Corporate Chaos – how much fun is that?

The IT Security Team.

Well yesterday wasn’t such a great day at the office, not just for the company I work for – but quite a number of other companies and organisations. There are few people that can be unaware of the Cyber attack that was launched in a number of countries yesterday, the fallout from that attack will be pretty far reaching and will affect many organisations for a considerable period of time I would think. There may well be a number of companies and organisations that may fail as a result of the attack, you yourself will have to decide if the people who made these tools available acted responsibly or not.

This particular attack seems to have been particularly effective against hospitals and medical organisations in the UK, where a large number of people were unable to receive the medical attention that they needed. It has obviously been effective against a number of other sectors, at the moment I am working for a Spanish company – where all the Windows based systems are now on lock down.

Of course there are always going to be these attacks and courtesy of a number of people, misguided or not – placing these tools in the public domain. We now have a situation where the number of attacks is likely to increase significantly in the future, the sophistication of the attacks, the attack vectors and the lack of good security people in the IT industries will surely mean that many people are in for a bumpy ride over the next few years. This I think is a “standing on the shoulders of giants” moment, although there were tools out there capable of launching similar attacks. They were no where near as sophisticated or effective as this suit of tools is, so now the code base and therefore the base attack level is so much higher.

It isn’t really possible now to do very much about the increasing sophistication of the attacks, there are just too many variables to address but some of the following would make a difference.

  • Better training in security for the end users.
  • More effective use of virtualisation technologies and increased internal fire walling.
  • Better recovery processes along with increased use of snapshot technologies.

On the attack vectors, we have the same situation. It must be remembered that this can all be easily negated by having poor IT security staff. Something that should be obvious to many people today is how easy these attacks are to launch and how difficult they are to counter.

This particular attack is purely a money making exercise for some criminal or criminals, it looks like it could be a very lucrative one for them from the information in the press. There may well be loss of access to significant quantities of important data, consequentially there may be no alternative to paying for the keys to allow access to the data. Not that that means these people will actually get the access to the data.

It will now be painfully clear to a number of people that the world of IT security was found lacking in a number of respects, a number of these people will be putting in a lot of hours over the next few months – initially to sort out the problems then looking at preventative measures. In reality all that can probably be managed is the minimisation of risk through training and awareness, along with the development and implementation of effective and timely recovery processes.

A failure to react to this event for the people not yet targeted, is likely to lead to very expensive corporate chaos. In the case of my work, the costs are likely to be in the low thousands of Euro’s. Company wide I would suggest that the lost productivity will be in the Millions of Euros, so maybe paying a few bitcoin will be worthwhile.

 

First Move Done

little problem

Time to Kick the Tyres and Light the Fires.

So the first equipment has moved into the newly constructed data centre, when all was said and done it was mostly OK! There were a number of lessons learned and at times a serious desire to terminate the existance of certain people, but the equipment is in at long last.

Where did all the people come from on the day, well a number of companies – several of whom I’ve used before. The planning at the source end paid off hansomely, the planning at the destination end left a bit to be desired – but the event did happen.

The lessons learned included the following;

  • Don’t let the people who make the first delivery leave their vehicle in the loading bay and then go off for lunch! – 40 minute delay.
  • Ensure that if you are in charge of the move that your name is on the list of people allowed in the building! – an other 40 minute delay.
  • Finding out that there was an intermittant fault with the scissor lift on the day it is required isn’t best practice (especially as it was a known problem), when it’s required for moving 500Kg machines! – 1 hour delay!

Now the testing has to be repeated and the migrations start in earnest in a few weeks.

All in all the first move was OK, you would hope so as there have been people involved in this project for getting on for six years.

 

And then a Miracle Happens!

The New IT Person?

The New DCM Team.

And then there were only four, that’s all that is left of the Data Center Migration team. From an original target size of twenty-one we are down to a paltry four, the job is a data center migration for a utility company. In reality we are down to three and a half, but then there are major delays in access to the new building, so just having three and a half people is probably right. As to the project plan that is being prepared, I suspect that the penultimate entry in the plan will be titled in a similar way to this blog post.

As to the equipment that is being planned for build ahead, what has been chosen will probably be superseded by the time we get round to having it delivered. Me well I’m about to have yet an other go at the low level design document, but as they have now changed the hardware platform a number of times I won’t hold my breath on completing this one either.

