Again, IT keeps moving, and it's moving toward the Web, social networking, and the cloud. No matter what the topic is, these come up. They are, of course, all related. The cloud exists on the Internet, and everything on the Internet is accessed through the Web. Social networking sites are in the cloud (on the Web) and are growing in functionality. No longer is Facebook just a way of keeping in touch with your friends it's become a main marketing tool for many companies. It's where new products are announced, problems are discussed, and conversations with customers (fans for Facebook) are started. Conversation has become an important word companies want to have conversations with their customers (what did you buy, how do you use it, how do you like it, etc.) not just interactions (what did you buy). This is major stuff. Companies are changing the way they do business, and it's based on social networking, the Web, and the cloud.
Are you keeping up? Make sure you're on top of technology as hiring picks up and as the IT industry continues to grow.
Here's the schedule or you can view the complete schedule on our Website:
CSTA Web sessions:
March 3, 4
April 14, 15
May 26, 27
UITJ (Understanding IT Jobs) Web sessions:
TR Web sessions:
Keep in touch - I love hearing from you - and keep up with technology!
Back to top
As we use computer systems more and more, the diversity of software grows and grows. Including our least favorite category destructive software. The term "computer virus" had been around since 1983 when it was coined by Fred Cohen in his Ph.D. thesis. and defined as "a program that can infect other programs by modifying them to include a, possibly evolved, version of itself." Since that time the term has been used to describe all kinds of bad programs anything that tries to do harm to any computer system. In fact, if you use the term as a synonym for "destructive software" you're in fine company.
There are, however, different categories of bad software. We have the computer virus category, often called malware. This word helps to distinguish the other two main bad guys adware and spyware. We all know what these are. We're tired of adware (pop-ups trying to sell us something while we're busy doing something else) and often don't even focus on it any more. We're well aware of spyware (software that collects information about us without our knowledge) and purchase security programs that protect us against spyware (as well as against malware).
Back to our computer virus/malware category this is really destructive software, as these program destruct! They "infect other programs by modifying them
" And, in alphabetical order:
backdoor: A hidden program that gives control of a PC to unauthorized users,
logic bomb: A program that lies dormant until something, an event, triggers its execution,
SQL injection: A program that passes SQL commands (statements) through a web application to be executed by the backend database,
Trojan Horse: A program that is designed as something else, e.g. game or a directory lister,
worms: A program that propagates itself over a network, reproducing as it goes. It replicates itself throughout disk and memory, using up the computer's resources and eventually putting the system down.
XSS (cross-site scripting): A program where the attacher inserts client-side script into web pages viewed by other users,
Zombie: A program that allows a hacker to use a machine to perform a Denial Of Service attack against targets like web servers, FTP servers, and mail servers.
The definition of Zombies brings us to the extension of destructive software the types of attacks that are relatively common. The most dreaded attack is a DoS (Denial of Service). Simply stated, this is software which prevents legitimate users of a service, very frequently email, from using that service. This can be accomplished in different ways. The software can flood a network thus preventing legitimate traffic. Or, it could disrupt connections between two systems. Or, prevent specific individuals from accessing a service. The zombie runs on a PC and allows the hacker using the machine to run the malware. An extension, DDos (Distributed Denial of Service) simply means that you've got multiple systems attacking the central system. DoS attacks often run over a botnet, which is a collection of broadband-enabled PCs, hijacked during virus and worm attacks and seeded with software that connects back to a server to receive communications from a remote attacker. How many botnets exist? According to statistics released by Symantec, an average of 57,000 active bots was observed per day over the first six months of 2006, with 4.7 million distinct computers being actively used in botnets to spit out spam, launch DoS (Denial of Service) attacks, install malware or log keystrokes for identity theft. Repear: this statistic is from 2006.
Another type of attack is phishing, a phish attack or a phishing scam. This software attempts to fool people into parting with personal information such as their credit card, driver's license and bank account numbers. The schemes typically involve e-mails with messages, return addresses, links and branding that appear to come from reputable companies. Latest attacks are phony political surveys and requests for contributions. Some of these are so poorly worded that one look leaves most of us knowing this is a scam, but some look pretty valid.
