Blog Archives

  • September 25, 2011

    Privacy and Big Data

    By Reed Wiedower
    Book Reviews \ Cloud Computing \ General
    As the internet and mobile technologies have grown more prevalent, concerns about privacy and how data is collected and used have come to the forefront. Here at New Signature, we’re always looking to help our clients educate themselves about the risks and opportunities of sharing data in this increasingly connected world.
     
    In “Privacy and Big Data” by Terence Craig and Mary E. Ludloff, the authors come at privacy concerns from two different angles, meshed together in a quick, easy to read series of chapters. The overall thrust of the book is summarized in the final chapter with a quote from RFK that we live in “interesting times” with a myriad of concerns and opportunities. To their credit, the authors sketch out succinctly the different players in the privacy debate, from ordinary people to data-driven internet savvy companies, data markets that serve all parties and government entities. By the conclusion of the book, you’ll be well-versed in both the legal ramifications of data collection in Europe, the United States and beyond. Even the fundamental question of whether privacy is a “right” or a “commodity” is fully explored.
     
    Although the book is exhaustively researched, it does tend to pose more questions than it answers, frequently devolving into a series of personal privacy preference options, rather than providing proscriptive guidance for individuals looking to protect their privacy. It also often hints at dangers rather than spelling them outright: “privacy” is often setup in opposition to ”safety and security” even though that’s a false dichotomy when it comes to many of the laws in the U.S. It’s also unclear at the conclusion whether there is any link between shared data and government control: the examples given of authoritarian regimes using “big data” seem too heavy-handed and poorly executed (e.g. shutting off the internet to prevent twitter, rather than mining the data to find rebellious citizens) to inspire fear.
     

    While use of personal information online is a hot topic and one that deserves study and education, the book ends up spreading more fear, uncertainty and doubt than it clarifies. One of the authors in the appendix notes that she never shares photos online or ever uses a social networking site. It’s a sentiment that many people in the United States would find abnormal, and it marginalized the content in the book for me.

  • August 30, 2011

    Book Review: Perfect Passwords

    By Peter Day
    Book Reviews \ IT Consulting and Support

    In the book “Perfect Passwords” author Mark Burnett discusses ways that computer security can be improved.  However this is no dry security tome, the style is easy to read and at under 200 pages could be read in a weekend.  Though it’s short there is still plenty of interesting material in here  – perhaps the most enlightening, or frightening depending on your viewpoint, section of the book is Chapter 9 where he gives a list of the 500 worst passwords of all time.  If you see your password on this list it’s time to change it immediately!

    Though a general computer enthusiast may find it an interesting read the book seems to be aimed at two groups.  The first being those who set password polices for others to follow and the second group being those who educate computer users about password security. 

    There’s plenty of material in the book that demonstrates what a bad password is and how what one might think is an ingenious password is actually quite predictable and hackable – a trainer could use this material to create an interesting power point presentation on password security for non-technical staff.. 

    The book also contains cautionary words for network administrators who set too stringent complexity requirements on passwords that make them hard to remember – the reason being that hard to remember passwords tend to get written down somewhere.

    While the book contains many useful examples and explanations the message of the book could be summed up as follows:  use phrases for your passwords, make them 15 characters or more including numbers and symbols, yet make them easy to remember, and type, and don’t forget to change them often.

  • August 2, 2011

    Book Review: Practical Packet Analysis, 2nd Edition — Using Wireshark to Solve Real-World Network Problems

    By Peter Day
    Book Reviews \ IT Consulting and Support

    The 2nd edition of “Practical Packet Analysis” by Chris Sanders provides a thorough  introduction to the subject of reviewing and protecting traffic on your network.  It shows how to analyze your own network traffic and in the process demonstrates how a malicious attacker might try to snoop on your network, thus enabling you to proactively protect it.

    The first few chapters cover the basics of packet analysis and show that it is not easy for someone to spy on your network, even a wireless network.  However, “security through obscurity” is not a valid data protection method, so read on to learn more of what is possible.

