It is with great sadness that I report that Watts Humphrey has passed away.

Known as the "Father of Software Quality" Watts Humphrey, founder of the Software Process Program at the Carnegie Mellon Software Engineering Institute (SEI) and recipient of the National Medal of Technology, died Thursday at his home in Sarasota, Florida. He was 83. One of my favorite I.T. related Quotes: "The problem of software process change are often complicated by the fact that no one is responsible to make it happen. If software process improvement isn't anybody's job, it is not surprising that is doesn't get done! If it is important enough to do, however, someone must be assigned the responsibility and given the necessary resources. Until this is done, software process development will remain a nice thing to do someday, but never today." Watts Humphrey

I.T. Infrastructure Architecture and Active Directory

Speaking of I.T. Infrastructure Architecture (I was, maybe you weren't listening) Mark Wilson has a very good series on Active Directory design online on his site based on the MCS Talks:

  • Active Directory design considerations, part 1: Introduction
  • Active Directory design considerations, part 2: Forest and domain design
  • Active Directory design considerations, part 3: Organizational Units
  • Active Directory design considerations, part 4: Group policy objects
  • Active Directory design considerations, part 5: Security groups
  • Active Directory design considerations, part 6: DC placement and site design
  • Active Directory design considerations, part 7: DC configuration and DNS
  • Active Directory design considerations, part 8: Summary and further information
  • Botnets control more than 2 million PCs in the U.S.

    This seemed a little low to me until I saw the specifics: 2.15 million bot infections were detected and removed the 2nd quarter of 2010.

    AND 2.16 million bot infections were detected and removed the 1st quarter or 2010.

    These are just the ones found by Microsoft, and only the ones they removed. Again, this doesn't include ones they didn't remove (or didn't detect). Also it doesn't include any other vendors.

    Now it sounds more like the numbers I was thinking of...

    U.S. Tries to Make It Easier to Wiretap the Internet

    Not a good idea. To me this comes under the heading of "If you outlaw it only outlaws will have it." If it's technically possible, the criminal crackers will be the first to do it; therefore we will have no secure communications. New York Times reports that:

    Federal law enforcement and national security officials are preparing to ask  Congress to require all services that enable communications — including encrypted message transmitters like BlackBerry,  sites like Facebook and messaging software  like Skype — to be technically capable of complying with a wiretap order.

    The mandate would include being able to intercept and unscramble encrypted messages.

    Carnegie Mellon University Researchers Work on Web Security and Access

    The U.S. National Science Foundation (NSF) is funding studies at more than 30 institutions across the United States in an effort to make Web surfing safer. For example, Carnegie Mellon University researchers, in collaboration with researchers at Boston University and the University of Wisconsin, are building an Internet framework to accommodate yet-to-be developed technologies. Meanwhile, a University of California, Los Angeles team is focusing on securing data no matter where it exists, instead of securing host computers. Rutgers University researchers are examining improving the security and reliability of information produced by mobile devices, instead of desktop computers. And University of Pennsylvania scientists are analyzing ways to increase the speed, availability, and security of cloud computing. "We hope to have a collaboration among the project researchers," says NSF's Darleen Fisher. Pittsburgh Tribune-Review (PA) (09/13/10) Cronin, Mike

    Web Link

    Beware of fake Microsoft Security Essentials

    There is a new fake Microsoft Security Essentials doing the rounds! This Microsoft Security Essentials Alert is basically a Trojan which tries to trick you into buying one of the 5 rogue anti-virus programs that it is pushing. When the fake alert pops-up, it says that a malware has detected on your computer. It will list this Trojan as Unknown Win32/Trojan and will then prompt you to clean your computer using any one of the 35 listed anti-virus programs, 30 of which are legitimate anti-virus programs and the 5 following rogues that the Trojan is distributing:

    Red Cross Antivirus Peak Protection 2010 Pest Detector 4.1 Major Defense Kit AntiSpySafeguard or AntiSpy Safeguard

    During this fake online scan only the 5 fake anti-virus programs listed above will state that this supposed Trojan is an infection. It does this to scare you into clicking the "Free Install" button next to them that will install the rogue program onto your computer and then reboot your computer.

    Detailed instructions for Removing the Fake Microsoft Security Essentials Alert Trojan and AntiSpySafeguard are Here

    Latest facebook email threat

    A new SPAM email is making it's way to everyone's inboxes. It is faked so that it appears to be a normal facebook notification email. One easy way to tell is if you receive it to an email account that facebook doesn't know about. Also, only giving facebook one of your email addresses is a great idea if only for this reason.

    Here is a screenshot:

    Here are a few more clues:

    1) It's from - not

    2) If you hold your mouse over either of the long links at the bottom the real link will show up. It show's it will go to which is a really bad site.

    3) Normally a facebook email will show a preview of the message. This one does not show you anything in an attempt to get you to click the link.

    So, what should you do? I'm glad you asked. As with all emails that have imbedded links, NEVER CLICK THEM. You should open a new web browser and type in the URL yourself. Then in this case you would see that you don;t have this message waiting for you on facebook.

    Happy & safe web surfing!

    I am back from Africa

    Djibouti was an experience worthy of writing about. It's too bad I'm not a writer. The flight to & from alone are worth thousands of words. I was at Camp Lemonnier in Djibouti, Djibouti. Yes I meant to type that twice. The US Navy Base is the headquarters for the  Combined Joint Task Force - Horn of Africa (CJTF-HOA). I worked for the DoD in a Navy office with an ID card that said US Army. Go figure.

    Long days, hard work, but I learned a lot and meet some great people.