January 25, 1999 - Newsletter #12
Application Security Testing: An Integral Part of DevOps
January 25, 1999 - Newsletter #12
Please visit http://www.htmlgoodies.com.
Greetings, Weekend Silicon Warriors...
Did you make the cookies? Aren't they good?
I'm in my last week of break before going back to school to teach the Spring semester and I'm looking forward to it. This semester I'm teaching a class fully on-line. It's the first time it's been done at my school. I'll let you know if anything really amazing happens (or at least the outcome)!
Newsgroups, mass e-mails, and fully formed Web sites are beginning to carry the claims of people who state they can help you repair, or prepare for, the impending silicon burp. The problem is that it is often difficult to tell a viable offer of help from snake oil. In an effort to help you make a more informed decision, and hopefully not to get scammed yourself, I went into cyberspace to seek out some of the current Year 2000 proposed solutions. The claims I found seemed to fall into three distinct categories:
(2) seemingly viable but not, and
(3) possibly helpful.
I found the wilder claims to be in the Internet newsgroups. Most were rather obvious scams. One offered to sell me non-hybrid seeds, as the hybrid versions would not work after the year 2000. Another claimed the entire world system of computers would fail and precious metals would be the only method of currency. He was selling gold coins. Yet another offered a 1-800- number that played a recorded message on setting up your own secluded outpost before the computer crash. This person believed society would revert to a Mad Max survival approach. Of course, you could buy everything you would need from him.
The seemingly-helpful-but-not claims require a bit of background knowledge to debunk. One was selling battery- powered telephones. It's an interesting idea, but the phone companies generally use a UNIX-based format that won't be greatly affected by the bug. And even if the power does fail, your telephone is powered by battery anyway. That's why your phone continues working even when the power turns off. The Y2K bug is mainly an IBM, PC format concern, yet there are solutions out there for Apple-style computers. Obviously it's not needed, but some people might not know that.
Most of the possibly helpful claims are on the World Wide Web. These are mainly software packages that claim to be able to fix your Y2K problems quickly and easily. The problem is that the Y2K bug is not only a software, but also a hardware, problem. Software packages will only have a limited effect if your computer's hardware is at the root of your concerns.
Software package Web pages seem aimed mainly at the home PC user. Prices range from $50 to $100. One claims it will check your system and report back if you need any major hardware or software upgrades. Others claim they will add "patches" to fix Y2K problems in existing programs. Many home computers running a Windows 95 operating system are Y2K-compliant, but will need to have the year manually updated on January 1, 2000. One software package claims it can do that for you. This all seems plausible.
Then there are the software packages that claim 100% guaranteed protection against the Y2K bug. While the guarantee may sound impressive, the fine print isn't. The majority of the software is for Windows 95 only. Windows 95 is already pretty close to being compliant, as are many of the programs that run under its umbrella. The less powerful Windows 16-bit operating systems will need the most upgrading, but often a version isn't available for that. One site offers a university study as support for its package's effectiveness. In the 10- page report, the software is mentioned once, toward the end. In addition, the first line of the study's conclusions note that there is no 100% guaranteed cure for the Y2K bug, even though the software package is claiming one.
So what's a person to do? The short answer is to take matters into your own hands. Do not rely on a "quick fix." I don't believe there is one.
The first step is to find out if your computer is compliant. Go to the manufacturer's World Wide Web site. You will most likely find a Year 2000 compliance chart. There you will either be told your system is compliant or you'll be given instructions on what to do to make your system compliant.
If you have an older system, or the manufacturer is out of business, the solution may be to get a hardware upgrade. If a Web site is not available, you will need to contact the manufacturer directly.
But don't stop there. Look around your home or office: Fax machines, microwave ovens, refrigerators, or anything that plugs into the wall probably contain a computer chip. Note the item's manufacturer and go to that Web site. Luckily, my vacuum cleaner is compliant; some aren't. In less than an hour, while sitting at my computer, I was able to confirm the compliance of every item in my home office.
There is no quick fix, yet they're being offered. To be sure you're getting valid information, take matters into your own hands. Don't wait until January 1, 2000, to see if the guarantee is valid. If your computer does crash, how will you e-mail the company to ask for your money back?
That's that. Hope you enjoyed it.
Joe Burns, Ph.D.
And Remember: If you're ever asked to write an equation using ten digits, zero through nine, and have it equal one, use the following: 148/296ths + 35/70ths = 1.
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...