial inaction. When an employee questions or expresses dissent to a manager, it was either dismissed, ignored or re-buffed with an unfulfilled promise.
You have no idea what you're doing!
The second driving force was a manager’s apparent incompetence or low performance. Employees regularly report concerns about how their boss is performing; mismanaged tasks, scheduling vacations, managing workflow processes, conducting performance evaluations, etc.
You're only out for yourself!
The third option is unfortunately about questionable behaviour carried out by the manager. This can include employee harassment, (both physical and emotional/psychological) unethical behaviour, and regular or blatant abuses of organisational policies and practices.
Suffering abuse from, finding fault with, or having reduced respect for their managers and supervisors is fundamentally the reason most employees decided to circumvent them.
Why are you bringing me this?
If you are approached by an employee who has skipped around the normal chain of command, it is your duty to give it some close thought. Employees who break the chain of command do so reluctantly and with some fore-thought. Many times they feel the need to emphasise their point and the unethical nature of the complaint.
Perhaps they have exaggerated the severity or urgency of the topic, but this is done to justify going around their manager. You need to be aware of this, because if you also dismiss this approach as being trivial or concocted, then you are in danger of commiting a greater sin against the individual, his colleagues, with whom he will share his experience, the organisation and yourself.
You will be seen to be endorsing a poor manager who is operating at a low level, abusing employees and implementing bad practices. You risk being condemned by the employees as being of a similar vain.
Employees will only circumvent their manager and reach out to someone higher in the organisation after a great deal of soul searching and when they feel they have good cause. They are being dismissed, ignored, and /or abused. Are you listening?
What really defines micromanaging is not whether a manager is digging into small details. It’s really a question of which details and for what purpose. Is the manager scoring points, making a small point, nit-picking on minutinae and expenses? Clearly, the manager believes they are drilling down into the details, where the devil lives and that will help reveal a higher-level issue; detecting risk or a structural change, getting to the real root cause of a problem, or questioning the overall effectiveness of a specific process?
Asking questions of an operational nature, is not in itself micromanaging, as long as the questions lead to pertinent insights about issues like strategy, performance, major investment decisions, key personnel, the choice of goals, or risk assessment.
Probing a decline in gross margins, or rise in expenses, etc., can easily be seen as trivial but in industries like office supplies or personal computers, where gross margins have taken a beating over the last ten years, managers may be correct in trying to discern whether the decline is symptomatic of a fundamental shift in the industry and whether the strategy has become obsolete.
The key lies in the analytics of working backwards, to link the operating details directly with strategic issues. For a mobile phone service provider and ISP, subscriber churn rate is an operating detail with very strategic importance.
The board of a telecommunications company that approves a multibillion-dollar project to lay new cable has a stake in knowing how the implementation is going. The project’s success might depend heavily on assumptions management made about attracting and retaining targeted high-revenue customers.
The board will want to dig into details about how many customers are willing to pay a premium for voice, video, and text combined. Are a sufficient number of customers coming on line on schedule? What percentage is staying with the company? What is the monthly churn, or turnover, in customers and what is the average customer bill?
In these cases, operational details are an important microscope for tracking the effective execution of the strategy and gauging how well it is working. These items materially affect the business going forward.
When a manager picks up on a small point and challenges it simply to demonstrate their power and ego; for the sake of showing who is right or what could have been done differently, or when a manager attempts to make a decision about operations, or individual people, then you can raise the alarm and accuse that person of micromanaging.
This typically happens in the area of the manager’s previous expertise and can be driven by a personal need to demonstrate superior subject knowledge or that they 'still have it.'
The way in which a question is worded can also indicate or reveal whether a manager is micromanaging. The difference lies in how the executive could respond. Does the inquiry put paint the executive into a corner, instead of shedding more light on a subject and opening the door for a broader discussion?
In Q2/Q3 2007, most boards across the globe were keen to learn how management was responding to the steep rise in commodity prices and the impact on margins. Many boards debated the potential impact on margins and what could or could not be passed on to customers. That was a very vital discussion to have.
A micromanager will initiate the discussion of pricing by lecturing long and hard on their personal experience in dealing with a price increase, implying that the executive in question lacks the courage to address the issue. This implies that management can do it if it has the will or the guts and is more of a challenging ultimatum than a discussion point.
Another more constructive approach, is to say, “I’m curious about several aspects of inflation and our pricing strategy. What is our process of adjusting prices as inflationary conditions change? How are decisions initiated? Who gets involved and with what tools? What training is being given to people who are looking at pricing and to the sales force that brings it all home? Are the regional sales managers buying into it?”
This lets management explain what the company is doing and what alternatives it has considered, an explanation that is likely to include topics and issues that the manager had not known of.
The manager's comeback, “What benchmarking are you doing to improve pricing processes and reduce our exposure to margin compression? Are there any strategic implications that the board needs to learn about?” In that way, the manager opens a door to several possibilities without insisting on his own chosen course of action. It also opens the door for other managers to join the discussion.
This open style of questioning becomes an imperative when the company is highly leveraged and commodities prices increase several times in a year. It gives managers flexibility and an insight into whether the company has the organisational mechanisms to move and is not awaiting orders from the top.
The difference in approach has a profound impact on the boardroom dynamic. Asking questions at the right altitude, with the right tone, and about the right things refocuses management’s attention while respecting the executive’s decision-making authority.
It is, after all, management’s job to deal with the margin compression and decide on its pricing practices, not the board’s. The board is there to make sure management has a plan and that it is executing that plan.
With the liquid children's version of the anti-influenza drug Tamiflu in short supply, pharmacists are making their own children's version by mixing cherry syrup with the contents of the Tamiflu capsules.
But not just any cherry syrup. The prescribing information for Tamiflu lists cherry syrup made by the Humco Holding Group "a mixture of sugar, purified water, artificial cherry flavoring and some other common ingredients” as one of the approved liquids to mix with the medicine.
Lucky Humco has been scrambling to keep up with the demand. So it's not just boom time for th epharma companies, others are jumping on board the sweet money train.
"Our volume has exploded," said Greg Pulido, the chief executive of Humco, based in Texarkana, Tex. "About 30 days ago we got a phone call. We got another phone call. Then we started getting calls from all over the world."
The company typically sells about 50,000 pint-size bottles of the syrup each year. But with the spread of pandemic H1N1 influenza, also known as swine flu, Humco shipped 100,000 bottles in September alone. In October it is planning to make 400,000 bottles.
The company has had to have some ingredients shipped to its factory by air in order to meet the surge of orders, Mr. Pulido said. Last week the factory worked seven days instead of the usual four. But he said that contrary to rumors, there was no shortage of the syrup, and that he was confident there would not be.
The liquid version of Tamiflu is scarce because Roche, the manufacturer of the drug, is concentrating on making the capsules used by adults and older children, which it says is a quicker way to increase world supplies. The same production capacity needed to produce a liquid treatment for one person can be used to make capsules for more than 10 people, Roche says.
Shared via AddThis