Wednesday, December 29, 2010

Web Templates

Back in the stone ages of the mid-1990's, I developed Web pages by hand. Some of my students seem pretty impressed that I can still code a page by hand, and seem to want to do things that way as well. My advice at this point is to not do it that way. A good working knowledge of HTML can be useful in order to tweak a page, or if you are writing a script to generate a dynamic Web page. However, for static Web sites, it generally makes a lot more sense to just use a Web development tool such as Adobe Dreamweaver.

As someone who is not a graphic designer, I would have problems making attractive Web sites. If I were really planning on doing Web development, I would either find a graphic designer to work with, or plan on purchasing some sort of package. Many times, designers or design companies will sell templates to Web developers for this purchase. For example, a site like Project Seven sells some really nice designs that I would never be able to create for $60. The nice part is they are designed for use with Dreamweaver, and should cleanly plug right in to your interface.

I look back on some of my early Web work, and it was clumsy, but by purchasing the rights to something like that, I'd be able to make some really professional sites with very little effort.

Friday, December 24, 2010

NORAD Santa tracker

It always amazes me how people use technology.

As a child, I remember writing a letter to Santa. Now, you can email Santa.

Just to one-up that, NORAD (North American Aerospace Defense Command - a joint Canadian/American effort) has launched a Santa tracker, complete with Google map and computer graphic video. Pretty cool stuff! If I had a small child to show this to, I would certainly do so.

noradsanta.com

Hope everyone has a nice holiday break. Looking forward to doing some recharging myself.

Friday, December 17, 2010

Java up, Adobe down

...in terms of exploits, anyway. Looks like Java exploits are gaining favor with hackers again lately, according to this CNN article.

One of the problems with the Internet and specifically the World Wide Web is there are so many moving parts. Many novice users do not seem to realize the complexity of it all. Any application software (including Web browsers) present security risks, and when you add in the various plug-ins (such as Adobe Flash Player, Javascript, Microsoft Silverlight, etc.), you have a hacker's paradise. In the typical interaction, you have three points where security breaches can happen:
1) The browser
2) The plug-in
3) When the browser and plug-in interact

A perfect secure world would have no plug-ins at all, but that is not realistic. We are left as end users to hope the developers of the plug-ins secure their products.

Adobe has come under fire a bit for some of their exploits, but it seems as if they have done a good job (albeit, a reactive job) of plugging up some of their security holes. The report linked above shows that the number of Adobe exploits recorded has gone down, while Java exploits have gone up. Does that mean that Adobe has fixed their problems, or does it mean that Java problems are easier to exploit? That I can not tell you.

Saturday, December 11, 2010

There's an option for that

One thing many computer users don't seem to intuitively understand is the idea of customization for the programs and apps they are using.

My approach to using software is to try to use the software, and when I find something I don't like, to try to find some way to change it. For example, inside of Microsoft Internet Explorer, you can change the start page. Most computer savvy users know this, but one of my friends just called this morning saying he changed his somehow and couldn't figure out how to switch it back.

This applies to Web sites as well. For example, Facebook allows you to turn off certain notification emails, change privacy settings, and change many other options. Most free email providers allow you to set up "filters", which would basically let you screen your mail (for example, you could have all email from people at a certain college go in to a special folder so it does not fill up your Inbox, but does not get deleted). If you use a site such as Yahoo! Calendar, you can set it up so it will send email reminders for events to a certain email address or phone number by default, instead of having to set that up every time you create a new event. Even games like World of Warcraft are customizable. You can switch things on or off using some of the menus in a game.

Chances are, if you are annoyed by something, there is an option to change it. Don't like Excel starting every file with three worksheets? You can change that. Do you hate it when you open a bunch of windows, and things compress on your taskbar? That can be changed. Would you prefer your Word to always space in one inch when you hit tab instead of a half inch? That can be done. Does your Blackberry give you annoying little "message sent successfully" messages every time you send an email? That can be removed.

The key is knowing that things can probably be changed, and finding the answer on the Internet.

Friday, December 03, 2010

Bring out the Dancing Pigs!

"Given a choice between dancing pigs and security, users will pick dancing pigs every time."

Once someone explained that line to me, I loved it. Basically, Bruce Schneier (a US computer security consultant and cryptographer) explained, "If the computer prompts him with a warning screen like: "The applet DANCING PIGS could contain malicious code that might do permanent damage to your computer, steal your life's savings, and impair your ability to have children," he'll click OK without even reading it. Thirty seconds later he won't even remember that the warning screen even existed."

That basically seems to summarize computer security these days. Users often get taken in by phishing schemes, download viruses, give out personal information, and do other things that compromise security...for the promise of dancing pigs. Smart hackers do this and create attractive links that people will click on.

As you can see, there are tutorials taking potential phishers through the process of stealing information. Stopping sites posting information like that is like playing Whac-A-Mole.


Congrats, you shut down a phishing site! Put down the hammer, I don't think others will pop up!

I do not know that most Americans are adequately prepared to figure out what sites are legitimate and which ones are not (and to read warnings). Sadly, people seem to learn by making mistakes and losing their personal information or getting hacked.

Tuesday, November 30, 2010

Proper Hardware Disposal

In one of my classes last week, we discussed the proper way to get rid of old computer hardware, to avoid privacy issues.

I've gotten rid of old computers, but I generally either keep the hard drives (to destroy) or use software to do a thorough wipe of the drive's data When I say "thorough wipe", I am not talking about deleting files, because data can easily be recovered from a hard drive, EVEN AFTER YOU DELETE IT. Really. As a matter of fact, Microsoft's pre-Windows operating system, DOS, used to include an undelete tool which could recover deleted files easily.

eBay is one place people can purchase used hard drives, and they even provide information on why you need to thoroughly wipe a hard drive before you sell it. You can see that the site shows that social security numbers, credit card numbers, and all sorts of stuff can be found on these hard drives. This means your identity can be stolen even if you do nothing wrong, if a company you have purchased from does not follow good procedures for hard drive disposal. Aside from eBay, there are sites like Craigslist where people get rid of old hardware, and there are always garage sales. In the corporate environment, many colleges and companies pay companies to dispose of old hardware (such as eRevival locally). If you go with a cut-rate company, you may find that though they promise to clean hard drives, they may not do so thoroughly. Any of these are ways that data can be leaked if the hard drives are not wiped.

One way you can provide a level of security is to physically destroy the hard drive, though someone could pick it out of the trash and recover something. The best way is to do a full wipe of the hard drive, or what we used to call a "zeroize" at the company I used to work for. We were putting defense systems in military crafts, and one of the requirements was that the pilot needed to have a button to wipe all the data in the system, to prevent classified data from falling in to the enemy's hands. (Yes, that information is public.)

The Department of Defense has pretty high standards for data wiping, and there are a number of tools that meet their standards. The problem is most of these tools cost money. The one that I recommend is a free tool called Darik's Boot and Nuke (available for download at www.dban.org). Despite the informal name, it is a legitimate program (referenced by CNN and the BBC). There are commercial tools that do this sort of thing as well, but the major difference is not function, it is speed (DBAN has a reputation for being slow - the BBC article says it took two hours for an 80GB drive). DBAN is cool because it gives you a CD to boot off of, and you select the depth of the wipe you want. The more depth you want, the longer it will take to run. If you are going to do this, I would recommend choosing the most in-depth wipe, doing it before you go to bed (as a home user) or before you leave work in the evening (at work), and just letting it run overnight. That way, there is no time wasted waiting for wipe to be completed. In a professional environment, having a DBAN CD around is not a bad thing, especially so your company does not end up in violation with the standards that govern your industry (Sarbanes-Oxley, HIPAA, FACTA, etc.).

A larger company may want to invest in faster, packaged software for this, or a hard drive sanitizer (such as this one - though I am certain their claim of 7 minutes per drive is for the simple wipe and not the seven-pass version).

Any of these options are better than the ol' sledgehammer method, because who wants to clean up that mess?

Spring 2011 Schedule

I just wanted to post my tentative Spring 2011 schedule at Bergen.

I am scheduled to teach:
INF 163 001 (Monday/Wednesday 3:55 PM to 5:50 PM)
INF 101 009 (Tuesday/Thursday 3:55 PM to 5:50 PM)

I may also be teaching a Summer I 2011 course, if that information is solidified, I shall announce it here.

Sunday, November 21, 2010

The Gmail Killer

Facebook is preparing to come out with a new email service, where users can get email sent to an email address @facebook.com. There were a number of headlines that advertised this as "the Gmail killer", though it could just as easily be "the Hotmail killer" or "the Yahoo! Mail killer".