I have a number of concerns regarding this project, the client doesn’t seem to have any sense of urgency in respect of the project. I have been told that the corporate management will not accept any report where the traffic light status indicator is not green, it can take months to get anything done e.g. it has just taken two months to get disk presented to a server. The offshore support resource leaves a bit to be desired, they seem to lack any initiative so if they have any kind of question – dead stop.

At the moment I’m working through the proof of concept work, we’ve all been there – proving that companies like IBM and Oracle have sold things that work. Proving that Unix commands that have been around for forty years work. And proving that someone with forty years of experience, knows what they are talking about. Going forward I’m watching for the day when things go into “Headless Chicken” mode. Still not worry too much on that front, there is more than enough space in the car park for the whole team to go out into the car park and do the “Headless Chicken Dance” in formation.

The Short and Winding Road.

Some things never change!

Some things never change!

So the data center migration project has a significant delay, we are four months into the project and the time line has slipped seven months. At that rate with the final date supposed to be December 2016, if the slippage continues at the same rate we would be looking at late 2018 for the completion of the project.

The bulk of the work so far has been documentation with some analysis, but probably all wasted. There is some scuttlebutt suggesting a moratorium, which will probably mean that the work already completed will be wasted. We won’t know until the end of March by the look of things, but I’m guessing that the news might not be very good.

The status of the project so far, well we have had two people on site for around two years doing the discovery work and it’s nowhere near complete. There are two migration specialists and they do not have enough work to do, along with a number of non technical IBMers and I’m not sure what they do at all. We have a project manager that I’ve come to think of as a Slinky, totally useless but brings a smile to your face as he tumbles down the stairs. In general the management sucks, mostly money from the customer as far as I can see.

This isn’t a big project, there are only probably 250 physical and the same number of virtual servers. But the chances of success in any reasonable time scale are remote. Internal process from the customer causes a massive overhead on any work, I would suggest that the loading could easily be an other 100 to 150%. Before I started this project I was told by someone who works at a senior level in the parent company, this migration project would take twice as long as it should – I hate optimists!

Onward and Downward!

The guys that are actually doing the work!

The guys that are actually doing the work!

Well here it is, an other contract. I’m now just over four months in and probably could have done as much in two weeks, already I feel sorry for the end customer. There’s probably other financial angles that I’m unaware of, but the one that jumps up and smacks you round the chops is the front end rip off. Yes, how unusual is this, the customer is being ripped off again! This is just a case of double charging, the customer already pays for BAU support. And now they are paying for contract workers for a data centre migration, but for the most part they are doing – you guessed it BAU support. Just an other way of extracting more money from the client, nothing unusual about that then is there. After all much worse things happen in IT!

It will be interesting to follow this through, it’s the first contract that I’ve ever worked on where they have PM’s using the Agile methodology. I actually thought it was something special when I was told, but it seems that to dodge the shit you have to be Agile. However we have had some huddle meetings, for what they are worth. Over the last few days, these meetings could be called “Puddle” meetings – mainly because the time has been pissed away. It’s not all bad, the customer is getting some work done, the customer is paying the prime contractor, who is paying the intermediate contractor, who is paying the agency and they are paying me!

Evaluating a contract like this at such an early stage is difficult, especially when nothing productive has happened. All the end customer wants to see is “bums on seats”, all the primary contractor wants is the moolah as does everyone else involved on the money trail. But as I’ve said more than once since I started this contract, I could do this myself in a year with a wheel barrow – I just couldn’t do it and make as much money from the client. There is a general feeling of Onward and Downward in the place as one of my friends would have said.

Cryptocurrencies for Muppets – maybe!

Money, Money, Money!

Money, Money, Money!

With the proliferation of Crypto Currencies, comes the inevitable failure of some and the loss of confidence that this can cause. We’ve seen Bitcoin reach the heady heights of $1200+ and fall back, recovering somewhat to its current $240 or so. The crash in value followed the Chinese Government decision to effectively ban it’s use in China, there was a very rapid fall in the value – which continued further than people thought it would. The first reported or recorded transaction seems to have been a Pizza purchase, for the princely sum of 10000 Bitcoin – I hope it was a really good Pizza. So where will these Crypto Currencies go in the future, some will inevitably fail that much is obvious.