Finally, there's one bad guy that started out as a good guy. A rootkit is system monitoring software that provides administrator-level control of operating systems. While this software was originally designed to monitor system usage, it has been taken over by hackers who use it to break into systems. It's considered to be a serious problem because the software is very difficult to detect and the only solution is completely erasing the hard disk and reinstalling the operating system. Rootkits are available for many operating systems, and provide the entry for hackers to install the malware adware spyware.
Security professionals spend a lot of time finding and blocking destructive software, and keep creating words to identify the problems. The rest of us are usually happy to just say "computer virus," which is fine until we're talking to a security pro (or a hacker).
Back to top
1. 360 mainframes have long since been replaced, but the number's back in use. What does "360" mean now?
2. What's the latest device to have newly found security flaws?
3. Which of the following does not belong?
4. Is "governance" related to the government?
5. Another misfit: Which of these does not belong?
Back to top
Have you seen Apple's tablet (iPad)? What about HP Multitouch Tablet, Lenovo IdeaPad, Sony Dash, Dell Streak, Dell Concept, Archos 7 Android or the Asus Wave? Will tablets replace netbooks? And, did netbooks finish replacing laptops? Did laptops finish replacing tower PCs?
And what about cell phones. Is Google really making a cell phone? Oh yes, the Nexus One is here. It runs the Android operating system. So does Motorola Droid, HTC Droid Eris, Acer Liquid e, Pulse Mini, and Xperia X10. And, guess what? Some of the above tablets run the Android operating system. Is Android important? Is Windows worried?
What's the point? Other than asking questions.
Things are changing. Growing, developing, changing. And oh, so quickly. The above is just a quick look at the state of individual computers. Speaking of which, how many computers do you have? A desktop at work, a laptop at home, a netbook for travel, a tablet for Web communications, a smartphone for
all of the preceding?
Not only is it imperative to keep up with technology, it's lots of fun. This is such an exciting time to be working with IT. I keep saying it, but the next five years are going to be great. Keep up!!
Back to top
The cloud won't leave the news. It's not taking over all of IT, but it is all over. And, developing software to run in the cloud is a little different. That's no surprise, developing software to run on a mainframe is different from developing software to run on a PC. Developing online programs is not the same as developing batch programs. A look at developing for the cloud, concentration on PaaS (Platform as a Service) systems.
AWS Toolkit for Eclipse Application development tool used to develop applications to run in the cloud. Integrates AWS (Amazon Web Services) with Eclipse allowing developers to manage remote instances, upload, run and debug code in AWS. Supports both EC2 (Elastic Compute Cloud) and SimpleDB management to manage both programs and storage in the cloud. Testing is done through Tomcat and support for additional application servers is planned for the future. Available to AWS subscribers at no cost. Released: August, 2009.
Cloud IQ Platform Cloud computing. PaaS(Platform as a Service) services used to create and run scalable applications. Includes:
CloudIQ Manager - provides deployment and operational features to support managing existing applications and infrastructure in cloud environments.
CloudIQ Engine - the development enviroment. Supports Java, C/C++, .NET, and the Spring Framework.
Works with public cloud providers including GoGrid, Amazon, and SkyTap. CloudIQ Engine was originally named Appistry EAF (Enterprise Application Fabric). CloudIQ Platform Version 4 added the CloudIQ Manager and was released: March, 2009.
EC2 (Elastic Cloud Compute) System software. PaaS (Platform as a Service) used to develop and run applications in the cloud. Developers define AMIs (Amazon Machine Images) which contains applications, libraries, data and associated configuration settings. Software options are not limited to, but include:
Operating systems: multiply Linux distributions including Red Hat, SUSE, Debian, Ubuntu, OpenSolaris, and Windows Server;
Databases: Oracle 11g, Sql Server 2005, MySql Enterprise;
Web Servers: Apache, IIS;
Application development: Java Application Server, JBoss, Ruby on Rails.
Computer assets are provided as instances, which include memory, processors, storage, and a platform. Various instances are available with different amounts of assets. New server instances can be obtained and booted in minutes and customers can scale capacity, both up and down, as computing requirements change. Users are charged for actual usage. Announced: July, 2006, and released from Beta: October, 2008.
