|Granted, no virtual machine escape hacks exist today, but if the IT security experts are right and this type of attack is eventually developed, then virtualized servers in the DMZ are basically sitting ducks.
Brien M. Posey, Virtual servers no escape from IT security management concerns
Today’s WhatIs.com Word of the Day is virtual machine escape. In theory, an attacker could get access to the hypervisor (if it was mis-configured or had some other vulnerability) and use it to control all the other virtual machines on the host.
Bob Plankers explains more in What is VM Escape?:
Since the hypervisor controls the execution of all of the virtual machines, an attacker that can gain access to the hypervisor can then gain control over every other virtual machine running on the host. Because the hypervisor is between the physical hardware and the guest operating system, an attacker will then be able to circumvent security controls in place on the virtual machine.
Can you image the power of a zombie army that included an almost infinite number of virtual machines? An army that once established, had the power to create new soldiers (VMs) which one click? Holy moly. Big money there.
Today’s WhatIs.com word of the day is IP surveillance. Control rooms filled with monitors are quickly becoming a thing of the past and closed-circuit TVs are being replaced by IP cameras. Now when you’re in a store shopping, the person who’s watching you might be sitting in their own living room. Phil Dunn writes:
Since these systems are IP-based, you can monitor, store, and archive video, audio and associated application data over the Internet or across private data networks. The video can be carried anywhere the IP network extends, as opposed to closed-circuit television (CCTV) systems that require proprietary equipment and dedicated coaxial cabling. Anyone with the proper security clearance and a standard browser can monitor video, and control and configure the cameras on the network.
The tricky thing is that the new IP cameras kind of look like lights. What’s the difference between a light and an IP camera? One helps you to see better, the other one helps someone to see YOU better.
|A Kanban Board shows the current status of all the tasks to be done within this iteration. The tasks are represented by cards (Post-It Notes), and the statuses are presented by areas on the board separated and labeled ToDo, Doing, and Done. This Kanban Board helps the team understand how they are doing well as well as what to do next and makes the team self-directing.
Kenji Hiranabe, Visualizing Agile Projects using Kanban Boards
Today’s WhatIs.com word of the day is Theory of Constraints. It’s an approach to systems management that can be used by anyone in just about any type of management field.
Let’s say you have a very simple system where components A + B + C + D = Output. In the 1950s, the conventional American approach would be to make sure that each component in the system was optimized to its fullest so that the total output would also be optimized to its fullest. (Component A would be optimized, componenent B would be optimized, etc.)
The Theory of Constraints proposes that you should forget about trying to optimize each part of the system. Instead, you should look at the system holistically and identify the weakest component in the system. The weakest component — the constraint — will determine, ultimately, how successful the entire system is.
A constraint is a bottleneck. It impairs or stops throughput. Because the bottleneck ultimately rules the sucess of the entire system, THAT is what you should place your attention. The Theory of Contraints proposes that every working system has at least one bottleneck but no more than three (or the system wouldn’t work at all).
So the question becomes, how do you identify the bottleneck? In a manufacturing plant, you might be able to physically see the bottleneck — it might be a machine that’s backed up. But what if the system is distributed or the one you’re managing is knowledge-based? That’s where Kanban comes in.
Kanban is Japanese for “card.” In manufacturing, it’s a sign or signal in an inventory control system. As supplies are used up, new supplies are requested simply by sending a re-order Kanban card to the supply point. The new supplies are being “pulled” instead of being “pushed” a la Lucy and Ethel at the candy factory.
Agile software development teams have adopted kanban as a way to track progress and identify bottlenecks in the development process. It’s a pretty common practice to see big sticky-note charts on a wall of a project room. Now you know the name for those charts — kanban. And the part of the chart where the sticky notes are jammed up together and overlapping? That’s a visual representation of a constraint.
David J. Anderson explains how he uses kanban to identify bottlenecks and manage software engineering projects.
|Attention, grocers: Get rid of the cards and just put stuff ‘on sale’ again. Then you’ll get my loyalty.
Justin McHenry, Not a Fan of Supermarket Loyalty Cards
Today’s WhatIs.com word of the day is loyalty card program. Justin McHenry says:
“The only point of the card is to hold me hostage, in the sense that I don’t get the “savings” unless I’m willing to let them track my every purchase and willing to take on the extra hassle of carrying the card on my keychain or shoving it into my overflowing wallet.”
Justin is annoyed at having to carry the card to get the discount — but a lot of people are more focused on how opting in to use a loyalty card gives the retailer way too much personal data.
After all, the data that’s collected from those cards could be shared with “partner” companies. Or the cops in Arizona might come knocking at your door because you’ve been identified as someone who purchases a large number of sandwich baggies — a sign you might be a drug dealer. (True story)
I have to remember that the plastic loyalty card from my big-chain grocery store is not the same as my local farm store’s loyalty punch card. My farm store issues a little paper card that I hand in when the card is filled with “X”s to get a $10 gift certificate. Punch cards reward the faithful.