    The next few chapters introduce you to the open source Wireshark software and give the basics of how to install, configure and use it to analyze data traffic on your network.  The explanations are clear, and while technical, they are not too complicated to follow.  The best way to learn is to follow the instructions and install Wireshark on a machine attached to your own network and have a go yourself.

    Chapters 6 and 7 go into more detail about network protocols and you might consider these informational or optional depending on how deep you want to delve into the subject.

    The remaining chapters provide practical scenarios where you might use packet analysis to solve real world problems such as a slow network or analyzing the effects of social media traffic .  Chapter 10 focuses on the beginning steps of using packet analysis to help improve the security of your network.

    Overall the book is written in a very readable style and is certainly informative in a very practical way.  Be warned, in some parts it does assume professional experience with network concepts and operations.

    Need help with your network?  Call New Signature today–we can help you design, build or improve your network, or troubleshoot those pesky network problems.

  • July 25, 2011

    Book Review: Windows Sysinternals Administrator’s Reference

    By Reed Wiedower
    Book Reviews \ Microsoft

    When it comes to all things Microsoft, no one is held in greater esteem (sorry, Bill G!) than Mark Russinovich.  As the founder of Sysinternals (later acquired by Microsoft itself) he poked more deeply into the Windows kernel than any non-Microsoft employee, exposing hidden API hooks and developing powerful tools to help both system administrators and developers alike. From the ps suite of tools, to the legendary process monitor and process explorer, Russinovich literally wrote the book on the internals of Windows systems.

    Now he’s followed up with the book on how to troubleshoot Windows operating systems, the Windows Sysinternals Administrator’s Reference. In collaboration with co-author Aaron Margosis, he presents an overview of the entire Sysinternals suite of tools, and there methodically goes through the use of each one, presenting tables and graphics to accompany his explanations of their use.

    This book isn’t for the faint of heart. If you didn’t enjoy the Windows Internal series, you’re not likely to be able to use this volume, but for those of us that live and breathe through Sysinternals (or just occasionally pick up process monitor to fool around with) it’s a godsend. There’s never been (before now) the ability to exhaustively detail how the tools work without diving through multiple forums and waiting for days. With a Windows 7 computer, reliable access to the internet, and this book, you could spend weeks learning the nuances of the entire toolset.

    Russinovich’s style is breezy but detailed, and within a few chapters I’d already learned more about tools I use regularly each week than I had in the previous several years. Whether troubleshooting a pesky memory leak, speeding up boot times, or getting to the bottom of a frustrating crash, there’s a tool in the sysinternals suite for each scenario. The newer tools that allow you to see memory allocation (for physical and virtual machines) aren’t skimped on either, so there’s something for even the most experienced Sysinternals veteran. Armed with this book, no problem is too daunting, and as such, it should be on every system administrator’s desk wedged between the Windows Powershell Pocket Reference and Mastering Regular Expressions, Third Edition.

  • March 5, 2011

    Book Review: 21 Recipes for Mining Twitter

    By New Signature
    Book Reviews \ Branding, Website and Database

    21 Recipes for Mining Twitter” by Matthew A. Russell is written for a technical audience and specifically programmers that use or are comfortable with the Python programming language.  The bulk of the book is a collection of Python code samples (a.k.a., recipes), and suggested tools, that will help you develop the code that you need to extract data from Twitter and present this information for analysis.

    Matthew Russell presents a clear description of the problem that each recipe solves and discusses some of the finer points of the recipe before diving into the code.  This concise writing style makes the concepts easy to understand, which begin with more basic concepts such as using OAuth to access Twitter APIs to more complex topics such as visualizing geodata with a Dorling cartogram.

    The author also provides useful recommendations for tools to utilize in conjunction with the data that you are able to collect from Twitter.  For example, using Protovis (JavaScript visualization toolkit) or the WP-Cumulus WordPress plugin for web visualization, or Apache CouchDB to natively store JSON data.