First, Facebook started to try to be your "one true login". They seem to be succeeding in this, because a number of sites have started to give you the option to sign in using Facebook instead of creating an account. For example, here are some random sites that came up when I Googled "Facebook Connect":

Evony
Joost
SurveyMonkey
TravelPod

Facebook even has taken so much of Myspace's market that they are introducing a "connect with Facebook" option. That's the ultimate admission on Myspace's part that Facebook has won the war.

Facebook has succeeded there, so they are looking to expand. The next horizon seems to be Facebook email, which they've announced plans to implement. Facebook's CEO says that this email will be even better because they know who your friends are. No, really.

"Because we know who your friends are," said Facebook CEO Mark Zuckerberg, "we can do some really good filtering for you."

There is something a little creepy about that, but I do think this idea will take off. The interesting part is this: back in the early 2000's, sites like AOL had email and chat services, and tried to expand in to profiles...same with Yahoo! and MSN. None of those transitions worked well. However, Facebook starting with profiles and expanding to chat and then email might actually work.

So, Facebook vs. Google...who wins? Time will tell.

Link to story

Saturday, November 13, 2010

Keeping up with the Jobses

There's a saying "Keeping up with the Joneses" which goes back to the early 1900's (thanks Wikipedia). It basically has to do with people needing to keep up with the neighbors (in this case, the generic Joneses). I feel like Microsoft has this same symptom at points.

According to recent numbers, Microsoft Windows Mobile was only on 2.8% of cell phones, according to Gartner Research. Compare this with 36.6% for the open-source Symbian OS, 25.5% for the Android OS, 16.7% for iPhone OS, and 14.8% for the Blackberry OS. In other words, Microsoft Windows Mobile just is not cutting it.

Since Microsoft needs to keep up with the Jobses (Steve Jobs is often considered the Face of Apple), Microsoft released Windows Phone 7 last month. Microsoft basically redesigned the operating system, because as we see it wasn't working. According to USA Today, the first phone to run this OS is the Samsung Focus through AT&T, which was released on November 8.

According to cNet reviews, Microsoft does seem to have done a nice job on the operating system, but as they point out, it is an uphill battle to overtake some of the companies above them on the list. One interesting feature that jumped out from the review (since I haven't used it myself yet) was the integration with Xbox Live. That could be something that sets this phone apart, if it gives people access to their games and accounts in a mobile fashion.

We'll see how it shakes out, but Microsoft does have a long way to go.

Thanks to Kevin for the heads-up!

Friday, November 05, 2010

Twitter and Poor NBA Etiquette v2.0

Charlie Villanueva, an NBA player, recently played against Kevin Garnett. During the game, Villanueva claims Garnett called him a cancer patient. Garnett, for what it is worth, said he called Villanueva "a cancer", which isn't as far fetched as it sounds. According to urbandictionary, the term cancer "[is] often used as an insult when referring to someone who is a pathelogical [sic] source of trouble and discord within a group."

Now, who knows what happened and what did not, but I can see someone exaggerating because they are annoyed. Either way, the point is he came out and put it out there, and as we know about Twitter, there is no undo button.

If this guy's name sounds familiar, it is because he is the same guy who was benched for tweeting during halftime of a game in 2009. I blogged about that here. I would think the guy would have learned his lesson about Twitter, but nope. If it is getting in the way of your professional life, perhaps it is time to let someone else serve as your filter.

Friday, October 29, 2010

Death by Farmville

Wow.

We've seen this story on the news before...a parent shakes a child and it dies. Sad, unfortunate, but also not uncommon. This happened down in Jacksonville, Florida. What makes this sensational is the fact that the mother got upset with the child over it interrupting her playing Farmville.

Facebook's role is being overblown in the media. Notice it is not "Mother Shakes Baby to Death". Headlines seem to be more "Child Dies due to Facebook Game". The focus is put on Facebook. News articles do report she was playing it through Facebook, but Facebook did not create Farmville. You don't have to be on Facebook to use Farmville (Myspace and Twitter also work, as I understand). Putting Facebook in the headlines is sexier than putting Farmville in the headline.

Of course, this is also going to be something people cite when they say Facebook is bad for society. I have a friend who hates Facebook, and I am sure this friend will see this headline and just tie it to Facebook.

Let's be honest. If this woman would shake a baby to death over a Facebook game, she probably have done it over a TV show, or cooking, or a phone call, or any of another thousand reasons.

Link to CBSNews Article

Friday, October 22, 2010

Time Machine: Everything Old is New Again

Some topics of interest from this week's classes.

We discussed the Do Not Call Registry, which was a way to prevent telemarketers from calling you. Someday, we may see a Do Not Email Registry, but I wouldn't expect that for a while. I remember telemarketing being annoying in the 80's, and it took them until 2003 to do anything about it. Here's my original post about how to get on the registry and save yourself from telemarketers.

Second of all, passwords came up in one class this week. Microsoft has a free password strength checker on their Web site, where you can see how strong or weak your password is. Here's the link. We also discussed passwords, and how you can make a better password. I discussed the mnemonic device method for creating and remembering a password in class, and here is my original post on that.

Of course, for people majoring in the IT area, it's always a struggle to find a balance between security and ease of use. If you require difficult passwords, your users may end up writing them on a sticky note, or putting them in a passwords document.

Friday, October 15, 2010

Stalking a criminal

The Internet has obviously changed many things. One thing it has changed is crime. Criminals are known to use sites like Craigslist and eBay to sell stolen goods.

It's interesting how people have also used this in the investigation of crimes. For example, a woman recently had a GPS stolen, and used Craigslist to get in touch with someone who was selling a GPS of the same brand the next day. She contacted the guy, got his email address, used that to find his profile on an online dating site, used that information to find him on Myspace....

The police were able to get video footage from a McDonald's where he used her card, and the Myspace profile matched the face of the person on the video.

It's a lesson that (as she says) you never know who you are robbing.

Link to story

Thursday, October 07, 2010

Charging for Web design work

One of my former students emailed me to ask about freelance Web design work, and how much to charge. This is always a very difficult question, and I don't know many people who are comfortable setting rates coming out of college.

Keep in mind that companies will pay what sounds like a really high hourly rate because they are not subject to the overhead that their regular employees have, such as health benefits, office supplies, and other such items.

The difficult part in freelancing early on is figuring out how long things will take. I found as a programmer I had no sense for how long projects would take me to do. People would ask me how long things would take, and I would think it should be a 2 hour project, and I would spend 25 hours on it. I developed that sense over time. Classes like Systems Analysis and Design were great in theory, but when it came to applying the lessons, I fell a little short.

Customers don't really want to pay based on how good you are, so generally, customers should not see your hourly rate. I would suggest creating some base packages. For example, a 5 page Web site should cost X, a 10 page Web site costs Y, etc. You want to be clear with a customer what they are paying for. I found a company that does something like that here, for reference.

You can see they have a base package for $600. For a basic 5-page site, $500-$750 seems to be the going rate. This would generally include the basics of meeting with them, gathering content, designing it, having the user test it, fixing the errors they find, and making the site live. In reality, the technical end of the work will probably take less time than the other components of the project.

Other stuff that is extra, and this is where I would run in to issues. If the customer wants e-commerce stuff, or they want Flash animations, that would be stuff that would cost extra. When they describe the requirements, that is when you have to determine the cost of it. If they describe a Flash animation, keep in mind that is rarely a two-hour gig. Flash animations, Web programming, and e-Commerce projects should include testing and bug fixing time. There have been times where I wrote a program in an hour and then spent 5 hours trying to hunt down a bug. Flash programmers can charge rates of $50-$75 an hour, so a site that is heavy on customization like that will be more costly.

What is very clever is that there is a maintenance package is $50 a month for two hours worth of work, and additional hours are extra. You may want to offer options like "10 hours of updates over the next year for $250, or updates at an hourly rate of $40" rather than constraining someone to a number of hours in a month. By offering a package deal, you may have someone pay for the 10 hours even if they don't need them, just because it looks like a better deal. Also figure most updates will be small changes, so a lower hourly rate is fine.

You can of course work with people on price. There are people I've been eager to work with, and made allowances for them.

You also have to decide if you are going in to the hosting business, or if you are going to arrange for the customers to host things elsewhere. I generally would not want to get in the middle of a transaction between a customer and a Web hosting service. If this is the case, make sure you provide them the username and password for the site. Even if they don't use it, it's professional to make sure they have access to this. I've dealt with people who have no clue about this, and if they ever need to change hosting sites, it's a pain for them. Same idea goes for the domain name purchase. You can direct them, but you probably don't want to be the person in the middle since domain names do need to be renewed.