But what will happen to the ones that are successful, as I said we’ve seen Bitcoin being taken up and becoming very valuable. Only to be dropped by people when there was governmental interference, in effect banning the trade in Bitcoins – causing people to lose confidence in the currency. It happens with physical currencies as well, but probably not for the same reasons. There are concerns with the lack of traceability of Bitcoins, there is absolutely no need to provide any identity details to have a bitcoin wallet. In essence the currency is completely untraceable, not something that governments are very happy about. There is no need to have any banking system involvement, not something that the banks are happy about.

But think about it pragmatically for a minute, these very things mean that there is no need for conversions from one currency to an other. Probably a massive overhead for some small coffee farmer in say Kenya, so maybe there’s an advantage to him! I used to work in the commodity market place, looking after the systems. And I had a problem explained to me as follows;

  • A supermarket chain buys Bananas in Deutsch Marks, from an trader.
  • The trader buys the Bananas in Dollars from a Central American Trader.
  • The Central American Trader buys the Bananas from the farmer in Bolivia in the local currency, the Boliviano.
  • He arranges shipping with a reefer company and pays the shipping in Sterling.

There is no problem with the above, these transactions go on all the time – sometimes much ,ore complex as well. But for a moment think if all the transactions had been carried out in the same currency, even if you had to have the same logistics for the supply of the Bananas. Most likely the people who are completing the conversion transactions would be unhappy, not really any need for them – the whole thing could be replaced with some kind of escrow agreement. So who would this benefit, everyone really, well except the people who rely on currency conversion to make a living.

The truth be told, the most likely beneficiaries of Crypto currencies, will be the poorer people of the world. The simple fact of the matter is that they alleviate the requirement to have a bank account, the crypto currency also allows the direct payment instantly – so no waiting for cheques to clear etc. I would like to see crypto currencies become more accepted, for all of the reasons above and a couple more if I’m truthful.

Can a Muppet like me make money online?

Onwards and Downwards.......

Onwards and Downwards…….

Over the years I’ve often wondered if it’s possible to make some spare cash working online, I’ve seen hundreds if not thousands of promises to make me a millionaire. I’ve been around the block a bit when it comes to the “Internet”,  so I’m sure that there are a number of people out there that make a good living from it. If you look at the site you’ll see the adverts that I’ve placed here, mostly from Amazon but there are a couple of others as well. Have I made any money from them, not really – on average probably £25 a year or so.

I recently found a site that seems to actually be likely to make some money, not the thousands a day that every one promises through “Binary Options Trading” – whatever that is. Or the nice gentleman from the Bank of Nigeria who has found $20M and wants to give me half, it’s just outstanding how selfless and altruistic some people can be. Nor was it any of the other half baked schemes that seem to be everywhere you look, this is a UK site that pays people to take surveys. I will be honest, I am still a little sceptical and doubtful if I’ll actually see any cash return – but as I’m at home between contracts I’ve decided to give it a try.

As I said earlier in this post I’ve been around the block a bit when it comes to “online stuff”, so I decided before getting involved in this in any shape or form I’d set some stuff up – to protect the innocent as they say. In anticipation of the deluge of “poo” that was likely to follow, I took the following precautions which do seem to have worked. These “precautions” would seem to have been quite wise and from what has followed, I’m quite pleased with myself – note “not smug but pleased”. So here is a heads up on the precautions that I took, with a little why I took them – usually based on experience.

  1. I created a throw away email address, easy to do and from previous experience whenever I’ve used an email address to register. I’ve invariably had to throw the damn thing away as it just get’s spammed to death, so having a disposable address is a must!
  2. A disposable mobile number, I used a PAYG from one of the big four Mobile companies. I had the mobile phone, so all that was required was a sim card (99p) and £10 to activate it. This is also a MUST, I have had the phone on silent and have been monitoring – there have been over 120 calls  to the phone in the week since I started on this.
  3. A PayPal account hopefully to receive funds into, here I’ve had to use the only one that I have – as setting up a new one takes a bit of time. I haven’t been paid anything yet but time will tell on that front.
  4. A Skype number, these numbers are available for about four or five pounds a month and will mean that you don’t have to give out your home number.