Force.com System software. PaaS (Platform as a Service) environment used for development and deployment of cloud computing applications. Allows even nonprogrammers to create online applications that connect with other Force.com applications. Includes:
AppExchange, contains thousands of applications that users can try and install;
VisualForce, used to build user interfaces for any device or application. Use AJAX or Flex, create forms, buttons and links, embed mashups;
Apex, an on demand programming language for workflow and logic;
Also includes integration, database, and security as services.
Applications can be hosted for free, or developers can create their own URLs. Available: 4th quarter, 2007. Version used to create applications to run on Google's App Engine released: May, 2009
Google App Engine System software. PaaS (Platform as a Service) software that allows developers to run Web applications in a secure sandbox environment on Google's infrastructure. Part of cloud computing, and allows developers to deploy applications from a free domain name on appspot.com, or from their own domain. Features include dynamic Web serving, persistent storage, automatic scaling and load balancing, APIs for authenticating users and sending e-mail using Google Accounts, and a local development environment that simulates Google App Engine on the user's system. The runtime environment includes an App Engine SDK (Software Development Kit) and the full Python language and most of the Python standard library. Released: April, 2008. Latest update adds support for Java and released: April, 2009.
Hadoop Application development tools that use MapReduce technology. Open source software used to build reliable, scalable, distributed computing applications. Used in cloud computing. Includes:
Hadoop Core: a distributed filesystem;
HBase; scalable, distributed database (implementation of Google's BigTable);
Pig; platform for analyzing large databases;
Zookeeper: a service for coordination distributed systems;
Hive: data warehouse infrastructure that provides data summarization, adhoc queries, and analytical features.
Available at: http://hadoop.apache.org. Version 0.18 released: August, 2008.
WaveMaker Application development platform used to build Web applications. Open source product. Includes two components:
WaveMaker Visual Ajax Studio; Develops RIA (Rich Internet Applications) to build scalable Web applications using Ajax widgets, web services and databases.
WaveMaker Rapid Deployment Server: Deploys applications into a standard Java environment. Originally released: November, 2007. Cloud edition which runs on Amazon's EC2 released: December, 2008.
Windows Azure Complete environment for developing and running applications in the cloud. Includes an operating system, SQL Azure (the SQL Server database), and a set of developer services that can be used individually or together, PCs, servers, or hybrid solutions. Developers can use Visual Studio and the .NET Framework or other languages and development environments. Developed under the name Azure Services Platform. Released: February, 2010.
Back to top
1. It's used for security. 360 security means applying a 360-degree focus on security that is a continual process . Used with security across the cloud, and encompasses risk management and understanding where data resides, whether it's in motion or at rest, and is it inside or outside of the corporate network. In short, IT leaders must have the answer to this question: "Do you know where your data is?"
2. Femtocells. This is a cellular based station for home or office that communicates directly with cell phones and carries the signal to the larger network via broadband, e.g., DSL or cable. This, in effect, will give customers "five bar" service in their home or office, and allow customers to give up landlines. Offered on a trial basis in Denver and Indianapolis (from Sprint) in fall, 2007. Security flaws that allow attackers to take over the devices without being detected were discovered in 2010.
3. WAF does not belong. WAF is a type of firewall a security product. The other three are all networking technologies
WAF (Web Application Firewall)
WAN (Wide Area Network)
WAP (Wireless Application Protocol)
WAS (WebSphere Application Server)
4. Well, partially. Governance is the rules and regulations under which an IT department functions, and the mechanism to ensure compliance with those rules and regulations. IT governance software is available to help ensure standards are followed, and includes working with government regulations (HIPAA, Sarbanes-Oxley, etc.) as well as the rules and regulations of the company itself, the industry it belongs to, and other regulatory sources. IT standards cover many areas including development, change management, and project management so reference to, e.g., "project governance" is now common. SCM (Software Configuration Management) programs are usually part of IT governance systems.
5. This one's a push. They're all IBM terms. Blue Cloud is their cloud strategy; Blue Gene is a supercomputer; Blue Horizon is another supercomputer; Blueworks is a development environment for BPM systems. But Blueworks is one word so that's the misfit.
Back to top
SemCo Enterprises, Inc. respects your privacy. We do not sell, rent or share your information with anyone.