• Cloud Computing Disadvantages: 6 Major Concerns

    This article reflects on the role of cloud computing in the ICT and Business World; its pros n cons, but focuses majorly on its cons, its disadvantages and what a lot of people didn't know about it.

    NO DAMAGE MEANT HERE, but sometimes, we need to think twice before deciding to switch 
    to cloud computing.

    Cloud computing disadvantages? But, it’s the Cloud!

    It’s the latest buzzword that’s tacked on to every online service these days. If it’s on the web, it’s suddenly also on the cloud.
    But what does that really mean?
    We’re being told left and right that the solution to all our problems in this new and latest offering– in the cloud!
    The ‘Cloud’ isn’t a magic bullet.
    It’s a great platform, and makes online computing easier in many ways, but to really understand what you can use it for, you also have to understand its limitations.
    There’s a plethora of Cloud Computing disadvantages that you have to take into consideration before you plan any serious deployment.
    What Is The Cloud?
    Before you can understand the inherent Cloud Computing disadvantages, we have to clear up some terminology.
    Cloud Computing has been constantly redefined by everyone trying to sell their online platforms and services. If we ignore the hype surrounding the word, what is the Cloud all about?
    There are typically two primary schools of thought that come up in Cloud Computing. 

    bulletSoftware as a Service (SaaS): Rather than just being the software equivalent of outsourcing, SaaS offers mobile access, and stores your data for you.
    Examples include Gmail, Salesforce, many online billing and payment services. 

    bulletUtility Computing: This isn’t a novel concept, it’s been around for a long time.
    Purchasing time or computing power on someone else’s hardware to run your applications. These offerings are on-demand, and bill for exactly the resources you use.
    Examples include Amazon EC2, Google AppEngine, Force.com.
    Clouds provide Utility Computing, and there are two kinds of Clouds.

    bulletPublic Clouds: These are sold to customers, and are typically pay-as-you-go, with the cost of storage and processing time being passed on to the client (you). 

    bulletPrivate clouds: Are internal, and typically get budgeted into mysteriously large “operating costs.”
    Okay, you say. Thanks for ruining a perfectly good explanation. What am I supposed to take away from this?
    Most SMB users are going to be utilizing SaaS, or hosted solutions.

    So What Are The Cloud Computing Disadvantages?
    Since we’ve nailed down what the Cloud really is, we can talk about Cloud Computing disadvantages. To writ, what are the obstacles that we face when we try to use it? 

    bullet1.) Availability: What do you do when there’s an outage at the datacenter? If your business relies on someone else’s machines working correctly, you need to know your rights as a customer and have an iron-clad SLA.

    bullet2.) Bulk Data Transfers and I/O Bandwidth: Bringing a lot of data into or out of a cloud instance takes a good deal of time. Without a high-capacity connection, it could take days to load all that data.
    If you need to transfer a few terabytes, or even a couple hundred gigabytes, consider sending a physical copy to the datacenter. Most providers can help you load information from a disk into your instance and cut down on your startup time.

    bullet3.) High Latency: Latency is the time that it takes for your request to go to the target server, be acknowledged and a reply sent back to you.
    With your datacenter being in another state, or even another country, your connection might be spotty enough that you’re looking at problems with latency.
    If there’s a sudden surge in use of the particular Cloud that you’re working from, the latency could spike as well. 

    bullet4.) Data Lock-in: If you’re using proprietary systems, Data Lock-in can become a problem when you want to use that data elsewhere, or move to another provider.
    This can be combated by standardization of data. For the most part, this is a back-end item, but as the customer, you should only look to use SaaS that offer Import and Export of data. 

    bullet5.) Data Confidentiality: When you work with sensitive data (your customers’ information!) you don’t want it to be accessible to people you can’t trust.
    Your provider has access to anything you don’t encrypt, so be sure that you’re working with people you can trust, or you have systems in place that protect your data from unauthorized access.

    bullet6.) Software Licensing: Possibly the thornieset issue of the bunch, nobody has really caught up with licensing for virtual machines in the cloud. Prices could be too high, or the mechanisms that prevent piracy might not be able to handle overseeing virtual instances of the same machine.
    Cloud Computing disadvantages are rampant, and its general adoption and use by everyday users suffers from this, but there’s a great deal of potential for those that can overcome these issues. These problems arise because the datacenter hosting your Cloud is in a separate location from your business. 