If you are not doing the hosting yourself, you have to assume some customers may have a URL purchased and a hosting agreement, and others will not. If the customer does not have the infrastructure in place, there is some startup work you have to do to get them up and running, and that may be something you want to charge for. This may be something you want to charge $100 for.

I would recommend the customer set up a billing arrangement directly with the hosting service (like godaddy). If you end up in the middle, your credit card is the one the hosting service has on file. If, however, you are planning on hosting sites yourself, that is something different.

You should always have some sort of portfolio available. For my PCCC students, your capstone project can be a start, but you may want to expand on it and upload it to a server somewhere.

The main problem I think most customers have is that they don't understand that you don't provide content. When they pay for a site, you are taking their existing information and turning it in to a Web site. You will need to meet with someone in their organization, and they should be providing you electronic copies of the information they want on the site. Some customers think you are going to actually write the text for the site, and (unless you want to do this) it needs to be made clear that this is their responsibility, and that you don't provide proofreading services.

As you get better at doing basic Web sites, you can probably get things done quicker and therefore make your business more profitable. You can also change prices as you go along. Notice the site I linked above also includes a year (2010 rate card). You can always change rates yearly (or project to project).

Wednesday, September 29, 2010

Census and computing

The US census brings to mind one of the reasons computers advanced.

The 1880 census took 8 years to tabulate. Of course, the census is done every 10 years, so a long wait for results makes this data almost useless. The fear was that the 1890 census would take more than 10 years to tabulate, which of course makes no sense.

Enter Herman Hollerith and his fabulous mustache. He invented a tabulating machine that helped with this purpose. This tabulating machine allowed them to count survey results in one year. Of course, many early computers used punch cards, so this was one of the forefathers of those computers. I did not know (until I read a little bit of the Wikipedia article) that his company was one of the companies that would merge to form IBM in 1924. Thanks, Wikipedia!

Anyway, the 2010 census results are being tabulated, and you can already see the response rates posted for all towns. Making things more interesting is the use of data mining. We can now use the computers to not only count results, but to do projections, spot trends, and all sorts of stuff that would have been impossible 100 years ago. It looks like President Obama will get the first report by December 31, 2010. Considering surveys were sent out in March and data collection ended in July, that's really amazing turn around time. Now, if everyone just did the data entry on the computer, imagine how quickly it would go!

Anyway, here's the site with the response rates:
http://2010.census.gov/2010census/take10map/

Tuesday, September 21, 2010

Using Google Earth to make $75,000

Just another case of learning from my students...

In class today, we were discussing Google services, including the advanced Google search options, image search, and Google Maps. It came out during class that the town of Riverhead, NY used Google Earth in a very interesting way. People started getting summonses for having illegal pools, and it came out that they were using Google Earth to find this out. Really! Turns out they wrote about $75,000 worth of summonses before people caught on and complained.

NPR did an interview with the chief building inspector of the town, and he said they did it for the protection of the neighborhoods, saying "I use it strictly for safety." Of course, there is some validity there, because as he states, there are requirements to make sure children don't drown, and I agree with that. I also think that, well $75,000 had something to do with it. I'm a little cynical when someone won't admit to that. Of course money making is part of it. It's not just about safety.

In the "DUH" statement of the year, he stated "Most of the people that complained were the ones that didn't have the permits." Of course those are the people that complained, because they were the ones who were directly affected and may or may not have had their right to privacy violated.

The town is no longer doing this, so I think that tells us how they feel about whether it was a good decision. If they thought it was, they would have kept on doing it. My opinion? As someone who worked for a company doing government contracting, we were told that the government could not spy on its own citizens. The government tried to implement domestic spy-satellite imaging through the innocuous-sounding National Applications Office, but this idea was withdrawn over privacy concerns. If the government can't do it using our own satellites, why can they do it using Google's? Again, my opinion, they shouldn't be doing that, but that's me.

The other interesting part is Google. This sort of use of Google Earth is not prohibited, either in the main terms of service or the government agency terms of service addendum. Yes, I checked. In theory, this is fine per Google's viewpoint. Then again, they haven't updated the terms of service in a while.

Thursday, September 16, 2010

Dead Online

Had an interesting discussion during class the other day. We were talking about online gaming and I mentioned the case of Shawn Wooley, the 21-year old who killed himself over Everquest back in 2002.

It always made me wonder how word would get out about things like this. If you are part of online communities (aside from Facebook, where people can post information to the "wall"), how do people find out? When my aunt Judy died in 2000, I remember the hassle of having to get copies of a death certificate to places like banks, retirement companies, health insurance providers, and other places, and with the advent of the Web, this becomes even more complicated. How do you get access to Web sites and other accounts if someone dies? Are things like World of Warcraft, Amazon Associates, Paperback Swap, and other sites things you would want people to have access to after you died? At this point, a World of Warcraft (or Starcraft, or whatever) account might actually be something people would put in their will...a site like Amazon Associates or Google AdWords might have unclaimed income (and continue to generate income). No one is going to change their will every time they change their passwords, so there has to be some other solution.

This is one of those areas where no one has *the* solution yet, so here are a few sites that I have read about.

First of all, there is Death Switch. Death Switch will send you a message at various times and if you do not click on the link and enter a password, they will assume you are dead. At that point, you can have the site email out your usernames, passwords, etc. that you might want your wife, children, friends, etc. to have. Of course, if you take a really long vacation, or if you die and forget to change the email address of the recipient, there are problems!

Another way to do this is to use Legacy Locker. This is a site that is similar in concept, without the replying to emails. The person would assign two verifiers to verify that they weredead, and if so, the information stored on the site would then be released. Of course, there are security issues there as well, if the two verifiers are people who conspire against you!

A little morbid, to be certain, but it's interesting that companies have found ways to make money off of this.

They both have very limited free versions. For the paid versions, Legacy Locker costs $29.99 a year at this point (or a one-time, $299.99 fee), and Death Switch is $19.95 a year.

Thursday, September 09, 2010

Zero-Day exploits

I have pretty tight security on my home system. I have my anti-virus, my anti-spyware, and router with built in firewall. I keep my operating system and anti-virus up-to-date. I feel pretty safe on a day-to-day basis. I sometimes forget that this is not true. We are all vulnerable to "zero-day exploits". These are basically newly discovered ways for you to get a virus (or get hacked, etc) even if your virus scanner and operating system are 100% up-to-date. This is the part of computer security that people don't always understand. Anti-virus programs, anti-spyware programs, the operating system, and things like that all get updated AFTER problems happen, so someone needs to be the first group of people to get this virus. Unfortunately, fixes are often reactive (oh, no, we didn't think of that!) rather than proactive (hmm, how would I exploit this system if I were a hacker?).

Yesterday, Adobe (the company that makes Acrobat and Flash, among other tools) released a statement saying there was a vulnerability in even the latest version of Adobe Reader. This is a free tool most people have installed that reads read-only versions of documents. Sounds pretty innocuous, right? Well, there is an exploit that allows this to beat security. If I were to download a file, my firewall, anti-virus, anti-spyware, and operating system would all be beaten by this exploit.

What helps is avoiding high-risk activities online. File sharing networks and torrents obviously present advantages in the form of free stuff, but even if you have all the protection I mentioned before, you are subject to zero-day exploits. This one is an exploit with Adobe Reader, but it could happen in iTunes, or in Windows Media Player, or Internet Explorer, or Firefox, or any other software package. It can also happen when people download software through these networks and actually run a program on their machine. Just remember that despite the updated anti-virus, you are vulnerable. This doesn't even take in to account the folks who have anti-virus software that they don't subscribe to and don't receive updates to.

(For those of you who understand digital signatures, this is a very clever exploit that seems to take advantage of stolen certificates. Who knows, maybe the hackers used a zero-day exploit to steal the certificates!)

Wednesday, September 08, 2010

Back to School (Fall 2010 Edition)

Today starts a new semester...as I mentioned at some point, I will be teaching two classes at Bergen.

I think in my case I have become very comfortable in Passaic. As a full time faculty member, I have a lot of freedom as to what I do in my classes. As I am a creature of habit, when I found something that worked, I stuck with it.

