Techgorillas: June 2010

Wednesday, June 30, 2010

another reason to keep virus and malware scanners updated

Regular domains beat smut sites at hosting malware

New research pours scorn on the comforting but erroneous belief that Windows surfers who avoid smut and wares on the web are likely to avoid exposure to malware.

A study by free anti-virus firm Avast found 99 infected legitimate domains for every infected adult web site. In the UK, Avast found that more infected domains contained the word "London" (such as the blog section of http://kensington-london-hotels.co.uk) than the word "sex". Among the domains labelled as infected by Avast was the smart phones section of the Vodafone UK website. The mobile phone operator's site contained a malicious JavaScript redirect script that attempted to take advantage of an unpatched Windows Help and Support Centre flaw (CVE-2010-1885) to infect the machines of visiting surfers.

HTML files from sub-domain blackberry.vodafone.co.uk still contain malicious code at the time of writing but point to a site containing the attack payload site that has been pulled offline.

"Users browsing Vodafone domain should be safe - until new hack/updated hack will be performed," Avast researcher Miloslav Korenko told The Reg. "This may happen in the same way as the first hack.

"Of course, the Blackberry section of Vodafone.co.uk website needs to be cleaned as well - to prevent future attack similar to this one."

read the whole thing here

I want one

The Terrafugia Transition, a light aircraft that can convert into a road-legal automobile, is to go into production after being given a special weight exemption by the US Federal Aviation Administration.

The Transition was designed as a "light sport" aircraft, the smallest kind of private aeroplane under FAA classification, with a maximum weight of 1,320lb. But the manufacturers found it impossible to fit the safety features - airbags, crumple zones and roll cage, for instance - that are required for road vehicles into that weight.

Uniquely, however, the FAA has granted the Transition an exemption - allowing it to be classified as a light sport aircraft despite being 120lb over the limit. More found here

Buzz Log on yahoo has a video of it here

Tuesday, June 29, 2010

If Growth Is Back, Is IT Ready?

As more CIOs get back into growth mode, what are they worried about? Speed and budgets, but so much about business-IT “alignment.”

That's one conclusion from this week's InformationWeek Growth Is Back cover story.

Our cover story hears from IT leaders at companies such as Royal Caribbean, Ford, and Vanguard about the growth-oriented IT projects they have in the works. We also surveyed 333 IT leaders. We find, for example, that 36% think "introducing an IT-led product or service" will be a main area of IT innovation this year--twice the number of a year ago. We’re not calling a blockbuster recovery, and the IT hiring outlook remains very cautious. But it’s clear that more IT leaders have growth on their agendas.

read it all here

Windows 8 leaked

Over the weekend an Italian blog called Windowsette published a PowerPoint slide deck that appears to detail the next version of Microsoft's Windows operating system, dubbed "Windows 8."

The leaked slide deck may not lead to "an engineer walks into a bar" jokes like the story of Gray Powell and the iPhone 4 prototype, but the punchline is similar: the product information was apparently released under NDA to an engineer before making its way into the hands of bloggers and other writers.

The engineer fingered in the leak is Derek Goode, who apparently works at Hewlett Packard according to a published email address and a LinkedIn profile under that name. Forbes was unable to reach Goode and a HP spokesperson said the company doesn't comment on rumors.

"Microsoft is clearly on the prowl," writes Stephen Chapman at Microsoft Kitchen. "Whether or not Derek Goode is the individual who leaked the slides directly, if it was a colleague who did it behind his back, or some other scenario."

It hasn't yet been confirmed whether the documents are real. Microsoft declined to comment to Forbes on their veracity, but veteran Microsoft watcher Mary Jo Foley notes at ZDNet that the preferred code name is no longer "Windows 8" but rather "Windows v.Next" -- suggesting that the marketing documents are old, even if legitimate.

But the slides describe potential upcoming Windows features like a faster boot time and facial recognition. They also show what Todd Bishop at Techflash is calling "Mac envy" with a slide titled "How Apple does it."