Today’s loyalty card programs are not designed to reward the faithful — they are designed to help retailers gather incredible amounts of data about their customers. They use the data for supply chain management, for marketing and to figure out ways to change customer behavior. A loyalty card program is expensive to run. It requires a lot of storage for all that data and sophisticated data mining tools to pour through the raw data and turn it into useful information.
The next step will be adding RFID to the cards. Some stores are already testing it out.
Here’s a scenario from Information Week:
The RFID-enabled loyalty card can identify a customer as he or she walks through a store. The chip in the loyalty card transmits to a nearby reader when the customer is within 8 feet of the reader, triggering an avatar to appear on a nearby computer screen. The RFID reader identifies the information in the loyalty card and feeds the data to the avatar, which welcomes the customer to the store in an animated fashion. Based on the customer’s historical purchases, the computer will send a Short Message Service message with store coupons to the customer’s phone.
It kind of boggles my mind how much information I’ll be giving away freely in exchange for seeing “-$4.25” on my grocery receipt.
|A typical data center facility spends almost half of its energy consumption on the systems powering and cooling the computers inside — and not on the computers themselves.
Google, Efficient Data Center Summit
Last October, Google disclosed details about its data center energy usage, saying it was averaging a Power Usage Effectiveness (PUE) rating of 1.21 across its six company-built data centers. To put that into perspective, a PUE of 1 means every watt goes to computing machines. A PUE of 1.5 means that half the power goes to non-computing functions like cooling or lights.
Six months later, Google says it’s got that number down to 1.19. So how is the search giant doing it? For a long time, nobody knew. Google’s infrastructure was top secret. But then in early April, Google held a summit and gave everyone a peek behind closed doors. Surprisingly, what they seem to have done was follow the KISS principle. Relatively speaking, they are keeping things simple. They have their own proprietary servers and the data centers themselves are just about as lean as you could imagine. Google’s made several tours available on YouTube — and this one (below) of a data center built out of shipping containers is just amazing. There are over 45,000 servers housed in 45 containers. Talk about utility computing — this container tour sure looks like a utility plant to me!
At the summit, Google reps shared best practices, saying:
The best practices we’ve presented here are the main reason we’ve been able to achieve our PUE results and can be implemented in most data centers today.
- Measure PUE (Circuit transformers)
- Optimize power distribution (High efficiency transformer and UPS)
- Manage airflow (Close-coupled cooling — Eliminate hot/cold mixing)
- Adjust thermostat (Raise cold aisle temp)
- Use free cooling (Chiller bypass, water-side economizer)
- Use free cooling (Chiller bypass, water-side economizer)
[kml_flashembed movie="http://www.youtube.com/v/zRwPSFpLX8I" width="425" height="350" wmode="transparent" /]
|“Whenever there is a hard job to be done I assign it to a lazy man; he is sure to find an easy way of doing it.”|
Today’s WhatIs.com word of the day is finite capacity scheduling. It’s one of several new definitions we’ve been posting for our newest sister site, SearchManufacturingERP.com.
Right now I’m reading about Walter Chrysler. He was truly an amazing man whose management skills are just as relevant now as they were during the Great Depression. Like his IT counterparts Admiral Grace Hopper and Steve Wozniak, Chrysler learned best by doing. After borrowing a hefty chunk of money to buy his first automobile, he didn’t drive it around town and show it off. He parked it in the barn and took it apart. (His wife was not thrilled.)
Chrysler started out in the railroads and then in 1919 became production chief at Buick, where he was known for his ability to cut costs and still produce a better product. With Chrysler in charge, daily production numbers moved from 40 cars per day to 550 cars per day. Six years later, he took what he learned at Buick and went on to found the Chrysler Corporation.
The thing that strikes me most about Walter Chrysler — besides his flamboyant, enthusiastic personality — was that at heart, he was an artist. In some ways, he reminds me of Paul Jr. from Orange County Choppers. If you look at the Chrysler building in New York, there are automotive architectural details over the place. The eagle gargoyles are modeled after hood ornaments. The crown of the building is a layer cake made out of hubcaps.
If you’re looking for a good read — one that will surprise and delight you — pick up a used copy of
Chrysler: The Life and Times of an Automotive Genius. You don’t need to know anything about cars. You don’t even have to like them. You just need to like technology, art, people, a peek into the mind of a management genius — and a good story.
|The key is that as soon as you have downloaded even a small fraction of an album or a TV program, someone else can upload it from you, without waiting until the file is complete.
BBC News, Q&A: Pirate Bay verdict
The Pirate Bay is in the news because a Swedish court just sentenced four men who run the site to one year in jail and gave them a $3.6 million dollar fine for helping users commit copyright violations.