So how does it work, well as far as I can make out – it’s almost completely free. I say almost completely free, because some of the conditions with some of the surveys are that you have to join online casino sites or similar – and deposit amounts like £10. These surveys or promotions I have left out and they have shown up in the payments summary as pending, so I guess that the confirmation will fail and I won’t be paid for these. I may still take these as it looks like a £10 join amount will get you a £40 or £50 payment, but as with most people I’m a bit sceptical and not sure if there is the potential return. Still where am I now, well here is a summary of my progress.

Actual Screen Shot

Actual Screen Shot

This is actually the current screen shot of the earnings report for my account, as I’m just kind of trying this out I’ve only taken the first 8 of the surveys. That is actually working out at one per day, these take around 20 minutes to complete – so the potential returns seem to be not to bad. You can take as many as they have setup, currently I have 26 on offer – but I have decided that this is just something to keep me occupied at the moment. I will work my way through the surveys, but I’m not going with the ones where I have to deposit money to get some money back – for two reasons. These are simple and I’ll detail the logic behind the decisions a little further on in the post, the good old sceptic sneaking back into my life again.

 Anyway, should anyone want to investigate this, the image above is also a link and will take you to the site where you can create an account and start getting paid for taking surveys. But before you do you should ensure that you have at least the measures above in place, why would you want to do this well there is the chance that you can make some pin money. The earnings summary is based on around three hours on line, so the potential returns are quite good – potentially around £100 per hour. this is actually an hourly rate that’s not to be sniffed at. The additional things to consider are, you do have to give out your address – so you are likely to start to appear on mailing lists. But I have a log burner so can deal with paper waste quite efficiently, as to the additional steps – well here they are.

  • Get a prepaid credit card, these are available on line and can be loaded with cash as requited – but check out the deals as some charge a monthly fee. This will save you giving out any more personal information than is required. It also means that where there is a repeat subscription, there is no need to cancel it if there is no money available on the credit card.
  • Set up an automated calendar that will remind me when to cancel subscriptions, as some of the offers are dependent on taking out a subscription – it is essential that they are cancelled within the window.

Below are two further screen shots, these show just how the surveys operate, you can see the type of stuff that you can do – and what the payments for doing them is.

A typical Bingo survey!

A typical Bingo survey!

This is one of the typical Bingo type surveys, I would say that around one in three is this type of survey. I order to qualify you have to deposit money and from what I can see lose it, then you’ll be paid (possibly?) and it will all be worth while. Some of the other types of survey involve taking out a subscription, the example below is for Experian – this is where you’ll need to be diligent in monitoring the dates. As you’ll only have a short window where you will be able to cancel without incurring additional costs, lets face it most of these surveys are to drum up additional business for these people and to increase someones potential list of customers.

These people don’t do these things out of the goodness of their heart, it’s all about making money – it seems like we’ve come full circle with that statement. All you have to do to make this worth while is to spend a lot less than you get paid.

The Experian Survey - sales pitch!

The Experian Survey – sales pitch!

To anyone who wants to try this, well have a go. What I would say is please bear in mind the things that I’ve said above and that you should ensure you have taken sufficient measures to prevent yourself from being pestered by the people who are paying you to take these surveys. You have to look at it as letting a sales person accost you in the street, once they have your details they are going to try to persuade you that there are lots of things that you need. The object is to take money off you for services, you objective is to get some money out of them and not end up with a new conservatory or double glazing.

Me I’m just going to plod along with this for a bit of fun, to anyone else I’d say it’s worth a try if you have nothing better to do.

Do Muppets advise the Government?

Government Advisors at Work!

Government Advisors at Work!

Can politicians ever be effective in controlling the flow of data around the internet? There are obviously advisors who are convinced that they can, they seem to be dispensing advice on ways to do it. Do they actually know what the implications of their advice is, or do they feel that they have to give some sort of advice regardless of it’s greater implications. There will be a whole swathe of recommendations after the horrendous events in France last week, but you can bet your last money that there will be a bun fight over at least half of them.