I have been teaching since 2001, and I hope I have improved each year, but the only place I have taught a formal class is at PCCC. I am impressed with the amount of work the department chair does at Bergen to provide support for the faculty teaching the intro course. I know some faculty resist things like standard tests, etc. However, I generally do not find this offensive. I may be in the minority, but I feel like if we as a community college want four-year colleges to accept our courses, there needs to be some standardization. I have heard it argued that the four-year schools do not standardize, but all we can do is keep our side of the street clean.

My prep time is less because the full time folks have done work setting up tests, assignments, etc. I generally spend a lot of time on assignments, so they have freed up my time. As such, I am going to try new things that I would not have had the time to do at PCCC. There is no doubt that this will make me a better educator.

So today I have INF 101 004, an Intro to IT course similar to PCCC's CIS 107, and INF 163 001, similar to PCCC's CIS 152. My experience at Bergen will certainly serve me well, and I am excited to get started.

Wednesday, August 25, 2010

The Weakest Link: Password Reminders

Security vs. Ease of Use...always is a tradeoff.

I always use an example of a car security system in class. If I could GUARANTEE that no one could steal your car, and it wouldn't be expensive to install, you'd probably go for it, right?

What if I then told you it would take 90 minutes to get in to the car? At that point, the security isn't worth it.

Generally, when you sign up for accounts, you are given very few choices for password hints. For example, what is your mother's maiden name? Or, where were you born?

The problem is that some of these things can be found out from social networking sites or even from personal knowledge. For example, if you friend your mother, everyone who is a friend of yours now knows the answer to that security question, especially if you use the Facebook "related to" option to show she is your mother. Where were you born can be guessed many times as well, even without Facebook. Where I went to high school, I would guess that most of the students were born in the same hospital. In more rural areas, that isn't as tough of a question as you might think. A good private investigator might chat you up in a bar to find out the answer to the question "what was the name of your first pet", if the answer to that question is valuable enough. In divorce cases, this sort of information can be a gold mine. If you are going through a divorce, remember that things like birthdays and anniversaries are things your future ex may know, and they can circumvent your password that way. Even things like "what is your blood type" aren't great, because how many possible choices are there? (A, B, AB, and O, I think). Even questions like "who is your favorite actor/actress" is tough, because answers change.

On the other hand, no one wants the question to be "pick your favorite number between 122 and 488".

Some sites will let you create your own questions, which present their own problems. People may tend to make even easier questions ("what is your middle name"), or really poor questions ("what color shirt are you wearing"). Yes, I've seen questions like this when helping people.

One of the better questions I have seen is "what is your father's middle name". I couldn't tell you the middle name of my friend's fathers, so this would require a little more work. Other good questions might be "what was the first bone you ever broke" - certainly something you would remember, but still vague.

Another clever idea that hasn't taken off is "Passfaces", where people use visual reminders as a password. Clever idea either as a replacement for a password or as something to augment password reminder security, but not mainsteam yet.

The best defense is to pair sets of questions together, asking people to answer multiple questions to get access. Another way would be to give people a checklist, for example, ask "which of the following statements are true about you", give a list of 15 things, and have the person check off which they have done. For example, give statements like:
I have shoplifted something worth more than $10.
I have been to Cincinnati.
My first car was white, yellow, brown, or green.

Have the person check off yes or no for each, and they are only granted access if all 15 questions are correct. Even if someone tries to guess their way through that, that is hundreds of possible responses. The problem here is that the best questions are the deeply personal ones that no one else knows the answer to. These are also the questions people might be shy about answering honestly. For example, the "shoplifted" question is good, but would I really check off "Yes" if this were a password reminder for a company I work for?

Or, you can do what I do, and give fake answers to the questions in a way that you will still remember it. Or, just use your mother's maiden name everywhere and wonder how all your accounts got hacked on the same day.

Tuesday, August 17, 2010

A Vision of Students Today

Students learn differently today than they did even 10 years ago when I was in college. I've been at a number of meetings at PCCC where they emphasize this. It's never easy to change teaching habits.

A few years ago, a professor at Kansas State University put together a video that describes some of these things. Writing on the blackboard should be replaced by more entertaining ways of learning. I grew up on Nintendo, and I personally was bored in college by straight lecture. I think that education is changing, and I think a lot of professors feel like if they are paid to lecture for three hours, they should be lecturing for three hours. I saw this video for the first time last week at an adjunct orientation at Bergen.

I feel like online classes has helped create some momentum in education reform. Professors have had to find ways to redesign education, and this is a good thing.

This video definitely gave me something to think about.

http://www.youtube.com/watch?v=dGCJ46vyR9o

Friday, August 13, 2010

My Fall Plans

As I mentioned earlier, I am taking a leave from PCCC in the Fall semester. I mentioned earlier that I wanted to recharge. However, that doesn't mean I am going to do nothing with my time.

One thing students do not always get to see is how active some professors are outside the classroom. I know it took me three years at Montclair State to figure out that my professors actually had other obligations besides teaching and office hours and course development. I guess it just never crossed my mind that all sorts of things need attending to.

For example, who approves changes to courses and programs? There should be some sort of process where other people in the college can discuss proposed changes. One of my duties has been to prepare some of our curriculum changes, filling out the appropriate paperwork, and getting my department on board. This also involved presenting the changes to our Curriculum Committee (ably chaired by another member of my department, Professor Bamkole). If there were changes suggested by that committee, I would then incorporate them. I would need to present them again at the Academic Council - this is the entire College community. Again, people could make suggestions and I would need to incorporate them. Any small change to a course required at least three meetings and a number of possible revisions. In other words, rewriting a course description might take 30 minutes to rewrite and then 5 hours to document, present, revise, re-present, and revise.

Point being, there are a lot of responsibilities of being a full-time faculty member that are not necessarily obvious. I wanted to update you on my fall plans.

First of all, I will be teaching two classes at Bergen Community College. I am scheduled to teach INF-101-004 (similar to PCCC's CIS 101) and INF-163-001 (similar to PCCC's CIS 152 class, but with more technology and less business. The courses both meet in the late afternoon, which is interesting, since we generally have problems filling classes in those time slots at PCCC. Bergen does things a little differently, so I am working on getting fluent in their WebCT/Blackboard system, as well as learning the INF-101 textbook. It's a book that is taking a really interesting approach to things, and I look forward to trying it out.

I am also working on a few side projects.

I am working on doing some of the supplements for a new edition of the Exploring Access 2010 textbook (test bank questions, etc). I am also working on a manuscript for an Office textbook.

I also will be doing some work with teachers and possibly students through the PRISM program at Montclair.

Should be an interesting semester, to say the least.

Wednesday, August 04, 2010

Microsoft Digital Literacy

Microsoft has a new program available called Digital Literacy. This is part of their efforts to help educate America.

As part of it, they have a set of free trainings available on their Web site. One is a basic computer literacy training, and the other is a slightly more advanced Microsoft Office and Windows training.

For free, why not right?

Link to Site

Wednesday, July 28, 2010

Workshops, and the role of computer training

I just finished a series of workshops with the group I work with at Montclair (PRISM) in conjunction with PCCC. It was very interesting to be working on a joint effort with these groups. I have been working for the PRISM project (and it's previous incarnation, CETERMS) since the summer after my sophomore year. They are a grant funded project that provides teachers with training in the math/science areas. It is actually the place I got my start teaching. Someone was scheduled to do a technology workshop and called out sick. I had been assisting the workshop coordinator, so I knew the workshop, and I gave the workshop that day. I've been doing technology training for them ever since. I've done Internet concepts (and for 1999, that was pretty forward thinking!), PowerPoint, data analysis with Excel...and a few more workshops. I also used to do their Web site (coding the Web pages by hand, instead of with a tool like Dreamweaver). Who knew I would turn out to be good at teaching and would turn it in to my career? I certainly did not, and I don't think the woman who runs the program foresaw this either.

Anyway, this summer presented a very interesting challenge. The theme that was chosen for PCCC and PRISM to work together was Forensic Science. I didn't really see any way I fit in to this, but eventually as I worked to liaise between the two groups, I noticed they had fingerprinting database software. Basically, it would be able to look up people's fingerprints and match them to a local criminal database that you create. It's not FBI, but it's good enough for training and small police forces. When I suggested including that, I was told that they did not have anyone qualified to teach it, and that people were waiting to go to training for the software.