    What Should I Be Leveraging It For?
    Despite current Cloud Computing disadvantages, as an SMB, you’re going to be using the Cloud in places where you can’t afford to host your own infrastructure, or need to cut hardware costs. There’s some applications which are perfectly suited for the Cloud, regardless of the size of your business, or what your other requirements might be.

    bulletEmail!: Look to Google’s GMail, and Microsoft’s Outlook Web App, and every other online email service.
    Everything they do is done ‘in the Cloud,’ and their email applications can be accessed from any computer, any time.
    Consider porting your email to the Cloud to make it more accessible and to free yourself from the restrictions of using a single workstation. 

    bulletOffice software: Microsoft has its own Office 365, which is a cloud-based version of the classic Microsoft Office productivity software. Google Apps offers a robust alternative
    So, are current Cloud Computing disadvantages enough to keep you away from them? Not really.
     
    SaaS is already an extremely solid platform, and its offerings work for all tiers of business.
    Utility Computing is primarily for Enterprise businesses that are looking to offload their server computational time, but has been making entrĂ©s into SMB as a tool for virtualizing redundant servers and creating “self-hosted” solutions for Exchange and Sharepoint.
    Have you suffered at the merciless hands of Cloud Computing, or you have any good information to share regarding it? Tell us your story by commenting below!

