PraxIS February 2004 ISSN 1649-2374

04-02 Contents: Trustworthy E-Voting, MyDoom, Gone Phishing, SoftTest Event, Disk full on Mars, Eurobarometer,sue over cappucino price, HMT euro compatibility guide

This issue online at http://www.sysmod.com/praxis/prax0402.htm [Previous] [Index] [Next]

Systems Modelling Ltd.: Managing reality in Information Systems - strategies for success

IN THIS ISSUE

1) Risk management
Irish Citizens for Trustworthy E-Voting

2) Internet and e-business
W32.Novarg.A@mm (aka MyDoom)
Gone Phishing

3) Software Quality
SoftTest Ireland Quarterly Event: 9th Feb, Dublin
Disk full on Mars

4) European affairs
    Eurobarometer : The €uro, two years later
    Italians sue over cappucino euro conversion
    UK Treasury publishes euro compatibility guidance

5) On the lighter side
Marvin can't find the page

20 Web links in this newsletter
About this newsletter and Archives
Disclaimer
Subscribe and Unsubscribe information

_______________________________________________________

Welcome to PraxIS!

What do you find interesting in these newsletters? What would you like me to talk more about? I'm always ready to hear from you!

Patrick O'Beirne

_______________________________________________________

1) Risk management

Irish Citizens for Trustworthy E-Voting

http://www.electronicvoting.ie

The Irish government is pressing ahead with plans for electronic voting although many IT professionals have questioned the auditability and trustworthiness of the proposed system.

The website of the recently formed Irish Citizens for Trustworthy E-Voting is www.evoting.cs.may.ie/
They have a mailing list at: http://lists.stdlib.net/mailman/listinfo/e-voting
Michael says: "The software is still being debugged, the source code which will be run on election day is not going to be available to the department of environment until a few weeks after the election is run, and there is *no* audit trail whatsoever of any worth which makes recounts etc. completely pointless and unless a ballot machine fails spectacularly errors cannot be spotted."

http://www.nytimes.com/2004/01/31/opinion/31SAT1.html NY Times op-ed "How to Hack an Election" concludes with the remark "Given the growing body of evidence, it is clear that electronic voting machines cannot be trusted until more safeguards are in place."

____________________________________________________________
____________________________________________________________

2) Internet

W32.Novarg.A@mm (aka MyDoom)

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100983&cid=9539

You can't have missed it - unless you work behind some very heavy mail filtering. Some of the news coverage was a bit superficial. The advice is frequently given "not to open emails from strangers" That misses the point. Mail from someone you know can be infected too, and many Irish businesses were hit this time. Woody's advice is simple: "Never open or run a file attached to an e-mail message until you (1) contact the person who sent you the message and verify that he or she specifically sent you the file, and (2) save the file on your hard drive, update your antivirus software's signature file, and run your antivirus software on the file." http://www.woodyswatch.com/windows/archtemplate.asp?7-02

People were warned to watch for the extensions .cmd .pif etc. Unfortunately, because the default (stupid) setup of Windows is to HIDE extensions, most people will not see these. Instead they will see the fake extension of the worm like "nicefile.txt ...(lots of spaces)....zip" or such like.

The advice "keep your Anti-Virus up to date" is good - but many people think "we only bought it at Christmas" or whatever. I recommend "update your AV TODAY" or even better "Every day".

AND install a firewall like ZoneAlarm - www.zonelabs.com to protect your PC while online.

____________________________________________________________

Gone Phishing

"Phishing" is a scam whereby people are sent emails from apparently trusted sources that are really scam sites. There have been quite a few attempts recently on bank sites. I also got a few that said my credit card had been charged for a 3 month subscription to child p0m (I munged that word to get past email filters) and to cancel it, just send full credit card details to some email address. But in fact that in turn seems to be somebody getting back at other marketers .... a Matrix-like game of mirrors.
http://groups.google.com/groups?&selm=5VnSb.3066%24F23.1764%40newsread2.news.pas.earthlink.net

Some of these exploits were aided by a long-standing vulnerability in Internet Explorer that Microsoft finally closed off recently. The RISKS Digest 23.16 described URLs of the form http://reasonable.site.name @criminal.site.ip.address/index.html. The Microsoft Knowledge Base article about the security update is at http://support.microsoft.com/default.aspx?kbid=834489 Well, when I say "closed off", I mean they issued a patch. I wouldn't care to guess how many users will actually install it.