The beauty of studying computers is that once you have a feel for computer interfaces, new technologies are easier to learn. I sat down in front of this program (by a company named Sirchie called ComparaPrint- though oddly enough, I can't find it on their Web site so I can link) and picked it up very quickly, and I have never seen a program quite like this one. I managed to learn how to use the software very quickly because I understand the concepts of databases. This software is basically a big database package, and since I understand databases, all the natural operations (adding a record, performing a query, generating a report) came pretty naturally. Likewise, back in my undergraduate days, I remember teaching myself a programming language called Perl by doing what we called "hacking around". I just sat down, played with the language, and learned the key things in one night. That was easy for me since I learned programming concepts at Montclair (as opposed to receiving training in a specific programming language). Montclair did an excellent job of using the programming language as a vehicle to teach programming concepts.

In most college programs, there is a mix of theoretical concepts and facts, and the general feeling I get is that if you teach students how to learn about their field, it will treat them well going forward. It reminds me of the old saying "give a man a fish, and you will satisfy his hunger...but teach a man to fish, they will eat for a lifetime". Most careers require evolution, and computers perhaps more so, so this is why I do not think it is critical if my students remember what tab the spell check button is on. My personal opinion is that Information Technology should not be a degree where you simply learn where to click around, but a career where you learn how to learn new technologies. This is why, even though I teach software in my application software training classes, I do tend to ask some short answer questions about how the tool can be used.

I had a lot of fun, and I do not think that many people (some of whom may be reading this now, since I did give out this blog address) realized exactly how short of a time I was using that tool.

Saturday, July 17, 2010

How Old Spice just changed social networking

I was watching the baseball All-Star game the other night and there was an Old Spice commercial that came on. This commercial featured a good looking guy basically telling women that their man doesn't look like him, but they could smell like him. It was really over the top and goofy.








So yeah...amusing enough, I chuckled. Were this the end of it, that would have been enough, but the commercial producers arranged for their Facebook, Twitter, and Reddit sites to allow people to tweet/post questions. The actor, a former NFL hopeful named Isaiah Mustafa, then posted an incredible amount of responses...all of which were done in a towel in his bathroom as if he had just left the shower. Some of them were to famous people, and some to random people. Some of the celebrities he tweeted videos to include Demi Moore, George Stephanopoulis, Ellen Degeneres, Rose McGowan, Ashton Kutcher, Ryan Seacrest, Starbucks, and perhaps most famously, Alyssa Milano. Alyssa Milano went back and forth, with the actor posting four videos flirting with her, and even sending her flowers in real life, and prompting Alyssa Milano to post a video response in a towel of her own (view the entire set of videos here).

Apparently, he responded with over 180 videos over a few days, and had 5.9 million video views in the first day, according to this article. The amazing part is that this is getting news coverage, and celebrities are basically giving Old Spice free advertising. This is just one of the most amazing Internet buzzes I have seen. Sadly, the videos seem to be done for now according to the Twitter feed, but I wouldn't be shocked if Old Spice brought them back based on the popularity.

The question for Old Spice is always "will this improve sales" and the answer isn't clear at this point. If nothing else, they generated buzz!

The actor, based on this, was signed to a deal with NBC, who hope to capitalize on his buzz and create a sitcom.

Check out the tweeted video responses here:
http://twitter.com/oldspice

Wednesday, July 14, 2010

Amazon Free Shipping For College Students

Let's say you wanted to purchase one of Kevin Mitnick's books on Amazon. At the moment, "The Art of Intrusion" costs $11.53. If you were to purchase this, you would need to get to $25 worth of purchase to get free Super Saver shipping (5-9 days), or you could pay $3.99 for shipping for this item and get it in 3-5 days.

Amazon also has available a program called Amazon Prime. This will let you get free shipping on most orders, but most of the time to sign up for Amazon Prime costs money ($79 a year).

At the moment, it is free to students. Sadly, for PCCC students, it requires a .edu email address, which our College does not provide. However, for readers who are at other colleges, you may be able to take advantage of this. Amazon does reserve the right to ask you to provide "proof" that you are a college student.

www.amazon.com/student

Thursday, July 01, 2010

Bill Gates joke

I was reading an article by one on my favorite writers, Joe Posnanski, about Lebron Jame and where he will end up.  As a Knicks fan, I am hoping the answer is New York, but we shall see. The article had a joke that was similar to one I had heard about Bill Gates.  It went something like this:

Bill Gates dies and meets with St. Peter in purgatory.  St. Peter says to him "Bill, you did a lot of good in this world, but you are also responsible for Windows ME and Windows Vista.  I'm going to let you decide whether you want to go to heaven or hell, we will take a tour of each."

St. Peter takes Bill on a tour of heaven, and there are angels playing harps, things like that.  Bill thinks this is nice, but is curious as to what hell looks like.  St. Peter takes Bill to hell, and the devil himself takes Bill on the tour.  There are warm, sandy beaches with beautiful women on the beaches, people drinking and playing volleyball, warm sunshine and laughter. 


The devil returned Bill to St. Peter and gave Bill the choice between heaven and hell, and Bill chose hell. 


A week later St. Peter decided to check in on Bill and see how he was doing.  When he got there Bill was chained to a wall, being burned and tortured by demons.  St. Peter asked "How's everything going?". 

Bill said "This is nothing like the hell I visited last week!  What happened to the hell I visited with the beaches and sunshine??"

"That was a demo," replied St. Peter. 

(I've also seen the ending "that was just the screen saver")

Sunday, June 27, 2010

Easter Eggs

The term "Easter eggs" refers to features that are hidden inside of a software program, DVD, or other such technology.  For example, back in the original Nintendo days, there was a game called Contra.  You started with three lives, and that was a pain.  However, you could also enter a code (now known as the Konami code - after the game manufacturers) to give you thirty lives.  It's been years since I played the game, but I still remember you had to hit up, up, down, down, left, right, left, right, B, A, and then Start, and you would start the game with thirty lives.  That was my first experience with Easter eggs.  Nowadays, you can find many sites that list the Easter eggs in video games.  Aside from video games, many DVDs now come with Easter eggs built in, as you can find on this site


There are typically Easter eggs built in to software, as well.  For example, Microsoft Excel 97 used to have a flight simulator built in to it, but Microsoft apparently removed Easter eggs in their software in 2002.  Note that sometimes people get confused as to what is a hidden feature and what is an Easter egg.

Anyway, even Google has some Easter eggs in it, and I saw an article showing some of them.

Top 15 Google Easter eggs

Tuesday, June 22, 2010

Joe Biden and the war on piracy

The Vice President of the United States is working with groups to fight piracy of music, movies, and software on the Internet.  According to the article linked below, he considers it theft.  A government officer issued a report that sounds like it actually included intelligent recommendations, including working with file sharing sites based out of the United States (and therefore, not subject to our laws).  For example, sharing copyrighted files here is illegal.  However, in other countries it may not be, so how can the United States prosecute people doing it elsewhere?  (Short answer: we can not as it currently stands).  However, they can collaborate with these countries (and put pressure on them too), which is apparently what this report recommends.

This is part of a more widespread intellectual property proposal that includes things like counterfeit pharmaceuticals and other such things.

http://news.cnet.com/8301-31001_3-20008432-261.html

Sunday, June 13, 2010

Times Square Bomber and Computer Forensics

Most people think just because it is a free email address with no billing address, they are safe, but there are many ways they can be tracked.  Take for example the suspect in the Times Square bombing.  Technology helped lead to his arrest.   The car that was used was apparently purchased in cash after an ad on Craigslist. The guy was apparently somewhat clever in covering his tracks, according to reports. He switched license plates at a place where it was unlikely to be noticed (a garage - when was the last time you checked to see if your license plates are really yours anyway?).  He also attempted to remove the vehicle identification number.  Unfortunately, it is found in a number of places in most vehicles, and the suspect missed a few locations.

So, how did Craigslist play a role? The seller apparently got an email from the buyer, who paid in cash. With that email, authorities can determine what IP address that email was sent from.  With that IP address, it's an easy matter to determine who the Internet Service Provider of the sender was, and you can subpoena that ISP to get the name of the customer.

If that was a dead end, they could also trace the email address.  Let's say the guy signed up for a free Hotmail account.  He signed up from some computer somewhere, so law enforcement could subpoena Hotmail to find out what computers accessed that email account, and follow the trail as mentioned above.

Now, this guy was either sloppy or just did not think they would catch up to him quick enough for things to matter, because there were a number of ways he could have obscured his identity better.

First of all, he should have created this email address from a public computer, and only accessed it from a public computer.  Either that, or he should have "borrowed" someone's wireless Internet connection, because then the trail would lead back to them.  He could have driven around and found one easily (and this is part of the reason not setting up security on your wireless Internet can be a very bad thing).

