LOS ANGELES PC FIXER

5 Pillars of IT Consulting in Los Angeles (or anywhere else)

admin — Thu, 15 Dec 2011 22:41:26 +0000

When it comes to IT consulting, there are five important pillars to remember. Keeping in mind the following principles of IT consulting will help to ensure a satisfactory interaction for both consultant and client. They allow the consultant the ability to provide more objective advice, and also help to give the client the confidence to trust in the IT consulting offered.
1. Relationship first. As the IT consulting process gets underway, the expectations of the client need to be clearly understood. What is the client looking to gain – what are their goals?
2. Clear communication. Both the consultants and the clients need to understand what their roles are from start to fish. Objective listening and clear communication are keys for successful IT consulting.
3. Having a vision. In professional IT consulting, the advisor allows the client to visualize success from the beginning. A clear vision is defined that keeps the process on track.
4. Client decides. The goal in IT consulting is to lead and guide the client, advising them towards their best option. But it is the client who needs to make the final decision for their business.
5. Focus on results. The final solution that is provided needs to address the concerns of the client and produce tangible benefits. Proper IT consulting will always lead to real results down the road.

Viruses and other infections are starting to get smarter

admin — Mon, 31 Oct 2011 00:31:48 +0000

I have noticed in my daily infection removal work here at the PC Fixer Los Angeles computer repair headquarters that the infections are getting smarter. Case in point: I have noticed that the computers can seem normal, that is until you discover that only their browsers have been hijacked and the rest of the computer seems fine albeit slower. Then a web search shows how the hijacked computer has been compromised because every search you perform takes you to a fake results page. I discovered this after working on a computer that was severely infected with multiple types of malware. I cleaned all of the infections off of the computer with Combofix and an Avast boot-time scan and everything seemed normal. In fact, the computer would go to any website you asked it to IF you typed it into the address bar. It wasnt until you did a search that you noticed something was screwy. I ended up getting rid of it with a SuperAntiSpyware Free Edition scan and finally got rid of the infection. A subsequent scan with MalwareBytes Free served a finishing scan that made me feel better about returning a fixed laptop to a satisfied customer. The installation of Comodo Free Firewall ensured me that this type of infection would not happen again.

Security Innovation at Cornell

admin — Tue, 26 Oct 2010 20:55:53 +0000

Cornell researchers have begun developing a technique that builds security into a computer system from the start. By incorporating security in the language used to write the programs, Myers and Schneider are changing the norm of defenses only improving after they’ve been successfully penetrated.

The research partners are working on a new computer platform they’ve named ‘Fabric,’ which replaces multiple existing layers of security with a single programming interface, making security reasoning direct and explicit. Fabric is being designed to create extremely secure systems for distributed computing such as systems that move money around or maintain medical records. Fabric’s programming language is an extension of the Java language, but it actually builds in security as the program is written. Every bit of information in Fabric is an considered an “object” labeled with certain policies which dictate how and by whom any data can be viewed.

Fabric is presently only a prototype, being tested with a database of Cornell computer science students. But with their $1.1 million from the National Science Foundation and $1.3 million from the Office of Naval Research, Myers and Schneider plan to scale it up for much larger distributed systems.

Will the computer establishment actually be willing to change the way they manage complex systems? “How did we get people to use the Web?” Myers countered. Courtesy of www.drdobbs.com

Internet Addiction taken SERIOUSLY in China

admin — Fri, 11 Jun 2010 01:57:01 +0000

Approximately 24 million young people in China are addicted to the internet, half of which are specifically “obsessed” with online games. Treatment centers have appeared around the country, ready to treat the problem and ‘cure’ these young people from a terrible, deathly serious affliction.

An official from these camps has gone on record to explain what goes on:

“We have to use military-style methods such as total immersion and physical training on these young people. We need to teach them some discipline and help them to establish a regular lifestyle.”

This includes providing camouflage, army-style uniforms, disciplined bedtimes and two hours of physical training. This all coexists with psychological training, traditional Chinese philosophy and calligraphy classes. It’s definitely nothing resembling fun.