The latest suggestions are basically the resurrection of the idea banning encrypted communications, I’m sure we can all see how that one will end! In the UK Prime Minister David Cameron has said effectively that he will revive the “Snoopers Charter”, this would include some additions like banning several encrypted services like “WhatsApp” and “iMessage”. What I would like to point out is that the effect of doing this is just as likely to be the exact opposite of the desired outcome! What was the outcome of the attempt to silence the satyrical paper “Charlie Hebdo”, I’m pretty sure – not what was expected or wanted by the organisers and perpetrators of the atrocity. So what will the outcome of trying to silence all the people who expect digital privacy be, I’m not sure – but it is almost certainly going to lead to further erosion of individual rights.

What I can be reasonably confident about is, that there will be lots of advisors looking for things to thrust in front of the people that they advise. These people, politicians included have to maintain a public profile. For the most part they seem committed to the most newsworthy and high profile current events, these chop and change by the day. Just like the politicians themselves, after all week is a long time in politics.

It’s been a while……..

OK, so it will probably be back for the duration.

OK, so it will probably be back for the duration.

Well it’s been a while since I posted here, so I’m going to give a quick catch up before going onto say something profound or not as the case may be. I completed the contract with my previous employer around a week ago, the job actually ended up OK. The replacement was trained and is I think in the groove as they say, I’ve left my contact details behind and if they contact me for any reason before the memories grow dim I’ll help them out if I can.

What has happened in the mean time, well not much really. I’ve watched the gradual but increasing erosion of the individuals right to privacy, only yesterday the UK government has said it will dedicate increased resource  to ensuring that communications between individuals suspected of terrorist involvement become less private. By implication that actually means that communication between everyone becomes less private, I’m not too unhappy about that as a long time ago I was told to never say anything by electronic means that I wouldn’t be prepared to shout across a crowded room. But  one to watch and maybe have a rant about in the future. As everyone knows this is mostly a knee jerk reaction to recent events in France, I understand the reason behind the planned actions – but it doesn’t actually mean that I have to agree with it or like it!

We have moved so far in terms of technology in the last 20 years that it’s becoming uncomfortable for me and I work in the technology industry, around the early 2000’s I first heard the phrase “The Internet of Things” and it promised so much. But the phrase may be better reading “Things of the Internet”, we are likely to be increasingly uncomfortable with technology for the short-term anyway. At least until the fabric of society catches up with the values espoused by the leadership, those little things that we have allowed to be taken away a bit at a time will some day be seen as a significant shift in the attitude of society – one allowed by society because of a lack of understanding.

It may be that at some point in the future we’ll regain all the freedoms that we have given up over the years, but it’s much more likely that we won’t. There are people who will say that you have nothing to worry about if you’ve done nothing wrong, what I would say to them is that there are lots of things considered wrong now that were not wrong in recent history. It obviously works the other way round, it’s little compensation when something that you’ve been punished for is not a crime soon after you’ve been punished.

Grit, like sand gets everywhere!

How it is and always will be!

How it is and always will be!

So the end of my contract with my current employer is rapidly approaching, just two months to go in fact. It will soon be time to look for a new position, usually at this point I reflect on what I have achieved or not as the case may be. So how does this one stack up, it has had it’s high and low points. The original task that I was hired to do was completed in the planned window, with an almost 100% hit on objectives and cost. From that point onwards there has been a gradual deterioration in communications and clearly stated objectives, it all started when the main (only) person in the IT department resigned.

I was asked to pick up the slack until a replacement could be put in place, I agreed to this so mostly I have myself to blame when it comes to the sense of frustration that I feel over the way that things have gone from that point onwards. The bulk of the work has been completed, the outstanding work is mostly dross – but there always seems to be a reason for not doing it. Hence the “Ah but…!” feelings about the last part of the job. Finally today I was told that a system that was to be the last one decommissioned will now run for an other three months, this will take it three months past the end of my contract.

I don’t think that there will be an extension to the contract, I could be wrong but I doubt it. I could stay a short while, but in truth I don’t see it making any difference, especially when it comes to achieving the desired objectives. If anyone was to ask me why this contact didn’t complete on time, I’d have to say that there was a bit of grit stuck in the foo-foo valve. It would be just as valid a reason as any other, well I think it is any way. It just seems that there is an all pervasive, couldn’t give a toss attitude around the workplace at the moment – like a bit of grit is stuck in every foo-foo valve. So as the title says, “Grit, like sand gets everywhere!” – at least that’s how it feels.