Secondly, he should have made sure there were no cameras that could help aid in his identification, regardless of the method.  A nice, unsecured location could be helpful, and scouting is important.

Thirdly, he should have made sure to pay in cash (if this were a cybercafe), use a fake ID (in a library), or used a program to try to hide his computer's network card address (if he used someone else's Internet connection).  Each network card manufactured has a unique identifier, so if he connected to my router, I could browse my logs and find out the network card address (known as a MAC address).  Law enforcement could subpoena the manufacturer to get the name of the buyer.  If he was smart, he would have paid cash for a cheap network card (and bypassed the built-in wireless found in most laptops) and used a throwaway one.  Again, if it was purchased recently, store cameras could be used to track suspects.

Finally, he should have used some program to anonymize his Internet usage and/or mask his IP address.

I do not know the specifics of what he did or did not do right, but electronic communication is not difficult to track with a little technical knowledge and the power of a court order.

Link to Story

Saturday, June 05, 2010

Out of Office Message and Privacy Risks

I remember as a child my parents used to have an answering machine.  For those of you too young to remember those, they were basically like voicemail, except they plugged in to the wall.  I remember at some point my parents changed the message from "we are not home right now" to "we can't take your call right now".  I remember the explanation was that if you said "we are not home right now", a criminal would know you weren't home, but the other message might give them pause.  My parents did not lock the doors, by the way, so I do not think an answering machine message would deter them.  I suppose I can see not wanting to say "we are out of the country from June 1 through June 10", but do you really confuse criminals by saying "we can't take your call right now"?  I guess I never felt like it would be a deterrent.

The reason this came to mind is because as I mentioned I am going to be away from PCCC next year.  I am considering what to do with my out of office message.  By putting one out there, there is a slight risk of that information being used against the College.  A smart social engineer could in theory find a way to leverage that information.  However, the alternative is to check my work email, and I am in theory not supposed to when I am on leave.

We use Microsoft Exchange.  This will allow me to put up an out of office message.  I have the choice to reply only to people in the same domain (@pccc.edu) or only to people outside our domain (everyone else), or simply everyone.  Most people would just put up an out of office message saying to contact their department chair, but the problem is that by doing so, I open up two accounts for spam.  If a spammer sends an email that gets past the email filters, they will get a reply not only showing my email is active, but also giving the spammer my department chair's email address. 

I could also make it a little more complicated, for example, say email
person at pccc dot edu
(which would of course translate to person@pccc.edu)
...but some people would get confused with this.

Making matters more complicated is that I have some business contacts that I would like to be able to contact me.  If I want them to be able to find me, I should probably provide some sort of email address for them to use to contact me.  So, the end result is going to be me setting up a new email account, to protect my home account from spam, and an added risk to both my email address and my department chair's email address.

Now, to figure out what this message should say...

Wednesday, June 02, 2010

Web Celebrity Hall of Fame

Wow, this is an interesting site (though possibly not safe for work).  College Humor has put together a list of what has to be about 75 sites that have gained fame throughout the years...from "Chocolate Rain"...to "Numa Numa"....to "Angry Ginger Kid" (no relation) to the "GI Joe Spoofs".  This is apparently a part of their site that has been up for years, but I hadn't seen it until today.  Definitely very cool to see many of the Internet memes put together in one place.  At one point or another, I have seen most of these things show up in my mailbox or over an instant message.

Warning: This may suck hours from your day.

http://www.collegehumor.com/web-celeb-hall-of-fame/alphabetical

Thursday, May 27, 2010

Your lawmakers and technology laws

In my CIS 152 (Internet/E-Commerce Technologies) course, we discuss some of the reasons technology is ahead of the laws.  I usually then bring up a picture of Frank Lautenberg (an 86 year old Senator from Paterson) and half jokingly asking if the class thinks this guy even knows how to check his email, let alone write laws on technology.  (And yes, I am sure he has a staffer who does the work for him)

I do know there are many committees and subcommittees who specialize in certain areas, but part of the problem is the representation we have.  A government should really represent the people they represent - in demographics, education, race, occupation, etc.  However, if you look at the numbers (scroll down to "Education" or "Occupations"), you will see that over 50% of the Senate have law degrees (57/100), while only 1 of 100 has nothing beyond a high school diploma.  None have associate's degrees.  Yes, this means 99/100 Senators have at least a bachelor's degree.  Now, I understand that you do need a level of savvy to do things politically, but it is one thing to study groups you don't know, and another thing to actually be one of those people and try to be an advocate for them.

In addition, if you look under the occupations, you will see there are (as far as I can tell) no Senators and only one Representative with a degree in Computer Science (Steve Scalise from Louisiana).  Meanwhile, there are 24 members of Congress who are medical professionals.  Of course, one does not need a degree in Computer Science to understand technology, but if you are not using the technology on a daily basis as an everyday person is, you can't truly understand the challenges the way the everyday user does. 

If I needed any more proof in my mind, the article below confirmed what I thought.  In this Washington Post article, it says that a number of Congresspersons do not even know how to use an ATM, or do not use them frequently.  This is information culled from public statements, and I am sure there are many more who, if they answered honestly, would say they also do not use ATMs.  Therefore, when reform comes across the Congressional floor regarding ATM fee reform, they do not truly understand the problem (in this case, large ATM fees) as someone who pays large ATM fees does.

So, if Congresspersons do not have a deep understanding of ATMs (which I take for granted as a pretty simple technology), imagine when someone tries to explain phishing to them...or the challenges of wardriving....or why spyware should be restricted.

I am sure they have some staff members who can inform them about these things, but it is very different when a Congressperson has first hand understanding of an issue and a passion to fix it...and another thing when a staffer gives them information on a topic.

And this, ladies and gentlemen, is part of the reason why technology laws are so far behind the technology.

Friday, May 21, 2010

Everybody Draw Mohammed Day

Facebook certainly has had its share of controversy, and another round of controversy has come up recently.

The entire Facebook site was banned in Pakistan due to a Facebook user creating a group called "Everybody Draw Mohammed Day".  Images of the prophet Muhammed are considered offensive by many people of the Muslim religion, as shows like South Park have shown lately.  I think every group has the right to their own beliefs, and if they believe that an image of Muhammed are offensive, I don't think I have any right to tell them otherwise.

Facebook was blocked in the entire country of Pakistan as a result of this controversy.  The offensive page has been removed.  No one is quite sure whether Facebook removed it, or whether the creator did, or whether it was hacked and taken down.

Sites like Facebook present such interesting problems for governments.  In the United States, we enjoy a freedom of speech, but in other countries, this is not necessarily the case.  In a country where that is not the case, how does a government deal with a site that is based in the US (and therefore a site they have no jurisdiction over)?  Worse yet, how does a government deal with a site that contains offensive material posted by a user, as was the case here?  In Pakistan's case, they chose to simply shut off access to Facebook.   Fascinating.  One person posts something offensive, and it causes an entire country to block access to the entire site.  Think of all the losers here.  Advertisers could not get their message out, so they lose.  Facebook could not display the ads, so they lose revenue there.  People around the country who had nothing to do with this and no knowledge of it could not access the site. 

It makes me appreciate our freedoms just a little more when I read things like this.

Tuesday, May 18, 2010

Cyber Crooks and Disasters

As always, criminals are clever. 

When disasters or other newsworthy events happen, they rush to get information out there.  The goal is to get people to visit their sites, and if they can be the first results on Google after an incident, they can often infect people before Google has a chance to filter out the results.

For example, when the recent Icelandic volcano eruption happened, the scammers were smart enough to realize people were not going to search for the actual name of the volcano (Eyjafjall), because who is going to remember that spelling?  Instead, they had results up quickly for the search terms people would likely use - things like Icelandic volcano eruption.  By getting their results on to Google quickly, they had the chance to infect people's PCs.

Interestingly enough, newspapers want to be the first people to report news to gain prestige.  They are now competing with hackers.

http://pandalabs.pandasecurity.com/volcanos-ashes-and-malware/

Saturday, May 15, 2010

Leave

I know I announced this in some of my classes, but I wanted to make a public mention of this.  I will be taking a leave of absence from PCCC next year.  Since I am tenured, this is not an end, but rather a chance for me to take some time and recharge. The College has supported me in this, so I thank them for that.

My plan is to return in the Fall 2011 semester.  I still plan on updating this blog and being around, and of course I will be at graduation this year (and next year).

Friday, May 14, 2010

10/SP Grades

I am always happy to see technology make things easier for people.