If Microsoft is indeed jealous of Apple, the company can count on having at least one thing in common: an engineer who apparently has trouble keeping secrets to himself. found at Forbes

Monday, June 28, 2010

The Empire Strikes Back: Happy 30th anniversary

Cutting Edge Technology Majors

When it comes to future careers, the reality is that most of us cannot even fathom what some of the more sophisticated job options will be. More

Large Income Careers

Choosing a career with a large income associated with it is one way to leading a high-income, high net-worth life Read More

Thursday, June 24, 2010

How to Get the Salary You Want

A tight job market might have taken away some jobseekers' leverage in a salary negotiation, but that doesn't mean they should roll over and accept the first offer, says New York-based executive coach Rabia de Lande Long. To get the top compensation possible—without putting a sour taste in your potential employer's mouth—take these steps. read more

Monday, June 21, 2010

How to mess with your friends

Supreme Court Rules Employers Can Read Employee Texts

Provided there is a “legitimate work-related purpose,” the court supports the right of employers to review an employee's text messages.

My question would be what is the definition of "legitimate work related purpose"? An example would be if you take your work home with you and take a break to text your wife or significant other is it considered work related? privacy advocates are gonna have a field day with this. Elizabeth montalbano over at Information week has a good take on this. Go read it here.

Months-Old Skype Vulnerability Exploited in the Wild

Cybercriminals have once again used a not-so-new but still a seemingly promising medium for their malware campaigns. Earlier today, ZDNet reported a “new” exploit that targets Skype users. This exploit takes advantage of a vulnerability in a Skype component—EasyBits Extras Manager. While the vulnerability was found and fixed as early as October 2009, many users are still running older, vulnerable versions.

The vulnerability is being used to download malicious files, among them a ZBOT variant, TROJ_ZBOT.COC. As is typical of ZBOT variants, it steals a user’s personal information, particularly those related to online banking.

Good thing that Trend Micro already had coverage for these payloads many months before the cyber-criminals actually made use of this Skype vulnerability described above as a means to deploy these malicious codes!!

Over the years, Skype has been targeted and used as an infection vector by several malware families, including STRAT, KOOBFACE, and, more recently, PALEVO, due to its growing user base.

Skype currently hosts more than 500 million registered users and is still adding 300,000 users per day. Skype CEO John Silverman aims to have about 100 million PCs shipped preloaded with the popular VoIP software in 2011. This January, TeleGeography reported that Skype’s traffic growth has soared over last year while the international phone traffic declined, proving that more and more users are preferring Skype as a medium for international voice communications.

more found here

Toshiba experiments with new laptop form factors

Toshiba has announced a trio of new devices that it's hoping will shake up the somewhat-stagnant notebook PC market. There's the Libretto W100, the AC100, and the Satellite R630.

The first in the list is the most interesting. It's a clamshell device that comes with two screens in place of a screen and a keyboard, similar to the one showed off by Asus at CeBIT more than a year ago. Those screens are identical, measuring 7-inches diagonally and are touch-sensitive. An onboard accelerometer allows you to use it in landscape or portrait configuration, and Toshiba's pre-loaded a boatload of specialist software that'll let you get the most from the device. Read the whole thing here.

New Batteries Pack More Punch

Electric cars face severe limits in how far they can drive before running out of juice. Better batteries that can both store more energy and give it up quickly are essential for extending that range. Now, researchers at the Massachusetts Institute of Technology (MIT) in Cambridge have come up with a novel battery-making strategy that steers in that direction. For now, the new batteries can power only small devices. But if the strategy can be made to work on a larger scale, a task more difficult than just using more battery material, it could give electric car makers the jolt they need.

Today's most popular rechargeables, lithium ion batteries, are made from negative and positive electrodes separated by an electrolyte through which positively charged lithium ions can flow back and forth. In most such cells, the negative electrode is made of graphite, a form of layered carbon, whereas the positive electrode is made from lithium cobalt oxide or a related material. During use, lithium ions stored in the graphite flow to the lithium-based electrode, where they form chemical bonds with oxygen atoms, a reaction that generates an electric current. When the battery is recharged, the lithium-oxygen bonds break and an electric voltage pushes the ions back into the graphite. More here

found via slashdot

Computerworld's best and worst places to work

This is a must read for those looking for work in the IT field. The top 100 places can be found here.
As a bonus they also post the worst places to work in the IT field. which can be found here

Firefox add-on encrypts sessions with Facebook, Twitter

The Electronic Frontier Foundation and the Tor Project have released a public beta of a new Firefox extension that lets people encrypt their communications with Facebook, Twitter, and other sites.

The HTTPS Everywhere Firefox extension was inspired by Google's encrypted Web search option, the EFF said in announcing the tool on Thursday.