____________________________________________________________
____________________________________________________________

3) Software quality

SoftTest Ireland Quarterly Event: 9th Feb, Dublin

The Holiday Inn, Pearse St., Dublin on Monday February, 9th 2004 from 18.00 to 19.30hrs.
Presentations include;
First Time Experiences of Test Automation, Shane Keville AIB
Shane will describe the harsh realities and the lessons learned in applying test automation for the first time to the AIB 24 hour Online banking system.
Testing in Small Companies - Ken Brennock, Insight Test Services.
Ken's theme is "You've no budget, you've no resources, you've no say, and you'll sign off on the new release in two months. " The aim of this case study is to show how an under resourced tester or test team can add and be seen to add value to a company. It will discuss how to communicate, set expectations, and ensure that the test adds value.
For more information on SoftTest Ireland please visit www.SoftTest.ie

____________________________________________________________

Disk full on Mars

http://spaceflightnow.com/mars/mera/040126spirit.html

"NASA's Mars Exploration Rover Spirit appeared to be teetering on the brink of failure last week when ground controllers lost contact with the craft sitting in Gusev Crater... It is now believed that the rover's flash memory had become so full of files that the craft couldn't manage all of the information stored aboard. Spirit bogged down because it didn't have enough random access memory, or RAM, to handle the current amount of files in the flash... Controllers are preparing to delete hundreds of cruise files in hopes of lessening the burden." Shouldn't the software manage space allocation a little better than that?
_______________________________________________________

4) European affairs

Eurobarometer : The €uro, two years later

http://europa.eu.int/comm/public_opinion
Published Dec 20003
Some selected findings of this public opinion poll conducted Oct-Nov 2003:
1.4.2 Price conversion
The feeling that prices were converted to the detriment of consumers is getting stronger as time passes
4.3 Reducing differences between prices
The public is hardly inclined to believe the single currency contributed to the reduction of price differences in countries of the euro zone
5.4 The euro and the development of a European identity
The single currency does not to seem to be viewed as a factor that enhances the European identity of respondents
6. Satisfaction of citizens in the euro zone
Less than one out of two citizens satisfied with the switchover to the euro Within the euro zone a mere 47% (down 3 points) of respondents said they were happy with the euro becoming their currency.

_______________________________________________________

Italians sue over cappucino euro conversion

www.agi.it/english/news.pl?doc=200401162024-1215-RT1-CRO-0-NF11&page=0&id=agionline-eng.oggitalia
COST OF LIVING:MANY ACTIONS AGAINST PRICE INCREASES READY
(AGI) - Rome, Italy, 16 January - Since this morning Codacons has been overwhelmed by peoples requests, having heard the news of the first case won over the rounding-up of prices on the lire/euro conversion - a case taken up by Codacons against a bar in Ladispoli, which on 1 January 2002, increased the price of a cappuccino from 1500 lire to 1 euro - intend to pursue the same issue. This is why Codacons has added to its internet site, www.Codacons.it, a practical guide via which the consumer can obtain useful information on the issue and make up his own mind. But who can launch a complaint against an excessive increase in prices? In principle it can be done by any consumer whose shopkeeper has not respected the principles set out in the conversion law. In any case, Codacons has made it known, that whoever has kept receipts or documents or even just simple statements about the excessive price round-up can have their complaint heard before a Justice of the Peace. (AGI)
162024 GEN 04 COPYRIGHTS 2002-2003 AGI S.p.A.
Many more stories in Italian: http://www.codacons.it/rassegna.asp?area=36
Update 18 Jan: CNN reports it too: http://edition.cnn.com/2004/WORLD/europe/01/18/italy.cappuccino.ap/
and EUBusiness.com: http://www.eubusiness.com/afp/040119134659.eypalgpk
Comment: It does seem very slow to take two years to react to a retail price rise. And to expect people to have coffee receipts two years later sounds like an attempt to say the problem was addressed without having to do too much about it. Have you heard of similar actions?