I remember when I first adjuncted a class in 2001, my students wanted to receive their grades.  They told me it took them weeks to get the information from the College.  I was happy to email the grades to them, but this being 2001, many of them did not have email (and the College didn't buy a portal until 2004 or so).

It used to be that we would have to fill out paperwork, send that paperwork to another office, and then that office would manually enter this information in to the computer.  Yes, I would take my electronic files, turn them in to paper copies, and then have someone else turn the paper copies in to electronic copies in the College's database.  Then someone would print letters, put them in envelopes, and put them in the mail, and a month later, students would get their grades.

Now, it's all electronic.  When I enter grades, the Registrar's Office just hits a button and students can access their grades.

I sent grade information in for all my classes by Wednesday of this week, so at this point, all students are able to see their Spring 2010 grades.  Two days to get grades...we have come a long way since it took a month to get them.

I think most of our professors assume you know how to get the grades (this is what a College Experience course should teach you, among other things).  If you do not, you can find the information on the College's Web site:
http://pccc.edu/prospective/registration/grades

Friday, May 07, 2010

Blogging with Word

This blog is being done entirely in Word 2007 on my home computer. I've resisted using this so far because (as I've been discussing lately), sometimes retraining is hard for someone who is experienced with a tool. I am making a concerted effort to try to really use some of the new features.

I enjoy blogging (obviously - if I've been doing it here for four years). I typically use the Web interface to blog, but there are some advantages to using a new feature in Word 2007. Word 2007 will allow you to publish directly to many blog services, including Blogger (the site I use) and WordPress. For someone like me, who is familiar with the Web interface, this is not a big deal. However, let's take the case of a company that has no technical expertise. They want to add information to their Web site, and their Web person has integrated a blog in to their Web site (such as the site FutilityInfielder.com. Jay Jaffe (who I met a number of years ago at a Pizzeria Uno in NYC) has his blog set up through WordPress. He publishes directly to WordPress, and it shows up on his Web site. Many companies want this type of ability. The only problem is that Web blog publishing can be complex for a new user. A good Web developer could set up someone up with a Word 2007 blog and avoid the hassle. If the person knows Word 2007, all they would have to do is click on the Office Button and select "New", and then select "New Blog Post". The account setup only needs to be done once, so you could very easily give a less savvy customer a five minute demonstration and get them blogging. Now this user will have all the Word tools they are used to: spell check (with their custom dictionary), formatting tools, thesaurus, symbols, tables, and all the rest. Once they type the blog, all they need to do is click "Publish". Adding pictures becomes a little more complex to set up, but can also be automated. The ability to give a customer push-button blogging that integrates in to their Web site is a great little feature.

One other issue that I see is that sometimes, people want to keep a record of their blogs. For example, there was a site named Gaia that had a blog function. A colleague of mine was blogging there for a few years, and the site shut down. In order for her to save old blogs, it became a real pain. If one were to use Word 2007 to do this, they could very easily click "Save" and keep a local copy of all blog entries as they publish them.

Here are instructions on how to set this up: http://office.microsoft.com/en-us/word/HA101640211033.aspx

What's also cool is if I make changes, I can just type them in to Word and click "Publish", and it knows to "Republish" rather than create a second entry.

Still haven't figured out how to add tags, but overall a nice feature.

Tuesday, May 04, 2010

New Blog Post

This is a post demonstrating that you can "push-button" publishing from Word to a blog.

From XP to 7: new features part 2

One of the new features in Windows 7 that I noticed was the addition of libraries.   Windows 7 has introduced a feature that allows me to specify a group of directories as a library.

Let's go with an example.  If you have a folder for music in your Documents folder.  However, let's say you also download song files through a program like Ares.  If you do that, you would typically have to move those files from the Downloads folder over to the Music folder in order for you to listen to the music.

Now, with the addition of Libraries, you can specify a number of folders that contain music, and simply browse to it.  For example, under your Start Menu in Windows 7, you will see an area called "Music".  This is a link to the library.  This will show you music files in all folders that it recognizes as music folders.  Right clicking on it and selecting it will allow you to add or remove folders from this list.  You can do this for pictures, videos, and documents by default.

You can also create your own custom libraries.  For example, I have three locations that I am typically using for school stuff.  The locations are my downloads folder (where electronic files I need to check go), my documents folder (where I typically keep some information), and my desktop (where I put stuff I really don't want to forget).

It is also very cool that programs optimized for this (for example, most of the Office suite) can use these libraries as well.

Though you CAN include folders from an external hard drive, you can NOT include locations on a USB drive.  That is one negative I have.  If someone is technically proficient, it should not be a problem.  For example, my USB drive is always assigned to a drive letter of "H".  Any non-work USB drive gets "F".  I think I understand why they wouldn't allow this - but there should be an option to override it.  In my case, there will never be confusion between my main USB drive and others, and I think that is why Microsoft disabled this option.  I wouldn't mind if it gave me all sorts of annoying warnings, if it allowed it.

Cool feature, though the USB drive being excluded is a bummer.

Link to more information (with pictures)

Tuesday, April 27, 2010

From XP to 7: Using the new features part 1

As I mentioned a few weeks ago, I went to a conference in the city and they demonstrated the new features of Windows 7.  This got me thinking that I should start using the new features.  Since I skipped Vista as an operating system, some of the things I am learning were new in Vista, and some are new in 7.

Here are some new features I am going to use:
  • Flip 3D: Since the old days, holding down the ALT key and hitting TAB was the way I switch between open programs.  Windows 7 has a new feature called Flip 3D that is similar.  If you hold down the WINDOWS key and hit TAB, you can switch between programs, except with a 3D effect.  This is a very neat little feature that I will add to my bag o' tricks.
  • Windows+Arrow: I have two monitors at home.  I have times where I want to switch things over to other windows, and I have thus far been dragging things from one monitor to another.  Who knew I could simply hold WINDOWS and hit the RIGHT ARROW to move it to the screen on the right, and WINDOWS and LEFT ARROW to move back to the left screen.  This is a pretty neat little feature that saves me some mouse clicks.
  • Problem Steps Recorder: There are times where I want to show people problems I am having, and I end up taking screen shots (using print screen).  The problem is I then have to type up the steps and do work to show this.  This tool will let me simply record step by step what I am doing, so I can create a report and just mail that with very little effort.  I can imagine this is going to be a great tool for technical support professionals in the future as well.  Link to more information

Saturday, April 17, 2010

Interesting Computer Stuff Wayback Machine: 4/17/2010

Trent at The Simple Dollar does this thing where he looks back and says "what was I doing at this time last year".  I thought I might check it out for my blog and see what happens.

Wayback to one year ago (April 2009):
Just because security is an illusion doesn't mean you can't be safer
How readable is your Word document?
Nissan vs. Nissan
I discussed how motivated hackers can get in to most any system, and how your goal should be to not be the weakest link.  I also discussed "readability statistics" in Word (which I recently demonstrated in my CIS 125 classes).  I also discussed the case of Uzi Nissan, who owns Nissan.com and is constantly sued by Nissan, the car maker.

Wayback to two years ago (April 2008):
Secure, Random Passwords
What not to do in PowerPoint
People want passwords that are easy to remember.  Sometimes, for security's sake, it is worth it to memorize a difficult password.  PC Tools has a link that will create a difficult to hack, random password.  And when I say "memorize", I don't mean "write it on a sticky note and put it on your monitor".  I also had found a PowerPoint video that I still use today: "Life After Death by PowerPoint".  This is a comedy routine that a comedian does to show common presentation mistakes.

Wayback to three years ago (April 2007):
Massacre of Virginia Tech
Wow.  The College was in the middle of closings due to the flooding of downtown Paterson (sound familiar?), and the Virginia Tech shootings had just happened.

Wayback to four years ago (April 2006):
Hello World
The blog had not been created yet, but it was close.  I started the blog on May 6, 2006 after attending a conference at NJCU.

Wednesday, April 14, 2010

Learning Technology

One of the problems with teaching technology is that everything changes.  Many times, people just sort of stick with the features they know and just look for the spot where that same feature is, rather than learning the new features of a program.

The most recent example I can come up with is Office 2007.  People got very frustrated with a new interface, even if it is a simpler interface.  One company even created a program to make Office 2007 look like Office 2003, and charges $30 for it.  People will pay $30 to stick with the old interface!  (To be fair, businesses don't like dealing with retraining, because it costs money).

This does go beyond new versions of software.  I remember when I was in college, we were being taught the C programming language (something we computer people use to actually create computer programs).  The college upgraded to a newer version of the language called C++, and I did not bother to take advantage of the new features.  For those who know programming, C is designed to be procedure-oriented, while C++ is designed to be object-oriented.  It took me years to gradually accept the object-oriented programming method.