  • Tool Name & DescriptionURL
    7-Zip is a file archiver with a high compression ratio.http://www.7-zip.org/
    Acronis True Image with Universal Restore - Disk Imaging toolhttp://www.acronis.com/
    Belarc Advisor - Audits installed software, list keys, hardware, Microsoft patches, and generates a reporthttp://www.belarc.com/free_download.html
    Clonezilla is an OpenSource clone system with unicasting and multicasting! Goodbye to Ghosthttp://clonezilla.org
    CPUz. Accurate PC motherboard, RAM, graphics card details and MUCH more without opening up the boxhttp://www.cpuid.com/cpuz.php
    cURL a command line tool for transferring files with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS and FILE.http://curl.haxx.se/
    DBAN - Darik's Boot and Nuke (DBAN) is a self-contained boot disk that securely wipes the hard disks of most computers.http://www.dban.org/
    Desktop Restore is a tiny shell extension that records the position of your desktop icons and lets you easily restore your favorite desktop layout.http://www.midiox.com/desktoprestore.htm
    ExamDiff is a good file-comparison toolhttp://www.prestosoft.com/edp_examdiff.asp
    File-Rescue Plus is an easy to use recovery utility to remotely scan WindowsHard Drives, and removable mediahttp://www.softwareshelf.com/products/file_rescue_plus_enterprise.htm
    GParted is the GNOME partition editor for creating, reorganizing, and deleting disk partitions.http://gparted.sourceforge.net/livecd.php
    InfraRecorder is a graphical tool for burning ISO images. Supports many DVD and CD drives that are available, burn ISO images, CDs and DVDs.http://infrarecorder.org/?page_id=5
    Iometer is great to pound on hard drives - a good I/O subsystem measurement and characterization toolhttp://www.iometer.org/
    Kdiff3 is a file-comparison tool that does unicode, editing, directories and 3 way merge, all for free.http://kdiff3.sourceforge.net/
    Kon-Boot - Log into any local or domain account on a pc without a password. Very cool tool.http://www.piotrbania.com/all/kon-boot/
    Lansweeper is a network inventory tool that performs hardware scanning, software scanning, and reporting on Active Directory (AD) users. Needs SQL.http://www.lansweeper.com/
    LUA BugLight - For finding out where a program hangs with it run under restricted mode so you can make system changeshttp://blogs.msdn.com/aaron_margosis/archive/2006/08/07/LuaBuglight.aspx
    MyDefrag-4.0 - Flexible Hard Drive Defrag program with a scripting languagehttp://www.kessels.com/Jkdefrag/
    Nmap Security Scanner version 5.00.http://nmap.org/
    Norton removal tool. LOL:http://www.softpedia.com/get/Tweak/Uninstallers/Norton-Removal-Tool.shtml
    Notepad++ features a tabbed interface, syntax highlighting for all popular programming and scripting languages, bracket matching, and macro recording.http://notepad-plus.sourceforge.net/uk/download.php
    Offline NT Password & Registry Editor - Boot CD that can change local account passwordshttp://home.eunet.no/pnordahl/ntpasswd/
    Paint.NET is a huge improvement over Windows' built-in Paint program for image manipulation.http://www.getpaint.net/download.html
    Password Safe allows you to safely and easily create a secured and encrypted user name/password list.http://passwordsafe.sf.net
    PEESR - Periodic Emailed Event Summary Report. Order today and save 10% with coupon code SUNB-PXTO-SAUGhttp://jntae.com/peesr/peesr.html
    PING makes a sector-based image copy of a disk partition. The bootable PING ISO tool copies a full system disk to on a bigger disk.http://ping.windowsdream.com
    SpinRite Boot CD - Hard Disk recovery toolhttp://www.grc.com/sr/spinrite.htm
    Sunbelt Sandbox. Upload suspicious files to the Sunbelt Labs and have them scanned. Similar to VirusTotalhttp://www.sunbeltsecurity.com
    Superscan 3.0 - fast little port scanner. A quick way to tell whats on the network.http://www.foundstone.com/us/resources/proddesc/superscan3.htm
    Sysinternals - An sysadmin's best friend - especially Process Explorer that shows why a PC is slowhttp://technet.microsoft.com/en-us/sysinternals/default.aspx
    Total Commander is a powerful shareware file manager for all flavors of Windowshttp://www.ghisler.com/
    TrueCrypt. Brilliant file and whole-disk encryptionhttp://www.truecrypt.org
    UBCD4Win is a bootable recovery CD that contains software used for repairing, restoring, or diagnosing almost any computer problem.http://www.ubcd4win.com/
    Ultimate Boot CD has over 100 tools for diagnostics and repair.http://www.ultimatebootcd.com/
    Ultra VNC. Say no more:http://www.uvnc.com
    UltraTech's list of tools that needs some updating but has dozens of popular tools and their linkshttp://KB.UltraTech-llc.com/?File=Utils.TXT
    USB Deview. Untangle all those devices sensibly. In fact, most of Nir's utilities are pretty goodhttp://www.nirsoft.net/
    VIPRE Rescue is a command-line utility that will scan and clean an infected computer that is so infected that programs cannot be easily runhttp://live.sunbeltsoftware.com/
    VirtualBox is a powerful, free x86 virtualization tool for Windows, Linux and morehttp://www.virtualbox.org/
    Voidtools - everything search engine. Locate files and folders by name instantly.http://www.voidtools.com/
    WinDirStat is a very good disk space usage visualization and cleanup tool for Microsoft Windowshttp://windirstat.info/
    Windows Installer CleanUp Utility for failed or partially installed softwarehttp://support.microsoft.com/kb/290301
    Wireshark is a popular network protocol analyzer (sniffer), used in many industries and educational institutions.http://www.wireshark.org/
    XML Notepad is a specialized MS XML editor with a small footprint. It has a Tree View and a Node Text View and a built-in XML Diff capability.http://www.microsoft.com/downloads/details.aspx?familyid=72d6aa49-787d-4118-ba5f-4f30fe913628
    ZoomIt lets you magnify portions of your screen while doing demos and presos, as well as draw on and annotate the screen.http://technet.microsoft.com/en-us/bb897434.aspx




  • Thursday morning, the 12th of July 2012, the world woke up to yet another news of a high profile cyber-attack. This time, the victim being one of the internet giants - YAHOO.

