Frank Uncovers Excellence in Leadership

© Copyright Frank D. Kanu 2000-2009

Feel safe with your network? Think again!

Here is a wonderful article on Technet (found it via Larry Osterman’s WebLog) describing how a hacker can take over your network.

Especially interesting the

Conclusion

In this article, I’ve examined how a Windows-based network might be hacked. I hasten to point out that Windows-based networks are no less secure than any other network. While the specific attacks used in this article are unique to Windows, minor modifications to the techniques and a new tool set would make the same compromise possible on a network running a different platform. The problem is not the platform itself, but the practices. All platforms are securable, but all networks are exploitable if they are not architected and implemented carefully. Poor implementation is always poor implementation, regardless of the underlying platform.

Not a Windows problem, but a security problem.

Tags:

carefully  compromise  conclusion  hacker  infiltrate  minor modifications  osterman  platforms  poor implementation  security problem  technet  tool set  weblog
 Technorati (All Links are external): carefully  compromise  conclusion  hacker  infiltrate  minor modifications  osterman  platforms  poor implementation  security problem  technet  tool set  weblog  business  general  it
 

© Copyright Frank D. Kanu 2000-2009

Here is a business plan archive with business plans from the do-com era.

Enjoy reading!

Tags:

business plan  business plans  dot com bombs  plan archive
 Technorati (All Links are external): business plan  business plans  dot com bombs  plan archive  business  general
 

© Copyright Frank D. Kanu 2000-2009

The Harvard Business school offers working knowledge for business leaders. Another place to learn more about businees. Check also my post about the MIT courseware.

Tags:

businees  business leaders  harvard business school  hbs  mit courseware  working knowledge
 Technorati (All Links are external): businees  business leaders  harvard business school  hbs  mit courseware  working knowledge  business  general
 

© Copyright Frank D. Kanu 2000-2009

While working on one large scale software project the company moved.  It is already difficult enough to manage projects involving more then 10 people, legacy code and tables put together complimented with the name “database”.  Plus the deadlines had been put together including resources which were not available at the time the project started.  But adding an office move to the mix was something many would name insane.

Well knowing the difficult time constraints management came up with what they called a “bright idea”: Employees working on that project were not allowed to perform moving tasks during their normal working hours.  The majority of the programmers were working well above 50 hours a week.  Some repeatedly worked 80 hours a week.

Some programmers partially tele-commuted complained that no-one ever informed them that some of the moving task had to be performed by them.  Reason being that they were not supposed to spend “work time” on the move.  Consequently adding the task of moving those items to other programmers and the network guys.

The programming team used to be spread over three rooms with no more then 4 in one room.  Many felt already quite disturbed because some of the programmers also did phone support for other existing clients.  Imagine the surprise when introduced to the new office: One huge office space with the programmers side a side with the help desk.

Cubicles barely covering up the monitor on a desk.  One regulator for the AC/heat for the whole space and one light switch.  No room for any individuality.  And programmers are very picky about the work environment they work in!  In addition to that there was a policy that nothing could stand on the cubicle walls.

Some of the employees were facing the wall, having other people to their back.  We all know that this is the least comfortable position for us humans: Having someone behind us we always feel threatened.

Let’s listen to one of the senior programmers:

“By the way, I think that calling them cubicles is completely wrong.  I am calling them stables.  For obvious reasons.  Your shelves are actually higher than the stable walls.  The good thing about the stables, from a management point of view, is that you can see if the livestock is all in the proper stables at the proper time.  I think my desk is the ONLY one that you have to take more than a few steps to see since it is located around the corner.
Privacy?  Of course not!
Plus they can easily check if we actually do the work they think we should do.”

This reminds me of the design department of a big manufacturer: One day one of the VP walks thru and sees one of the engineers sitting at his desk - feet on the desk.  Starring holes in the air.  Five minutes later the VP returned to check the engineer out and yes - still doing nothing.  So the VP complains to the manager of the engineer that the engineer is not working.  Says the manager: He thinks.