In addition to Facebook and Twitter, the Web sites that the software works on are Google Search, Wikipedia, The New York Times, The Washington Post, PayPal, EFF, Tor, and Ixquick.

The tool works by creating an HTTPS (Hypertext Transfer Protocol Secure) connection to the sites. But even if "https" is used, unless the address bar is colored and an unbroken lock icon is displayed in the bottom right corner, the page is not completely encrypted, EFF says.

Our colleagues over at ZDNet's Zero Day blog point out that using HTTPS doesn't hide a computer's IP address and users are still susceptible to tracking from broken SSL sessions displaying unencrypted third-party content.

"Forcing a full session on a popular social-networking service such as Facebook for instance, without taking into consideration the fact that SSL would not magically make all the personally identifiable information, including your IP, disappear, is wrong," writes Dancho Danchev on the Zero Day blog. "Full-session SSL, in combination with tools such as Vanish, next to Tor-like/VPN based anonymity network, are great for a fresh start." this story found here

Friday, June 18, 2010

mechGORILLA

mechGORILLA
Originally uploaded by rongYIREN

100 Best Companies to Work For

And the winners are...

See the full list of America's top 100 employers, including detailed company profiles, top locations, and contact information more

How Deloitte's IT team has gone green

Yes, the energy savings are nice, but for Deloitte CIO Larry Quinlan, green IT is just part of running an efficient IT shop

Paul Desmond (Network World) 04/09/2008 12:23:00

Tech Firms need to focus on talent

Managers in global technology companies need to get beyond thinking about hardware and software and focus more on the people behind their products if they are to maintain a competitive edge, a new report has argued. more

Wednesday, June 16, 2010

Top Characteristics of Senior Ranking Women in IT

Think you've got what it takes to rise to the top as a woman in information technology? Here is a list of the top soft skills and attributes you should possess if you're a female who wants to be successful in your technical career of choice. more

Why Microsoft's Hybrid Cloud Threatens Google

Microsoft's official release last week of its cloud computing platform, Azure, gives developers the option to build applications in the cloud via Microsoft's data centers, rather than in a company's server. Giving customers this sort of flexibility in IT and software development is important to customers looking for ways to reduce costs, bandwidth demands and management responsibilities. Flexibility in delivery models is also Microsoft's key differentiator over cloud giant Google.

Cloud computing has become a key piece of an enterprise's IT strategy, typically used in a hybrid (cloud plus on-premise) model of computing that offers customers the best of both worlds: the ability to keep their data on-premise, while leveraging the cloud's accelerated software development speeds and lower costs by eliminating the need to invest in ongoing on-premise hardware and software. A common example of hybrid is being able to develop applications and test them in the cloud before releasing them onto internal networks. read the whole thing here

Successful & Resourceful SAP ABAP Developer

Read the whole thing here

1. Review Business Requirements & Write Functional Specification

The first part of any ABAP development project begin with meeting the end users or business experts and understand the business requirements that need to be implemented in the SAP system during the realization phase. A best approach is to conduct workshops to gather all the business requirements. Make sure that if any SAP function consultants are involved than they are in the meetings as well. After all the business requirements are collected, either a SAP functional consultant or business expert will write a detailed functional specification. Review the functional specification until the document has all the details, different business scenarios and expected goals clearly defined. A well defined functional specification should contain UML diagrams and test case scenarios. It is important to have an official signoff on the functional specification before continuing with design and development.

2. Review ABAP Development Standards

In ideal case, your SAP Project Lead or ABAP Development Manager should have created a programming standards and guidelines document. Review this document so that you follow the naming conventions for function modules, classes, dictionary objects, software components, name spaces and proxies (if using SAP XI / PI), program input/output parameters, etc just to name a few. Following the guideline for the project helps maintain a consistent coding approach and also helps other functional and technical analysts to read and debug your code. ABAP objects naming should begin with Z if it will be migrated to SAP production system and Y if it will not be migrated into the production system.

15 sites web developers and designers should know

Creating a good website isn't an easy task, but there's a few tools that can definitely make your developer or designer life easier. In this article, I have compiled 15 extremely useful website that any web developer or web designer should have bookmarked. read more

Win over new clients by making yourself indispensable

In 1998, I was working in the W2 position I’d been in since graduating from college. Feeling underappreciated and underpaid, I started checking out other opportunities, and I even got hooked up with a recruiter. Before long, I was hired for my first consulting gig as a project manager at a major engineering and aviation firm at an hourly rate that doubled my take home pay.