    The attack was carried out by a Hacker Group named D33D on one of Yahoo’s sub-domain (yahoo voice), unencrypted usernames and passwords of over 400,000 users were released online.
    The Hacker group claimed responsibility for the attack and said it hope Yahoo and the others would see this as a wake-up call rather than a threat.

    What seemed to surprise many was the method of attack used against Yahoo.
    An SQL INJECTION; a technique often used to attack databases through a website, and for exploiting security vulnerability in websites software.
    SQL to me is old-school, an old method of hacking, something almost every IT person knows about. It’s even a joke among hackers and geeks due to its utter simplicity, and the preventive method has been published severally by different individuals and companies in the past.


    Attacks like SQL injections, were used to take down at least 18 Sony sites and networks earlier this year.
    XSS (cross-site scripting) is so well-known and widely-exploited, a vulnerability that elementary school kids use XSS exploits to log in to their accounts at school because it's simpler than trying to
    remember a good password.
    Nevertheless…SQL injections and flaws that allow XSS exploits are just two of 10 incredibly common security flaws that continue to appear in eight out of 10 new commercial and corporate applications, according to security software vendor Veracode, which publishes an application-security benchmark report twice per year .

    Obviously, heavily exploited flaws like SQL, XSS are still present in majority of new web apps.
    With all this attacks happening here and there, it can be concluded that most of the big organisations are not paying the right amount of attention to security.
    The only rules that seems to be accurate about corporate security is that no one has a good handle on either digital or physical security.

    Most companies are so clueless about holes in their airtight defences that they'll brag about their anti-spam or intrusion protection while strangers wander in from the sidewalk to use the CISO's private rest room while the CFO drags an oversized bank bag filled with "laundry" toward the nearest exit on the way to a "vacation" in the Cayman Islands.
    Companies that do pay some attention to security, on the other hand, end up so obsessive about the smallest risk that the whole company behaves as if they manufactured guilty consciences or just heard James Bond was spotted outside.

    Most failed because of stupidly obvious flaws that could be exploited including poor implementation of protections that would prevent XSS or SQL injection attack.

    The unencrypted user names and passwords were pulled from a database that stored them in plain text and without the added security of a hashing technique -- an otherwise common practice for any company that handles sensitive user information.

    The list of emails released stretches just beyond just the Yahoo.com domain and includes login information for more than 106,000 Gmail accounts and 55,000 Hotmail accounts, among others.
    Aside from exposing Yahoo's flawed security apparatus, the hackers exposed an all too common fact: too many users have dumb, simple passwords. The most common was "123456," followed by "password." "welcome,"  "ninja," and "superman," were also among the commonly used password according to an analysis by CNET.

    If there's one thing to learn from the Yahoo security breach, it's that we need to be more creative with our passwords.
    We need to start using strong passwords.


    Simple tips for creating stronger passwords:
    • Use a combination of letters, numbers and special characters, lowercase and uppercase make it long; at least 8, preferably many more characters

    • Use a passphrase instead of a word if that is easy to remember

    • Avoid sequences such as 123456 or common dictionary words or common names
    Why does it matter? This image from Thomas Baekdal shows how long it takes to hack passwords based on their composition:


    This year will be remembered as a year of high profile cyber-attacks. But there are two angles to this that will have long-reaching effects.
    First, for users that continue to have one password for everything, it’s time to change them, and quickly.
    The second angle – primarily prompted by Yahoo – is the responsibility of corporations to protect
    their users. With security threats becoming increasingly more sophisticated, corporations need to be more proactive and predictive about security. Otherwise, they’re just reactive, end up cleaning up after the fact and probably lose their noble customers.

    We've witnessed series of cyber-attacks and intrusions this year 2012,
    'Sony' being one of the victims. LinkedIn, Last.fm , Eharmony and Formspring were also recently hacked, compromising millions more passwords.

    NOW, WHO'S NEXT? Google? Apple? Facebook? or the big dawg - Microsoft?
    The answer to that question is rather elusive. We can only wait for now.
    Time will Tell!

    To confirm if your email is in the list of the hacked emails, click here or visit http://dazzlepod.com/yahoo/