Last week, a group of inmates at the Huai’an Internet Addiction Treatment Centre decided that they’d finally had enough of the “monotonous work and intensive training”. Working as a team, they tied their duty supervisor to his bed and made a run for it. These 14 patients were aged 15 to 22, and they proceeded to hail a taxi to take them to a nearby town in east China’s Jiangsu province. They were discovered when the driver became suspicious of the identically-dressed young men who were unable to pay the fare. The driver dropped them off at the police station instead.

The Chinese government avidly supports these centers and even released a white paper on the topic, detailing their commitment to the “online safety” of their minors and promising to take measures to prevent young people “overindulging in the internet.” But treatment centers’ methods were questioned last year when a 15 year old boy was admitted to a training camp, only to be beaten to death hours after his admittance. The instructors involved in that incident were recently sentenced to 10 years in prison, but very few changes to prevent this occurring again have been publicized by the government. Courtesy of gamepron.com/news

Happy 25th, Dotcom!!!

admin — Tue, 16 Mar 2010 00:15:52 +0000

Today, an internet milestone is reached with the 25th anniversary of the day the first dotcom website was registered. Back in March 1985, Symbolics computers in Cambridge, Massachusetts made history with an internet address ending in dotcom. Later that year, another five companies followed suit, effectively setting the very slow trend moving. It wasn’t until 1997 that the one millionth dotcom was registered.

Mark Mclaughlin, chief executive officer of Verisign- the company that is responsible for looking after the dotcom domain- was quoted as saying, “Who would have guessed 25 years ago where the internet would be today. This really was a groundbreaking event.” It’s even more surprising because of the fact that for most of the late 1980s and early 1990s, very few people even knew what a dotcom was. The exact genesis of the dotcom name is unknown, but it certainly arrived at a time when there was a need for some sort of organising principles, as more bodies connected to the fledgling internet.

The early internet was not at all seen as a place for commerce as it is now, but was mainly used as a means for governmental and educational bodies to trade ideas. There’s general agreement that a turning point occured with the introduction of the Mosaic web browser by Netscape. This allowed mainstream consumers on to the web. And now, with 668,000 dotcom sites registered every month, they have become part of the fabric of our lives.

25 years after their creation, people go to dotcom sites for shopping, entertainment, vacation planning, connecting with friends, learning new things and exchanging ideas. The dotcoms have enjoyed an impressive growth rate that would have been very difficult to predict 25 years ago, when a small computer firm took the first steps towards connecting the world. Courtesy of news.bbc.co.uk

Exploiting Weakness in RSA Security Technology

admin — Thu, 04 Mar 2010 20:23:45 +0000

Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers. RSA authentication is susceptible, they say, to changes in the voltage supply to a private key holder. While guessing the 1,000-plus digits of binary code in a private key would take unfathomable hours, the researchers say that by varying electric current to a secured computer using an inexpensive purpose-built device they were able to stress out the computer and figure out the 1,024-bit private key in about 100 hours – all without leaving a trace. The researchers in their paper outline how they made the attack (PDF) on a SPARC system running Linux.

Courtesy of slashdot.com

How To of ‘Aurora’ Attack

admin — Tue, 02 Mar 2010 03:43:00 +0000

Do you have branch offices in China? iSec has published a new report outlining the severity of the attacks on Google.cn, allegedly by the Chinese government, dubbed ‘Aurora’ attacks. Up to 100 companies were victims, and some are speculating that resistance to such attacks is futile. The report lays out the shape of the attacks — which were customized per-company based on installed vulnerable software and antivirus protection:

1. The attacker socially engineers a victim, often in an overseas office, to visit a malicious website.

2. This website uses a browser vulnerability to load custom malware on the initial victim’s machine.

3. The malware calls out to a control server, likely identified by a dynamic DNS address.

4. The attacker escalates his privilege on the corporate Windows network, using cached or local administrator credentials.

5. The attacker attempts to access an Active Directory server to obtain the password database, which can be cracked onsite or offsite.

