03-10 Contents: Security, Swen, AntiSpam bots, Quality mistakes, Adsense, SoftTest Ireland
This issue online at http://www.sysmod.com/praxis/prax0310.htm
Systems Modelling Ltd.: Managing reality in Information Systems - strategies for success
1) Risk management
Swen mail clogging up my inbox
Spam fighting by robots?
2) The Euro
Silly mistakes still
3) Software Quality
How to make money from bad quality
4) Web marketing
5) Irish news - SoftTest event
Two presentations and an AGM
6) On the lighter side
15 Web links in this newsletter
About this newsletter and Archives
Subscribe and Unsubscribe information
Please let me know what you think of this newsletter - I'm always interested in receiving your comments! Thanks for reading,
I came across this web site recently, showing security policies that are, shall we say, not well thought out:
http://www.privacyinternational.org/activities/stupidsecurity/ Privacy International's Stupid Security Awards
http://www.stupidsecurity.com/ Stupid Security Blog
I don't know about you, but my inbox is getting a lot more of these emails from "Microsoft support" or "undelivered email" which is really the Swen worm. Here are headers typical of it:
Message, Current Net Security Update, Current Network Security Pack, Current Net Critical Patch, New Internet Critical Patch, New Update, latest microsoft patch, Abort Advice, Failure Message, Advice, Error Notice, Message Returned To Sender, Error Report
It caused my inbox to fill up during holidays, but fortunately no real mail was lost - nobody reported a bounce. The email address used has so far been the one on my business card, so many contacts must believe that Microsoft actually do send out patches by email. They don't of course - the MS security site is
You know this already, but do be sure your anti-virus and mail scanners are up to date. I've been using the free AVG antivirus and it's updated weekly at least:
Another solution is to use an email service that scans and filters email for you. A couple of my web sites ( www.MeganOBeirne.com and www.ArtKube.com ) use Blacknight Solutions ( www.BlacKnightSolutions.com ) which implements MailScanner and we're happy with the service.
I've written before on the fun people have giving "Nigerian" scammers the come-on in entertaining ways. Here is someone with an idea for automating this, seen on the Canarie CA*Net list http://www.canarie.ca/canet4/library/list.html
Andrew Odlyzko at the University of Minnesota Digital technology Center http://www.dtc.umn.edu/~odlyzko/ recently came up with a clever idea for fighting spam which I am forwarding here with his permission. His idea "is to raise the cost to spammers by wasting their time. This has been suggested many times", but the (possibly) novel twist Andrew has proposed "is to minimize the cost to the good guys and advance science at the same time. The proposal is to have an annual contest for the best AI program, as measured by how deeply it could keep spammers engaged in correspondence with the program."
This would a good practical use of the Turing test and could greatly entertain numerous AI grad students. As Andrew points out "there are all sorts of little details that one can go into, such as extracting the right email address from correspondence, what to do if the spammers asks victims to call on the phone, etc.,but those can be left to the reader's imagination."
Basic mistakes, I mean. I recently booked a hotel room on a web site and was quoted a price in euro. I booked and the email confirmation quoted the same figure with a pound sign! Naturally I suspected I was going to be charged pounds sterling (GBP) which is 40% more so I emailed them - and that required more work as their from-address was invalid. They confirmed that the euro price was right. But really, to still show pound signs almost two years after the euro changeover is pretty poor website maintenance.
We were away in September on an email-free holiday, so the only comment I have on software is the design of the photo booths in French railway stations. We needed identity cards to get a weekly ticket. Megan put in her 4 euro but told me it would not work for her. I sat in, pressed a button to indicate the kind of picture I wanted, and the recorded voice told me to enter four euro. I entered one euro coin, then another, then it said to press a button. I pressed the picture selection button again, and it said there was not enough money entered. I expected that so put in the other two euro. Nothing happened. I pressed the selection button again and it again told me to put in for euro. I then realised that this must be by design - pressing that button restarts the cycle, ignoring any cash already entered. I tried again, ignoring the second prompt until AFTER the money was entered, and that worked.
So it has no counter for what is entered but not yet used. How convenient for them. No audit trail, no way of proving I entered any money, no chance of getting a refund (no refund button).
