Not since the likes of Zan & Jayna have twin powers activated as they have with the joint appearance of CEOs for IBM & Google at IBM’s PartnerWorld conference this year. As they put it in the Computer World article entitled Google and IBM are bonding in a serious way, “The two CEOs bantered like old golf buddies, praising each other’s organizations and rarely giving moderator Pankaj Ghemawat, a professor of global strategy at the IESE Business School in Barcelona, Spain, a chance to ask questions.” Schmidt said, “Cloud computing is the story of our lifetime.” Concluding, “Eventually all devices will be on the network.” Schmidt was joined onstage by IBM CEO Sam Palmisano, who said the relationship marks a new territory “It is the first time we have taken something from the consumer arena and applied it to the enterprise.” So, whats with the the oldest computer giant pairing with the latest? Maybe its just that the industry is growing up and its become something new.

Google: Shape of 600 lb. Search Gorilla

Google continues to take shape with things like updating its Finance site, giving Google Video a face lift, and continued production of solutions helping others go green. While IBM, the hardware giant of the pair seems in step, this is possible largely because of the dancing space Google’s created; causing Microsoft and Yahoo to consider a merger, analog advertising to fall apart, cell phone networks to become open, and especially bringing a new advertising domain to the table in the form of its massive YouTube audience. These days, nothings too far from the reach of this 600 lb. Googrilla that grew up dominating the tech-world. Google-inspired engineering is especially apparent at IBM with services like Many Eyes and History Flow.

IBM: Form of Enterprise Cloud

The created space hasn’t gone to waste. In all of 2007, IBM reported sales of $98.8 billion, up 8 percent from 2006, leaving most sure of its stranglehold on enterprise service and hardware sales for the time being. The line is blurring between the two companies — Google and IBM — and its making these power twins much more identical these days. Even Google CEO Eric Schmidt had made some admissions to that point. “There’s not that much difference between the enterprise cloud and the consumer cloud,” Schmidt said. Later the CEO even offered a distinction which displays the two companies shared reasoning, “The cloud has higher value in business; that’s the secret to our collaboration,” Schmidt added.

The Greater Story: The Grid

The fact is, theres a greater story to be told. It has to due with all these players and a metamorphosis taking place in the industry. It started with the Internet and continues with the creation of the “Cloud” — a generic name for a platform for utility computing that hopes to eventually process, store and transfer every bit of information on Earth. Its a changeover whereas time passes and giants collide in sometimes peaceful ways as with Google and IBM, and sometimes violent ways as once forced together Microsoft gives up its bid for Yahoo. The metaphors of a Gorilla creating space invokes a more forceful saying as well: Lead, follow, or get out of the way. And as once before humanity saw the local energy provider take shape to become the power company, then become regional, and then global — from a network to a grid — so digital information processing, storage and transfer will go from the unit of the PC, to a network, to an Internet, to a Cloud, later becoming an equally, finely, more tightly bound and integrated Grid of utility computing devices (perhaps it’ll even run on International Google Machines).

The day might come when biometrics completely replaces the function served with passwords. But will it matter? The fact is, that that biometric reality grows closer every day. Right now, hardware becoming cheap and software environments becoming virtual, has many such realities racing at us like a wild mustang. But, I know you. You’re human, you need to see it in action. Well, do I have the perfect software for you. You or anyone can download for free something called Ophcrack. Ophcrack uses Rainbow Tables (and well). Take a look at it here, where Lifehacker has a gallery of screenshots of Ophcrack at work under Windows.

What does all that mean? I’ll keep it simple. Ophcrack can crack the password “Fgpyyih804423″ in 160 seconds (or for more here for Thomas Ptacek’s work on the subject or here where Darknet talks about its history). Anyone with Computer or Network Security experience (or that has tried to guess a password) will tell you, thats expected to be a difficult password to crack, and being cracked in 160 seconds is jaw dropping. “Fgpyyih804423″ is not very human relative and by that I mean its not a word in any language, nor a composite of any word in any language ( its not even some tokenized expression). In fact, the string of characters looks to be (because it is) quite random.