My first request was to go onsite prior to my start date and meet the team. This took the hiring manager by surprise, but I think he was impressed that I wanted to come in on my own time and talk to the team before actually working with them. That first gig was intended to be a six-month stopover, but it lasted three years.

I think that my request to go onsite definitely helped set a good first impression, which is crucial because external IT consultants are often looked at as gurus, untouchables, or aliens, depending on the organization. When I go to client sites, there are several ways that I go about making it clear that I’m genuinely interested in the gig. Here are my suggestions for how to make yourself indispensable to clients. Read it all here

Star-forming galaxies like grains of sand

Thousands of galaxies crowd into this Herschel image of the distant Universe. Each dot is an entire galaxy containing billions of stars.

For more than a decade, astronomers have puzzled over strangely bright galaxies in the distant Universe. These ‘luminous infrared galaxies’ appear to be creating stars at such phenomenal rates that they defy conventional theories of galaxy formation.

Now ESA’s Herschel infrared space observatory, with its ability for very sensitive mapping over wide areas, has seen thousands of these galaxies and pinpointed their locations, showing for the first time that they are packing themselves closely together, forming large clusters of galaxies by the force of their mutual gravity.

The mottled effect in the image gives away this clustering. All the indications are that these galaxies are busy crashing into one another, and forming large quantities of stars as a result of these violent encounters.

This image is part of the Herschel Multi-tiered Extragalactic Survey (HerMES) Key Project, which studies the evolution of galaxies in the distant, ancient Universe. The project uses the SPIRE (Spectral and Photometric Imaging REceiver) instrument on Herschel and has been surveying large areas of the sky, currently totalling 15 square degrees, or around 60 times the apparent size of the Full Moon.

This particular image was taken in a region of space called the Lockman hole, which allows a clear line of sight out into the distant Universe. This ‘hole’ is located in the familiar northern constellation of Ursa Major, The Great Bear.

The galaxies seen in this image are all in the distant Universe and appear as they did 10–12 billion years ago. They are colour coded in blue, green, and red to represent the three wavebands used for Herschel’s observation. Those appearing in white have equal intensity in all three bands and are the ones forming the most stars. The galaxies shown in red are likely to be the most distant, appearing as they did around 12 billion years ago.

HerMES will continue to collect more images, over larger areas of the sky in order to build up a more complete picture of how galaxies have evolved and interacted over the past 12 billion years.

ESA & SPIRE Consortium & HerMES consortia. Original story found here

Hat Tip to High Power Rocketry Blog

Top Ten Interviewing Tips to seal the deal in an interview

1) Do your research on the company, review the company that you are interviewing for inside and out, find out who their competitors are, and review the corporate website.

2) Find out as much as possible about the hiring manager/s and whatever functions in the business you will be working with, i.e. engineers, suppliers, buyers, etc. as you can through your recruiter, other team members, who position reports to, how many reporting and why the position is open.

3) Your first step is usually a phone interview if so You need to nail this one, by speaking up, listening very well to what his needs are and then letting him or her know by listening to their needs and then telling them exactly how you can exceed their expectations by how your past performance, accomplishments, successes will follow help you flourish with this co. Ask alot of questions that pertain to the job, no questions ever at this point about the money, got it. Tell them why you are motivated to make the change and you have also researched the area if you will have to move and always ask what the next step in the process will be.

4) Hopefully by now you have secured either another phone interview or an onsite interview. If you have to get through another interview again, get with your recruiter if you have one and find out more about the next person you will be interviewing with. Change you sales terminology on yourself because when the two hiring managers discuss you they will exchange what you said and what you will bring to the table.

5) Its game time you have yourself an onsite interview. You should be feeling pretty confident by now and be prepared to go in for the fight of your life on every interview because every good co. has many sources for finding candidates and believe me you will be competing for the job with at least someone else or more than likely alot more. Do more research on the company and area if relocating. get all your travel arrangements ready. Find out exactly how long it will take to get there so you do not have to worry if something comes up to interupt you finding the place in traffic or getting lost can be detrimental for being on time and having a clear mind.

6) Arrive 15 minutes early to the interview, no more or less, you dont want to be hanging out in the lobby or boardroom 30 min. early, respect everyone's time and 15 min. should suffice for filling out an application. Be prepared for this too with references, have 2 copies of your resume and all the details you will need for them.