Defense lawyers argued that The Pirate Bay just indexes the files and doesn’t host any copyright-protected material so their clients were not guilty. The judge didn’t buy it. The site brings in ad revenue while facilitating copyright violations and that’s what did them in.
According to an article on Wired:
The attention brought by the highly-publicized trial has only made The Pirate Bay more popular. The site has swelled to some 22 million users. And thousands of Pirate Bay fans have flocked to sign up for its new $6 anonymization VPN service, which allows torrent feeders and seeders to conduct their business in private without leaving a trace of their internet IP addresses.
|Mainstream Internet users will probably see the new custom domains as too complicated, like 9-digit ZIP codes.|
Today’s WhatIs.com Word of the Day is top-level domain (TLD). It’s in the news because Paul Levins, ICANN’s vice president of corporate affairs has been the subject of a blogswarm. Not Paul himself, mind you, but something he’s been talking about — unlimited generic top-level domains. They’re sort of like vanity licence plates for your website.
Here’s an example — instead of TechTarget’s website being TechTarget.com, the company might pay extra money and ask ICANN’s permission to change their top-level domain to something they want to be known for. TechTarget.ROI for example.
There’s a lot of buzz about whether generic domains will bring us back to 1997 and create a gold rush where speculators register generic domains in hopes of selling them.
Shawn McCarthy points out that ICANN says it will cost $185,000 to set up a new top-level domain name and associated registry. McCarthy says “That alone should weed out a lot of riff raff .”
|When I picked up my car on leaving Vancouver’s Listel Hotel last week, I found a gift-wrapped package on the dashboard with a card on it wishing me a safe journey. Wrapped in purple crepe paper were two meal-sized chocolate-chip cookies. A fun treat on the run? Of course, but so much more. That simple gesture went a long way to assuaging my annoyance at paying $24 a night for parking.
Rick Spence, Surprise marketing tactics endear
Today’s WhatIs.com word of the day is transactional marketing. Most marketing is voodoo to me, but I sort of ‘get’ transactional marketing. It’s like Davies Hardware Store when I was a kid. My mom and I would go in on a Saturday morning and the sales rep (who drove a school bus during the week) would come up and greet us and help us find what we needed. We paid and left. Our whole relationship with Davies Hardware was right there at the point of transaction.
I like that. I miss that simplicity.
A few months back I ordered a sweatshirt at Lands End with a Guiding Eyes logo. A few weeks after that I started getting emails about pet products and several catalogs in the mail clearly aimed at dog lovers. I wasn’t just a customer, I was a target.
Clearly, I’m not just valuable to Lands End because I bought something, I’m valuable because my name and demographics and areas of interest can be sold.
Marketers wrap up all this nonsense under a nice-sounding label. They call it ‘relationship marketing.’ Relationship marketing is supposed be all about customer retention. The idea is that by gathering as much data as they can about you, the company can serve you better.
Unfortunately there’s no real relationship in relationship marketing. Lands End was not being helpful to anyone but themselves by passing my data on.
But there IS a marketing technique they could have used right there at the point of transaction that might have helped them to build a relationship with me and capture my customer loyalty.
It’s called surprise and delight marketing.
According to Joseph Ferrara, the keys to a successful surprise and delight marketing effort are
- a genuine “no strings attached” giveaway
- value that exceeds expectation
- giving at a time of immediate need
- providing an emotional positive experience (a wow response)
- making it personal
I’d also add “Given at the point of transaction.”
What if, instead of just sending me more dog catalogs, Lands End had targeted my order as “dog related” and included a dog biscuit with my Guiding Eyes logo’d sweatshirt?
Wouldn’t that have been cool? Not only would I have been surprised and delighted — I would have been way more forgiving that they passed my name on.
|Industry needs an agreed-upon set of BoM characteristics or fields.
The International Electronics Manufacturing Initiative white paper The Perfect BoM
Today’s WhatIs.com Word of the Day is bill of material (BoM). It’s basically a recipe for a product. A small company with a simple product — like a bookcase — might use an Excel spreadsheet to create their BoM. A larger company with a more complex product — like an automobile, for instance — needs a special BoM software application.
The International Electronics Manufacturing Initiative is trying to promote the idea that BoMs should be standardized. Note the word “International.” It’s new.
To be “perfect,” the BoM should include everything that goes into the product, from raw
materials such as wire, tape and solder paste, to the box that will be used to ship the product.
It should make parent-child relationships clear, differentiating between components and materials that are part of a sub-assembly versus the overall assembly.
For example, information about programmed parts is typically structured differently from BoM to BoM, and is often open to interpretation. The Perfect BoM should include blank parts as well as the software required to program the blanks, indicating the relationship between components and ensuring that all necessary parts and data are provided.