Worried yet? If not, some forward thinking might get you bit concerned. Implementations of biometrics really don’t solve this issue (they’re conceptually the same). They just make the string’s identity larger and thereby, by today’s standards, more difficult to crack. But, as technology grows to facilitate biometrics, so will that which is used to subvert biometrics and in not so different ways than we see here. So, my question to you is, what will you do, when you can’t trust your own reflection?

This guy from JustLinux, saikee , might be your hero. It all depends on how computer savvy you are. But, let’s say for the sake of discussion, you’re savvy enough to dual boot Windows XP & Ubuntu Linux, as an example. Now, sure, some people are saying, “dual wha? Ubuntu?” Some may not even know what Linux is. All “dual boot” means is running more than one Operating System on your computer and having the capacity to select which one you want to use when you turn on the computer. But, even if you are savvy enough to dual boot (which isn’t very savvy at all, evidently) than you’re only 143 Operating Systems behind. Better get your hiking boots, you’ve got some footwork ahead if you want to catch up. saikee posted information on his new setup on JustLinux a while back… which boots only 145 different Operating Systems! “Can you run tha–” — “Yes.”

#!/usr/bin/perl
use Mail::POP3Client;
use IO::File;

my $Hostname = $ARGV[0];
my $Username = $ARGV[1];
my $Password = $ARGV[2];
my $Location = $ARGV[3];

if ( defined($Hostname) &&
        length($Hostname) > 0 &&
        defined($Username) &&
        length($Username) > 0 &&
        defined($Password) )
{
        if ( ! -d $Location )
        {
                die(qq{$Location is not a valid directory path});
        }
        else
        {
                my $POP = new Mail::POP3Client(
                                USER     => $Username,
                                PASSWORD => $Password,
                                HOST     => $Hostname,
                                USESSL   => true,
                );

                $POP->Connect() >= 0 || die $POP->Message();
                for ($i = 1; $i < = $POP->Count(); $i++)
                {
                        my $Filename = $Location . ‘/’ . join(’_',$Hostname,$Username,$i) . ‘.eml’;
                        my $Filehandle = new IO::File;
                        open($Filehandle, “>$Filename”);
                        $POP->RetrieveToFile( $Filehandle, $i );
                        close($Filehandle);
                }
                $POP->Close();

        }
}

Its no problem to use…
shell$ mkdir /some/storage/location
shell$ ./pop2messbox.pl pop3.host.com username password /some/storage/location/

Requires…
Mail::POP3Client from CPAN

#!/usr/bin/perl
use Net::LDAP;
use XML::Simple;

my $XML = XML::Simple->new(NoAttr=>0,
                RootName=>'LDAPDump',
                ForceArray=>1 );

my $LDAP = Net::LDAP->new( $ARGV[0] );

my $Message = $LDAP->bind( $ARGV[1],
                password => $ARGV[2] );

if ( defined($Message) )
{

   $Message = $LDAP->search( base   => “”,
        filter => qq{($ARGV[3])});
        foreach my $Entry ($Message->entries)
        {
                if ( defined($Entry) &&
                        ref($Entry) eq ‘Net::LDAP::Entry’ )
                {
                        print $XML->XMLout($Entry->{asn});
                }
        }

        $Message = $LDAP->unbind;
}

Its no problem to use…
shell$ ./ldap2xml.pl ldap_host "uid=whoever,cn=whatever" password "filter_attribute=value"

Requires…
Net::LDAP from CPAN & XML::Simple from CPAN

The beauty of this article is its unwillingness to question the basis of what it dubs “Corporate” IT while obviously, what it dubs “Shadow” IT, seems to be the more successful school-of-thought for supplying immediate IT solutions (and thats even by the articles account). Oh, and by the way, just for the record, I agree: Shadow IT works better.

Read the rest of this entry »

This is an interesting approach to trying to understand, and discuss computer-related security. It looks at the differences in Open-Source and Closed-Source software development models and their methodologies. The article looks at some of the well-known schools of thought like “security through obscurity” or “security through visibility”. And, at the same time it offers some insight on exactly how niche environments can dictate their preferred method. I found it to be unbiased, well conceived, and well written.