7) Read through co. material if available, go over your resume again and be ready to talk about it, when you meet the hiring manager, again speak up, introduce yourself with a firm handshake and to others as you meet them, come dressed for success, you should also have asked the co. or the recruiter what the dress code is for the interview. Bus cas does not mean suit, Business attire should always be a suit and tie for men. For women same same.

8) When the grilling begins or thought evoking interview questions begin be short and concise and to the point of the question and how in the past you have had this same problem and your solution, thats it. Stop and be queit until the they talk again and so on. Only until they give you the floor is when you jump in and tell them what you will bring to party and why you are the best candidate for the job. Put your sales hat on for this one because this is the most important part in landing the deal.

9) Before leaving and asking for a tour of the facility ask prepared questions that will get the hiring manager thinking of you in the position. Be confident and honest and ask them when you can start.

10) Close the deal with a follow up phone call/thank you letter for his or her time and specifically how you can come and in and solve all the problems they discussed with you in your onsite interview and that you are highly interested in the position and the fit is a match for what you have been looking for and could see yourself working for them and the rest of the team or group you met while there.

4)

Tuesday, June 15, 2010

New Iphone

Is a college degree still worth it?

The Bureau of Labor Statistics projects that seven of the 10 employment sectors that will see the largest gains over the next decade won't require much more than some on-the-job training. These include home healthcare aides, customer service representatives and food preparers and servers. Meanwhile, well-paying white-collar jobs such as computer programming have become vulnerable to outsourcing to foreign countries.

"People with bachelor's degrees will increasingly get not very highly satisfactory jobs," said W. Norton Grubb, a professor at UC Berkeley's School of Education. "In that sense, people are getting more schooling than jobs are available."

He noted that in 1970, 77% of workers with a bachelor's degree were employed in professional and managerial occupations. By 2000, that had fallen to 60%. found here

What i believe is left out is how many of these graduates will create startups? How many will go to work not in their specialty field but in parallel ones?

Monday, June 14, 2010

Microsoft Security Vulnerability Disclosed

Heres another reason why security should be a priority when writing code.

Microsoft was left racing to patch a Windows Help and Support Center vulnerability after Tavis Ormandy, an information security researcher who's charged with keeping Google's products secure, Thursday publicly disclosed both the bug as well as proof-of-concept attack code.

Ormandy reportedly informed Microsoft of the vulnerability on Saturday, June 5, and Microsoft acknowledged receipt the same day. Five days later, however, Ormandy went public with a posting to the Full Disclosure mailing list. Later that day, Microsoft issued its own vulnerability announcement.

read all of it here

Interesting new company

Work Market is a new venture, backed by Spark Capital and Union Square Ventures. We are building a modular
web platform, designed to power anyone or any business to efficiently deliver and manage labor and services. Here

they also are looking to fill the following positions

found here

Free Tool Kits For Mac

Looking to beef up your Mac with a few great—and free—apps that cover a whole lot of your productivity and computing needs? Our annual Lifehacker Pack for Mac rounds up the best free downloads for OS X. this was found here

Sunday, June 13, 2010

Tech Blog on Embedded Technology

http://http//technorati.com/technology/embedded/

Thursday, June 10, 2010

SuccessFactors Does It Again!

A year ago, the company announced EmployeeCentral , a light-weight employee record-keeping system built for its smaller performance and talent management clients. Since its release last June, about 50 have been sold.

Without benefits or payroll, EC comprises one-third of a core HR system, HRIS, HRMS, HCM, system of record or whatever you like to call it. The big HR system.

Well, small clients, no more!

At the company's May user conference in New York, Edward Golitko, senior director of HR for EMC -- the $14-billion digital storage company with 46,000 employees in 16 countries -- announced his company had become the development partner for EC.

And in response to my question, Golitko said he would unplug EMC's PeopleSoft Enterprise HRMS in exactly one year and use EC instead!

Please put that date into your Outlook calendar right now: May 10, 2011.

Of course, EMC is already outsourcing the two other parts of an HRMS: payroll to ADP and benefits to a variety of firms, including Fidelity.

It only uses the basics of its Version 7.5 of PeopleSoft HRMS: the company's last client/server product, now more than 10 years old and at least six versions behind the current Version 9.1. more here

Not a laser pointer

Built with the blue-laser diode of a dismantled Casio Green Slim projector, the $200 Spyder III is the world's most powerful portable laser. It can permanently blind you and set your skin—or anything else, really—on fire almost instantly. more here