This first appeared in my blog at www.sysmod.com/cgi-bin/blosxom.cgi/2003/09/28 which has more on our holiday in Paris and Zurich.
You may have noticed Google Adsense advertisements appearing on my web pages at www.sysmod.com. While this is an easy way to make a few dollars, I would be concerned if any inappropriate adverts appear. As Google do not produce reports on who advertises or what they are advertising, I'd appreciate any feedback on anything that you think should not appear there. As well as reporting the full content of the ad, do please specify the date and time and time zone that it happened, so I can take it up with Google. Thank you!
To give you an example, I'll show a couple of ads in the html version of this PraxIS issue on the web at www.sysmod.com/praxis/prax0310.htm - you won't see them in the plain text version sent my email to the YahooGroup. The ads should be related to the content of this newsletter.
Simply send your comments to FEEDBACK (at) SYSMOD (dot) COM
Thank you! Patrick O'Beirne, Editor
SoftTest Ireland, the special interest group for software testers, will hold its first AGM and networking session in the Holiday Inn, Pearse St, Dublin on Tuesday, October 7 at 6:00pm. This will be the final event of SoftTest Ireland's first year, during which membership has grown steadily, with over 200 testers now actively involved in the group. Registration opens at 5.30pm and the event - which will include the election of a new committee - will be followed by a drinks and networking reception. The evening will also feature presentations from Motorola and Sun Microsystems. Attendance is free for members of SoftTest Ireland and €50 for non-members. Interested parties should register in advance by contacting tracy at testingconferences dot com or calling +353-91-514472. Further details are available at http://www.softtest.ie
I've mentioned Peter de Jager's articles before, but here's a "Truth Pick" I liked:
#183: "I know of no manner of speaking so offensive as that of giving praise, and closing with an exception." Sir Richard Steele.
The UK's answer to Dilbert is the hilarious and cringingly realistic BBC series "The Office" has video clips available: http://www.bbc.co.uk/comedy/theoffice/
http://www.bbc.co.uk/comedy/theoffice/your_office.shtml Sarcastic office wit to help you cling to sanity in your 9-5 hell.
Copyright 2003 Systems Modelling Limited, http://www.sysmod.com . Reproduction allowed provided the newsletter is copied in its entirety and with this copyright notice.
We appreciate any feedback or suggestions for improvement. If you have received this newsletter from anybody else, we urge you to sign up for your personal copy by sending a blank email to
EuroIS-subscribe (at) yahoogroups (dot) com - it's free!
For those who would like to do more than receive the monthly newsletter, the EuroIS list makes it easy for you to discuss issues raised, to share experiences with the rest of the group, and to contribute files to a common user community pool independent of the sysmod.com web site. I will be moderating posts to the EuroIS list, to screen out inappropriate material.
Patrick O'Beirne, Editor
ABOUT THIS NEWSLETTER
"Praxis" means model or example, from the Greek verb "to do". The name is chosen to reflect our focus on practical solutions to IS problems, avoiding hype. If you like acronyms, think of it as "Patrick's reports and analysis across Information Systems".
To read previous issues of this newsletter please visit our web site at http://www.sysmod.com/praxis.htm
This newsletter is prepared in good faith and the information has been taken from observation and other sources believed to be reliable. Systems Modelling Ltd. (SML) does not represent expressly or by implication the accuracy, truthfulness or reliability of any information provided. It is a condition of use that users accept that SML has no liability for any errors, inaccuracies or omissions. The information is not intended to constitute legal or professional advice. You should consult a professional at Systems Modelling Ltd. directly for advice that is specifically tailored to your particular circumstances.
Copyright (c) SML 2003
Please tell a friend about this newsletter.
We especially appreciate a link to www.sysmod.com from your web site!
We guarantee not to sell, trade or give your e-mail address to
To subscribe to this Newsletter send an email to
EuroIS-subscribe (at) yahoogroups (dot) com
To unsubscribe from this Newsletter send an email to
EuroIS-unsubscribe (at) yahoogroups (dot) com
EuroIS is the distribution list server of the PraxIS newsletter. It also offers a moderated discussion list for readers and a free shared storage area for user-contributed files. The archives of this group are on YahooGroups website http://groups.yahoo.com/group/EuroIS/