    One substantial benefit of reading this relatively short book–it is only 72 pages in length–is that it identifies and will therefore help you avoid common pitfalls.  For example, one section focuses on writing robust requests that can handle the more common issues, such as Twitter’s rate enforcement.

  • February 28, 2011

    Book Review: Cassandra the Definitive Guide

    By New Signature
    Book Reviews \ Branding, Website and Database \ Cloud Computing

    Chances are either you, one of your friends, or possibly a co-worker have created–or worked with a database–over the past decade. Most likely, it was a relational database, such as Microsoft Access, SQL Server, Oracle or mySQL. For many years, relational databases have been the foundation for applications as diverse as home finance and space exploration.

    Now, with the explosion of web-based services relying upon greater and greater concepts of scale, the relational database has hit a wall. Supplanting it are several “no-sql” databases that are significantly different in scope and features, which can be challenging for both database administrators and system architects to implement.

    Cassandra: The Definitive Guide” by Eben Hewitt covers these newcomers to the database world briefly, but focuses mostly on Cassandra itself, a database built to scale. The key concepts and divergences from traditional relational database management system are all clearly explained, and within a few chapters seasoned database admins should be able to grasp most of the basic features of Cassandra.

    The tone of the book is fairly light but perfect for the new Cassandra administrator. Because the key benefits of Cassandra can only be realized *after* implementation on a platform, playing around is key to gaining skills, and the book targets that environment.

    If you’re reaching the end of your performance rope with SQL, we highly recommend this book. It may not be for most organizations, but for those that are pushing the limits of the web, it’s a must-read.

    Contact New Signature today if you are looking to learn more about how highly scalable distributed database management systems, like Cassandra, can help your business.

  • January 17, 2011

    Book Review: Deploying Microsoft Forefront Threat Management Gateway 2010

    By New Signature
    Book Reviews \ IT Consulting and Support \ Microsoft

    Forefront Threat Management gateway has come a long way since the days of “Proxy Server 2.0″. With the recent crop of “Next Generation Firewalls” performing deep packet inspection on the application level, Microsoft needed to bolster their argument that a software-based firewall could perform at the level of their hardware-based competitors.

    In “Deploying Microsoft Forefront Threat Management Gateway 2010“, Authors Yuri Diogenes and Dr. Thomas W. Shinder lay out the required steps to getting this newly updated software installed in either a single server or highly available array setup. The tone of the book isn’t super-breezy, but it’s light enough to encourage would-be administrators from spinning up virtual machines to test TMG2010 out. All the major features and negatives of the product are reviewed, including some of the fierce comments from network admins reluctant to place a Windows domain-joined machine on the edge of a network.

    The book doesn’t muddy the distinction between TMG and sister product Forefront UAG, but the fact that there are still two distinct software firewall products Microsoft recommends (one for publishing internal applications and DirectAccess, the other for securing internal network resources) is a tough sell for many environments, especially those that already have a hardware based firewall that is performing well.

    Because the book is narrowly scoped to deployment, it doesn’t include much in the way of day-to-day administration guidance. Although I’d like to see that guidance, I found its exclusion fine, so long as MS Press releases a follow up covering that information. (The previous administrator’s companion book for Forefront TMG clocked in at over 1000 pages, which was barely manageable to read on a Kindle, let alone in print version). Overall, for new system admins looking to test out Microsoft’s latest firewall, the book was short but solidly researched and well written.

  • December 13, 2010

    Book Review: “The Myths of Innovation”

    By New Signature
    Book Reviews \ Branding, Website and Database \ IT Consulting and Support

    In “The Myths of Innovation,” author Scott Berkun attempts to debunk the myths and stories surrounding how innovation happens, and presents his findings in a funny, historical and authoritative manner.  The book initially sets out to define what innovation is, and how the term “innovation” has become one of the most overused terms in the business world due to overuse by marketing and advertising.  In fact, Berkun is so sensitive to overusing the word himself that he challenged himself to use the word as infrequently as possible, and seems to have succeeded in doing so in only using it 65 times in the entire book.

