PraxIS Dec. 2006

06-12 Contents: Word vulnerabilities, IE7 problems, Killer web content, Spreadsheet tips and news

ISSN 1649-2374 This issue online at http://www.sysmod.com/praxis/prax0612.htm   [Previous] [Index]  [Next]

Systems Modelling Ltd.: Managing reality in Information Systems - strategies for success  

IN THIS ISSUE

1) Risk & Security
     New vulnerabilities in Microsoft Word
     UK NHS IT Plan: 12Bn at risk?
     Creeping errors
2) IE7
     Internet Explorer cannot display the webpage
3) Marketing
     Killer Web Content - new book
     Social Networking websites questioned
4) Spreadsheets
     Tip: Identify missing input values
     The Long and Winding Formula
     Yet more error reports in the news
5) Off Topic
     Cartoon: when the only tool you have is a hammer....
18 Web links in this newsletter
About this newsletter and Archives
Disclaimer
Subscribe and Unsubscribe information

_______________________________________________________

Welcome to PraxIS

At the end of the year, I am asking for feedback on what you think could be easier to find on my web site sysmod.com

Have a peaceful Christmas break, and best wishes for 2007.

Patrick O'Beirne

_______________________________________________________ _______________________________________________________

1)  IT Risk and Security

Vulnerability in Microsoft Word Could Allow Remote Code Execution

http://news.zdnet.com/2100-1009_22-6142531.html?tag=nl.e589

A second security vulnerability has been discovered in Microsoft Word in less than a week.

The zero-day flaw could let an attacker gain remote access to a person's system. Security provider Secunia said Monday that it is rating this latest Word security flaw as "extremely critical" because it is unpatched and because malicious attackers are currently exploiting the vulnerability.

Microsoft noted that the vulnerability is different from the security flaw discovered in Word last week, which also is a zero-day problem. In order to activate that flaw, a person would need to open a malicious Word file that was hosted on a Web site or an attachment that arrives via e-mail.

http://www.microsoft.com/technet/security/advisory/929433.mspx

Users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources.

 

The UK National Health Service IT plan

http://www.computerweekly.com/Articles/2006/11/28/220206/mps-will-hold-inquiry-into-12bn-nhs-it-plan.htm

"MPs will hold an inquiry into 12-billion-pound NHS IT plan after some MPs expressed concerns that the scheme may be foundering. The decision reverses a resolution taken by the parliamentary committee only weeks ago not to hold an inquiry, and vindicates a campaign led by leading academics.

The committee in October rejected an inquiry partly because some members believed the programme was too complicated to be investigated by non-expert MPs.

Its change of heart comes after Computer Weekly provided some committee members with new evidence - including a confidential briefing paper on the NPfIT from directors of informatics at a large NHS trust. The paper expressed profound concerns about some aspects of the NPfIT."

 

Creeping errors

Louise Pryor has a monthly newsletter that you can sign up for at

http://www.louisepryor.com/newsArchive.do

Last month, she found a story "Clerical Medical pays out millions for a decimal-point error".

"Apparently there's been an error in the unit pricing data for four years. It all started about four years ago, when a decimal point was put in the wrong place. The errors have mounted up over time. The problem was noticed around a year ago, and since then Clerical Medical (the arm of HBOS where this happened) have gone back through all their policy records to work out exactly which policies have been affected and by how much. "

http://business.guardian.co.uk/story/0,,1958434,00.html

"According to Clerical Medical's calculations some 81,000 policies have gained as a result of the error and some 59,000 lost out. The average gain was 144 - suggesting Clerical Medical paid out 11.6m in error - while the average loss was 95, indicating customers were deprived of 5.6m."

____________________________________________________________
____________________________________________________________   

2) Internet Explorer 7

aka "Internet Explorer cannot display the webpage"

I recently upgraded to IE7. Preston Gralla's Computerworld review said "Just Say Yes to Internet Explorer 7". Scot's Newsletter said "It's a no-brainer for most existing IE6 users" Hah, I wasn't using my brains all right when I did that. Most of the time it starts up reporting "Internet Explorer cannot display the webpage". I have not yet seen a recognisable pattern in when it works or does not; sometimes hyperlinks from Eudora open correctly. Fortunately, Firefox 2.0 was only a download away so I can use that for most sites ... except government sites that think that the world uses only IE6. Again, there, a quick download of the "IE Tab" add-in solved that.

Fred Langa - who has migrated his newsletter to WindowsSecrets.com  - mentioned these sites:

http://msmvps.com/blogs/spywaresucks/archive/2006/07/02/103612.aspx  Sandi Hardmeier has a good explanation (with workarounds) for IE 7's quirky FTP behaviour

http://itmanagement.earthweb.com/columns/executive_tech/article.php/3643691 IE 7 Unbalances QuickBooks; November 14, 2006 by Brian Livingston. The solution (surprise!) is to upgrade to Quickbooks 2007.

http://www.ie-vista.com/known_issues.html List of known issues with IE 7.