6. The attacker uses cracked credentials to obtain VPN access, or creates a fake user in the VPN access server.

7. At this point, the attack varies based upon the victim. The attacker may steal administrator credentials to access production systems, obtain source code from a source repository, access data hosted at the victim, or explore Intranet sites for valuable intellectual property.’ The report also has pages of recommendations as well as lessons learned, which any systems administrator — even those inside the US — should read and take note of.

Courtesy of slashdot.com

NHTSA Has No Engineers to Investigate Toyota

admin — Wed, 24 Feb 2010 03:19:36 +0000

An official from the National Highway Traffic Safety Administration told investigators that the agency doesn’t employ any electrical engineers or software engineers, leaving them woefully unable to investigate correctly what caused the most recent Toyota recall. A modern luxury car has something close to 100 million lines of software code in it, running on 70 to 100 microprocessors. And according to consultant Frost & Sullivan, that number will rise to 200 to 300 million lines within a few years. And the software that controls the ‘drive-by-wire’ accelerators of Toyota and Lexus vehicles is one potential culprit in the tangled collection of issues, allegations, and recalls of many of those vehicles for so-called ‘sudden acceleration’ problems.

Courtesy of slashdot.com

Microsoft Announces New Mobile OS

admin — Tue, 16 Feb 2010 06:52:37 +0000

Microsoft on Monday announced its next-generation mobile operating system Windows Phone 7 Series, which will bring together the Zune multimedia experience and Xbox Live gaming to mobile phones worldwide.

Manufacturers have already begun building phones featuring Windows Phone 7 Series with plans for release by the 2010 holiday season, according to Microsoft. Manufacturers on board include Dell, Garmin, Asus, HTC, Hewlett-Packard, LG, Samsung, Sony Ericsson and Toshiba.

Carrier partners include AT&T, T-Mobile USA, Verizon Wireless, Sprint, Deutsche Telekom AG, Orange, SFR, Telecom Italia, Telefónica, Telstra, and Vodafone.

Microsoft did not announce its own phone hardware. However, the software giant is working more closely than it has in the past with manufacturing partners in the design process of their phone hardware. For example, each Windows 7 Series phone will include a dedicated hardware button to access Microsoft’s Bing search tool with one click.

“In a crowded market filled with phones that look the same and do the same things, I challenged the team to deliver a different kind of mobile experience,” said Steve Ballmer, chief executive officer of Microsoft, in a press statement. “Windows Phone 7 Series marks a turning point toward phones that truly reflect the speed of people’s lives and their need to connect to other people and all kinds of seamless experiences.”

Courtesy of wired.com

IBM shows US Air Force Value of Cloud Computing

admin — Thu, 04 Feb 2010 21:36:18 +0000

SAN FRANCISCO (AFP) – IBM said Thursday it has been enlisted by the US Air Force to show how defense and intelligence networks can safely soar into the online software “cloud.”

“Our goal is to demonstrate how cloud computing can be a tool to enable our Air Force to manage, monitor and secure the information flowing through our network,” said Lieutenant General William Lord, chief information officer for the military branch.

Cloud computing has grown increasingly popular as businesses cut costs and technology maintenance woes by essentially renting software applications hosted online instead of buying and installing programs on their own machines.

The Air Force has contracted IBM to develop a private cloud computing “architecture” that improves “all operational, analytical and security capabilities,” according to Lord.

IBM said the 10-month-project will “push the technology boundaries” of cloud computing to tailor a system for a military network that includes nine major commands, nearly 100 bases, and 700,000 active personnel worldwide.

A key component of the system will be “stream computing” that couples sensors and monitors to quickly analyze flowing data for “actionable insights” into cyberattacks or network problems, according to IBM.

“This instant access to information would enable Air Force officials to automatically shift the prevention environment based on rules-based protocols in the event of a cyberattack or network anomalies,” IBM said.

In what might seem a page from science fiction, the system will also feature “autonomic computing” allowing it to “retune itself” without human intervention.

Courtesy of Yahoo! News