Now in opposite to the cubicles / stables that engineer had his silence!  How would you feel when you work and every few moment someone either looks over your stable walls or they walk thru the room - easily visible to you and everyone else.

A request of the programmers to change the situation to give them some kind of working privacy by extending the walls to the ceilings was immediately turned down by the CTO.  ”Let’s first see how it goes.”  It didn’t go at all.  Many complained about the loud music of others, the noise of phones from the help desk.

Within a year the two best senior programmers in the company were gone.  Coincidence?  Morale, quality of work and willingness to take the extra step which had helped the company to be become a big player all went downhill.

Yet, the fix would have been so easy:  Listen to your employees!

And don’t create stables!  If you really have to go with cubicles let them have high enough walls to give the employees enough privacy.  And educate your people to show consideration for others.

Tags:

bright idea  ceilings  coincidence  complimented  constraints management  cto  cubicle walls  cubicles  desk  disturbed  downhill  engineer  extra step  facing the wall  five minutes  holes  individuality  large scale software  legacy code  light switch  loud music  office move  programmers  programming team  proper time  put together  shelves  silence  software project  stable  thinks  time constraints  vp  walks  willingness  work time  working hours
 Technorati (All Links are external): bright idea  ceilings  coincidence  complimented  constraints management  cto  cubicle walls  cubicles  desk  disturbed  downhill  engineer  extra step  facing the wall  five minutes  holes  individuality  large scale software  legacy code  light switch  loud music  office move  programmers  programming team  proper time  put together  shelves  silence  software project  stable  thinks  time constraints  vp  walks  willingness  work time  working hours  business  general
 

© Copyright Frank D. Kanu 2000-2009

The Massachusetts Institute of Technology offers OpenCourseWare a free, open publication of MIT Course Materials.

There are many wonderful courses for free - pick one that interests you and get learning!

Tags:

course materials  institute of technology  massachusetts institute of technology  mit  open publication  opencourseware  technology
 Technorati (All Links are external): course materials  institute of technology  massachusetts institute of technology  mit  open publication  opencourseware  technology  business  general  it
 

© Copyright Frank D. Kanu 2000-2009

Really didn’t know that Mona Lisa could do that!

Tags:

mona lisa
 Technorati (All Links are external): mona lisa  general  something funny
 

© Copyright Frank D. Kanu 2000-2009

e-week has an article about hackers tacking advantage of a known vulnerability on an unprotected server to potentially gain access to some 1.4 million names, Social Security numbers, telephone numbers, addresses and dates of birth.

Ramos declined to confirm which vendor’s database was the subject of the attack but did say it was a “commercially available product” with a known vulnerability that was exploited. A patch for the vulnerability was available at the time, Ramos said.

Remember the comment to my Does your company have a chief security officer post?

Yep, the ostrich analogy is a perfect fit here too!

Tags:

analogy  chief security officer  dates of birth  hack  hackers  numbers telephone  ostrich  perfect fit  social security numbers  telephone numbers  uc berkeley  unprotected  vulnerability  yep
 Technorati (All Links are external): analogy  chief security officer  dates of birth  hack  hackers  numbers telephone  ostrich  perfect fit  social security numbers  telephone numbers  uc berkeley  unprotected  vulnerability  yep  general  it
 

© Copyright Frank D. Kanu 2000-2009

I think the most interesting sentence was right at the end of this article at computerworld:

But he noted that the upgrade problems are reminiscent of frustrating incidents he has experienced with eBay site changes that were touted as “improvements.”

This is not against eBay or PayPal but a rather more and more showing problem with software in general!

Development has to be done fast and cheap. Remember the quality triangle? Pick any two? Seems like its going more to be a pick none!

Tags:

coding error  computerworld  ebay  general development  improvements  incidents  paypal  quality  quality triangle  reminiscent  shuts down  triangle
 Technorati (All Links are external): coding error  computerworld  ebay  general development  improvements  incidents  paypal  quality  quality triangle  reminiscent  shuts down  triangle  business  general  it