    The format of the book is setup so that each chapter explores the myths surrounding innovation, then reveals the facts about each breakthrough, followed by practical insight that can be applied to a real-world situation.  The book provides many historical stories of innovation and how each breakthrough came about, pointing out that much of what we hear and learn about innovation is in fact either greatly exaggerated or simply false.  There was much detail showcasing who was behind various breakthroughs, and insight into how each breakthrough happened – and in most cases there wasn’t the illustrious Eureka! moment.  Berkun shows us that in the vast majority of cases there is a lot of very hard work that goes into any successful breakthrough, and there are countless stories of failures along the way to success.  Berkun walks the reader through many evidence based examples of both successes and failures ranging from stories of current companies like Flickr and Craigslist to historical legends such as Albert Einstein, Thomas Edison and Thomas Jefferson.  There are many interesting facts and surprises along the way, and what could be somewhat dry material comes to live through these examples.

    The final chapters of the book serve as a how-to guide for making innovation happen.  Berkun calls this his ‘simple plan’ and outlines what he feels is the best way to go about making something great.  This section of the book alone contains a lot of valuable information and would be a useful read itself for any team lead, manager or business person trying to innovate.

  • December 12, 2010

    Book Review: “Windows PowerShell Cookbook”

    By New Signature
    Book Reviews \ IT Consulting and Support \ Microsoft

    As PowerShell has grown up, the set of canonical texts required to support it has expanded as well. O’Reilly’s “Windows PowerShell Cookbook” is one of those books. Now in the second edition, WPC retains all the utility of the original book but adds new features and topics. The original version’s clean, easy-to-understand syntax and examples carry over into the second edition, allowing readers to use WPC as an all-purpose reference guide. If you have a specific question, just crack open the index, find the tool you need, and leave the book on your digital desktop for the next time.

    Several changes to PowerShell, from v1 to v2, have increased the utility of the cookbook. Topics like remote access and management, or the PowerShell Integrated Scripting Environment simply didn’t exist in v1. They are covered in depth in this updated version, making it invaluable. If you’ve wanted to manage multiple remote servers in one easy to use environment, the ISE and remote access together are a perfect fit, and well explicated in the book.

    The biggest miss, by far, in the latest version of the cookbook is the chapter on Active Directory. In PowerShell v1, AD cmdlets didn’t exist, and thus, manipulating items was incredibly tedious work through the ADSI provider. In v2, active-directory cmdlets exist for all common tasks, yet the cookbook mentions them only in passing (preferring to explain the dated ADSI ones) and recommends readers visit a website for further questions. It’s a serious miss, and one that will frustrate many systems administrators who perform tasks in AD each day.

    Windows PowerShell Cookbook, in the end, still has gaps. In the first version, it was simply because the language was immature and certain features weren’t included. Now that PowerShell has hit 2.0, the language is robust and ready for a solid reference work. WPC gets 85% of the way there, and the primary gaps are now in documenting the numerous applications that build on top of PS. Now that Exchange, Active Directory, SQL, IIS and the System Center suite of Microsoft products use PowerShell, having a solid reference for systems administrators who use those apps may be necessary for a truly “comprehensive” work.

  • October 26, 2010

    Book Review: “Being Geek: The Software Developer’s Career Handbook”

    By New Signature
    Book Reviews \ Branding, Website and Database

    Being Geek” covers the career path of a software developer and the goals therein. Along the path are anecdotes of failures, disasters and the occasional bright spot. The writing style is addictive, and Rands clearly lays out the perils in transitioning from someone in the front lines of operations to a manager. It’s clear that many people have trouble making this transition, and Rands breaks down why.

    Although the book is written from a software perspective, any engineer working today who is a self-confessed “geek” will find value in this book. The organization of the book does lend itself to choosing a particular chapter when one runs into an important life-event, but reading it from cover-to-cover felt just as natural. I’d strongly recommend all technical workers pick up a copy and learn the lessons contained therein.