_______________________________________________________

UK Treasury publishes euro compatibility guidance

http://www.euro.gov.uk/changeover.asp

This document can be accessed from the Treasury Internet site at: www.hm-treasury.gov.uk "This document is intended as a guide for public sector managers and does not provide the level of detail required for full policy, process or system development. It represents a framework for planning and is not a substitute for detailed design requirements, specification and development. This document addresses the development of policies, processes and systems that would operate before any UK decision to join the euro, during a transition period and following a UK E day. It will be necessary to assess which elements of this document are appropriate, depending on the services that would be offered at the various stages of any UK changeover."

Chapter 1 Introduction
Chapter 2 Considering euro compatibility
Chapter 3 Defining euro compatibility
Annex A The definition of full euro compatibility under various planning scenarios
Annex B Business issues for consideration
Annex C Checklists for building in euro compatibility
Annex D Some typical euro requirements
Annex E Wording for procurements
Annex F Draft public sector consumer code of conduct
Annex G An interpretation of technical terms

I've just had a quick scan and it looks good at first reading. One tiny technical extra point is in reference to the gaps that appear when sterling amounts are expanded. That does not happen just because they used whole pound amounts. Gaps can appear even in pence steps.

_______________________________________________________

FEEDBACK

Simply send your comments to FEEDBACK (at) SYSMOD (dot) COM

If you like the newsletter, a great way to show your support is to make your next book or CD purchase from our Amazon shop page!

Thank you! Patrick O'Beirne, Editor

_______________________________________________________ _______________________________________________________

5) On the lighter side

404 in the voice of Marvin

A robot depressed because he cannot serve the web page you were looking for...

http://bcn.boulder.co.us/~neal/humor/marvin-the-server-404.html
http://www.scintilla.utwente.nl/404

Based on the paranoid android character Marvin in the "Hitchhiker's Guide to the Galaxy" by Douglas Adams.

_______________________________________________________
_______________________________________________________

Copyright 2004 Systems Modelling Limited, http://www.sysmod.com . Reproduction allowed provided the newsletter is copied in its entirety and with this copyright notice.

We appreciate any feedback or suggestions for improvement. If you have received this newsletter from anybody else, we urge you to sign up for your personal copy by sending a blank email to EuroIS-subscribe (at) yahoogroups (dot) com - it's free!

For those who would like to do more than receive the monthly newsletter, the EuroIS list makes it easy for you to discuss issues raised, to share experiences with the rest of the group, and to contribute files to a common user community pool independent of the sysmod.com web site. I will be moderating posts to the EuroIS list, to screen out inappropriate material.

Patrick O'Beirne, Editor
_______________________________________________________
ABOUT THIS NEWSLETTER
"Praxis" means model or example, from the Greek verb "to do". The name is chosen to reflect our focus on practical solutions to IS problems, avoiding hype. If you like acronyms, think of it as "Patrick's reports and analysis across Information Systems".
Please tell a friend about this newsletter.
We especially appreciate a link to www.sysmod.com from your web site!
______________________________________________________
ARCHIVES
To read previous issues of this newsletter please visit our web site at http://www.sysmod.com/praxis.htm

DISCLAIMER
This newsletter is prepared in good faith and the information has been taken from observation and other sources believed to be reliable. Systems Modelling Ltd. (SML) does not represent expressly or by implication the accuracy, truthfulness or reliability of any information provided. It is a condition of use that users accept that SML has no liability for any errors, inaccuracies or omissions. The information is not intended to constitute legal or professional advice. You should consult a professional at Systems Modelling Ltd. directly for advice that is specifically tailored to your particular circumstances.
_______________________________________________________
PRIVACY POLICY:
We guarantee not to sell, trade or give your e-mail address to anyone.
To subscribe to this Newsletter send an email to
EuroIS-subscribe (at) yahoogroups (dot) com
To unsubscribe from this Newsletter send an email to
EuroIS-unsubscribe (at) yahoogroups (dot) com
EuroIS is the distribution list server of the PraxIS newsletter. It also offers a moderated discussion list for readers and a free shared storage area for user-contributed files. The archives of this group are on YahooGroups website http://groups.yahoo.com/group/EuroIS/
_______________________________________________________

[Previous] [Index] [Next]