The reason this is on my mind is because I went to a conference in the city last week, and they included a demonstration of Windows 7.  I have had Windows 7 for a while at home as my primary operating system.  I didn't realize how many features I haven't been using, because much like the programming days in college, I have been using Windows 7 like it was still Windows XP.  I am planning on spending some time playing around with the new features this weekend and re-learning my behaviors a bit, because that's what a technology person should be doing, right?

Monday, April 12, 2010

Hacking Facial Recognition Software

One thing that I see often in TV is facial recognition software.  For example, in the current season of "24", Chloe O'Brien is able to very easily figure out who someone in based on the digital image of their face.  The way these software programs work is similar (though not as advanced as in "24").  They take a facial image and scan it to determine what the features of the person are, and then compare that to a database of people's characteristics.

Of course, the easy way to beat this would be to wear a ski mask or something, but it would be way too obvious if you were walking around in public with one on.  I often wondered if some sort of plastic surgery would make you harder or impossible to detect, and that certainly is an option.

However, a computer programmer was able to reverse engineer this software to find ways to beat it, in theory by using makeup patterns.  He had three sets of images.  The first set were basic images with no makeup, the second set was images with random patterns, and the third set were images that exploited what he considered potential weaknesses in the facial recognition software.  His conclusions?  The patterns he created all fooled the system, while the random patterns and the blank patterns did not fool the system.

His conclusion?  The images represent potential anti-surveillance makeup.

Now, if someone was walking around with the makeup you see in the images, it might look weird still...but the potential is there.  If someone can wear a weird makeup pattern and throw off these systems - well, these systems need to be more mature and figure these things out.  I am sure the companies will say "well, no one is going to walk around with that makeup" publicly, while privately scrambling to find a fix.

Needless to say, if a graduate student came up with an idea like this...imagine what terrorists who do not want to be found will come up with.


http://ahprojects.com/c/itp/thesis

Wednesday, April 07, 2010

Probably Bad News

If there is one thing I like, it is looking at the world around me and being amused by it.

Probably Bad News is a site that accepts user submission of bizarre and poorly worded newspaper, online, and television news reports.  It's definitely worth a click, though it may not be safe for work!

probablybadnews.com

Wednesday, March 31, 2010

Animator vs. Animation

This is an interesting use of Adobe Flash and also very creative.

Adobe Flash, of course, is the program that we use to create animations.  Most home users have Adobe Flash Player installed, which allows them to view these animations (but not create them).  Many companies like this feel they can give away the viewer, and if people actually want to design things with the program, charge for that.

The animation below is pretty cool because in my CIS 273 class, I teach Adobe Flash, and it's cool to look at an animation and just understand how it is done.  My Web Graphics students, past and present, should understand how much work went in to this person's animation.  Cool stuff!

Link to animation

Monday, March 22, 2010

Cat-proof your computer

So, I ran across this site today and, it's interesting to say the least.  You can buy software to cat-proof your computer.  Really, for those cat owners out there, is this a problem worth software for?

I think my favorite feature is the one that detects cat-like activity, and plays a sound that annoys cats to chase it off of your keyboard.

This is not a joke, from what I can tell:

http://www.bitboost.com/pawsense/

Monday, March 15, 2010

Professionalism and what they don't teach you in college

All of a sudden, I feel like the committee that put together our schedule was brilliant.  They scheduled it on  the week of Daylight Saving Time, which gives us all a week to get used to the new time schedule.  If it were planned, I would be impressed, but I do get the feeling it was not actually planned and is just a coincidence.

I was thinking about something this morning, and it has to do with professionalism, and how these things are not formally taught in a classroom.  Specifically, I was thinking back to a moment about ten years ago, and how I personally didn't understand professionalism once I got in to the workplace.  My first place of employment out of college was an Internet startup, and the standards there were, shall we say, lax.  It was a rather informal environment, and it was a perfect adjustment for me coming out of college.

However, the Internet startup days were ending, and the company wasn't meant to succeed.  Many of the employees saw the writing on the wall and started to look elsewhere for employment.  A friend of mine worked at a place in Clifton, and I was hired there.  It was quite a change.  At Montclair State in graduate school, I remember we talked about this thing called COCOMO in a Software Metrics class, and we discussed how large companies and small companies differ.  I understood that on a logical level, but going from a company of 40 people to a company of 40,000 (really) was a culture shock.  Where I used to walk in to work in a football jersey and jeans, I now was expected to be in business casual attire.  Where I was used to not needing to be in the door EXACTLY at 8:30 am if I didn't mind staying later, I now needed to be.  Where I was used to being able to use the Internet at lunch time and at various points in the day to check personal email, it was now monitored and reported to supervisors.  I struggled with this, because I was doing a good job, and I didn't see why this other stuff mattered.

There was building access at ITT 24 hours a day, and there were times I needed to come in during off-peak hours to work on things.  I came in on a Sunday and worked 10 hours one day, because there was a limited number of systems we could use to test our software, and it made our lives easier.  Since it was a Sunday, and there was rarely anyone else there, I didn't think it was a big deal to come in wearing jeans and a t-shirt.  To make a long story short, one of the more established members of my department was also there, and told my boss, and he talked to me about it.  Another time, I was working overnight for the same reasons as I mentioned before, and I brought in music and a radio.  Since no one was around, I had the music playing loudly.  A similar situation arose, where someone mentioned it to my boss.  My reaction at the time was to wonder why these people were not minding their own business.  However, I sort of understand it now.  I had to drop my ego in order to really start to succeed in the business world.  I dressed the way that was expected, acted as if someone were around, even if they were not, and generally tried to behave the way other people in the company were.  I bristled at this, but it was my route to success.

I say this because I know employers complain about students sometimes, and the complaints typically are not about technical capabilities, but in the business savvy, or "soft skills".  A friend of mine was recently laid off, and I know from my personal relationship that they can be somewhat abrasive and irresponsible.  Companies, many times, make personnel decisions based on the way you fit in to a company.  Even if they say that they are laying you off because of cut backs, many times that is just a way to fire someone without having to show cause.  Things like dress code, business communication, taking constructive criticism...these are things that people are not necessarily taught.  My feeling is that college should be part of that.  When you as a student deal with a professor, it's a chance to practice interacting with a boss and authority figure.  When you are in college, some of the things you can get used to that will help you professionally are timeliness, maturity, responsibility, and how to be less egocentric.  These were some of things I had to learn, at least.

Tuesday, March 09, 2010

Other uses for Facebook

We've been discussing Facebook, Myspace, and Twitter in my CIS 101 classes recently, under the guise of social networking.  Business folks refer to the collection of technologies like social networking, wikis, etc. as "Web 2.0" content - more interactive Web pages.

Aside from the obvious uses, there are other things that these sites are used for.  One thing that you have seen in certain areas is police departments asking for help.  For example, in the link below, a New Zealand police department caught a thief by posting a security image on Facebook.  This is an article from last year, but it's still an interesting application of social networking.

Link to Story

Wednesday, March 03, 2010

Watching TV on your PC

I like watching TV shows, and I finally broke down and got a digital video recorder (DVR) at some point, because it was a pain to program my VCR to record all the shows I wanted to see (and yes, I said VCR).

I know many people like the idea of watching television on the PC, because you can do it from locations (like work), and you aren't on the network schedules.  Hulu is a great site for this.  It's free (advertising supported), legal, and lets you view episodes of many shows that have aired recently, even if you don't pay for a television package.  Unlike sites like megavideo, you also don't have to worry about legal issues, time restrictions, and spyware.

www.hulu.com

If you are like me, you can also hook up an old PC to your television and use Hulu to watch shows on your TV.  I took an old machine, wiped it out, put a basic operating system and security suite on it, and it's now my TV computer.

Thursday, February 25, 2010

Finding Porn by Accident on Google

When I teach Google to my CIS 101 classes, I find that many people have never even noticed the "Advanced Search" option, which allows you to use more advanced options (such as how recently the site was updated).

Likewise, when searching for images, there is an option to allow you to change how images are filtered.  The default is for images to be filtered at a "Moderate" level, but you can switch this to more and less restrictive levels.  If you switch the filtering off, you get some interesting results, to say the least.

Cracked.com (a Web site that may not be all that safe for work) had an article about this - they discuss nine seemingly innocent searches that end up with pornographic results on Google image search.

Read on unless you are easily offended.
Link to Cracked.Com Article