____________________________________________________________
____________________________________________________________

3) The Internet marketplace

 

Killer Web Content - new book

I recently attended an Irish Internet Association event where Gerry McGovern's new book was launched. Gerry has a blog with sensible views on web marketing at http://www.gerrymcgovern.com/

His new book "Killer Web Content" focuses precisely on the important feature of web sites. OK, there are a few basic hygiene factors for web sites such as page title and seeded related key words, but really the whole point is content and how it is delivered to meet the needs of the visitor to the page. He tells you 'less is more', i.e. cut the filler. Switch the focus away from your own PR to what the customer wants: "Your customers have a small set of words that summarize what they care about. Find those words, and you're half way to success". Larry English, the Data Quality expert, would support Gerry on why you need to replace the generic term 'users' with more precise role names.

So, let me ask you ... what do you look for on the sysmod.com web site? Is it easy to find? If not, tell me!

Gerry's book is full of direct, no-nonsense advice. He tells you as much what to stop doing as what to do. Writing about the words that customers care about, he gives you practical tools and plans to do this. Of course, he covers blogs, search engine behaviour, quotes from real life case studies, and mercilessly analyses real web sites. It's good, I'm glad I bought it.

http://sysmod.com/az.php?a=071367704X&b=Killer+Web+Content Killer Web Content: Make the Sale, Deliver the Service, Build the Brand, by Gerry McGovern.

 

Social Networking websites

I'm in LinkedIn and Xing (previously known as OpenBC) but the only emails I've got are spammy. Obviously, I could use them in a more aggressive sense, but I've got more interesting things to do. Here's an article on these contact sites:

http://www.cnet.com/4520-6033_1-6240543-1.html

Five reasons social networking doesn't work
By Molly Wood, section editor, CNET.com
Thursday, June 2, 2005

1. There's nothing to do there
2. It takes too much time
3. Traffic alone isn't enough
4. The social hierarchy is really not that attractive
5. We already have the Internet

____________________________________________________________
____________________________________________________________

4) Spreadsheets

Tip: Identify missing input values

How can you find incomplete sets of input data? Or, how can you check that all the cells that are inputs to a formula have a value entered in them? In Excel, you can select the direct precedents of a formula in a cell by pressing Ctrl+[ (opening square bracket). To select precedents at all levels, press Ctrl+{ (opening brace). These actions are also in the menu item Edit > Go To Special. You can then use the Tab key to visit each cell and check its entry. To further narrow down the selection to only those cells that are blank, first perform the selection as just described, then use Edit > Go To > Special > Blanks.

That tip is taken from section 3.2.1 of my book:

Spreadsheet Check and Control: 47 best practices to detect and prevent errors

http://sysmod.buy.ie/catalog/product_info.php?products_id=188  Buy direct from us and get free shipping to EU

http://www.sysmod.com/az.php?a=190540400X&b=Spreadsheet+Check+Control Also available from Amazon.

 

Long and ugly formulas

http://www.dailydoseofexcel.com/archives/2004/06/23/ugly-formulas/ 

Dick Kusleika's blog has some extraordinary examples of ugly formulas. What's the worst you've seen?

Simpler is better, as my book advises.

 

More to add to the Eusprig horror stories page

http://www.morningsun.net/stories/112106/local_20061121006.shtml

"Members of the Pittsburg Fire Department Labor Management Committee said Monday that city firefighters repeatedly asked about a glitch in a spreadsheet formula that overpaid them by close to $150,000 in salary and benefits between Jan. 1, 2005 and May 2006.and later"

We smile at the use of the word glitch, rather than failure, defect, error, mistake, and other terms. But note that they were reporting that they were being overpaid.

_______________________________________________________
_______________________________________________________

FEEDBACK

Simply send your comments to FEEDBACK (at) SYSMOD (dot) COM

Thank you! Patrick O'Beirne, Editor

_______________________________________________________ _______________________________________________________

5) Off Topic

http://neopoleon.com/home/blogs/neo/archive/2003/09/29/5458.aspx Cartoon

Perform this information integration task using only the technology you know....

_______________________________________________________
_______________________________________________________

Copyright 2006 Systems Modelling Limited, http://www.sysmod.com . Reproduction allowed provided the newsletter is copied in its entirety and with this copyright notice.

We appreciate any feedback or suggestions for improvement. If you have received this newsletter from anybody else, we urge you to sign up for your personal copy by sending a blank email to   EuroIS-subscribe (at) yahoogroups (dot) com - it's free!

For those who would like to do more than receive the monthly newsletter, the EuroIS list makes it easy for you to discuss issues raised, to share experiences with the rest of the group, and to contribute files to a common user community pool independent of the sysmod.com web site. I will be moderating posts to the EuroIS list, to screen out inappropriate material.

Patrick O'Beirne, Editor
_______________________________________________________
ABOUT THIS NEWSLETTER
"Praxis" means model or example, from the Greek verb "to do". The name is chosen to reflect our focus on practical solutions to IS problems, avoiding hype. If you like acronyms, think of it as "Patrick's reports and analysis across Information Systems".
Please tell a friend about this newsletter.
We especially appreciate a link to www.sysmod.com from your web site!
______________________________________________________
ARCHIVES
To read previous issues of this newsletter please visit our web site at http://www.sysmod.com/praxis.htm

DISCLAIMER
This newsletter is prepared in good faith and the information has been taken from observation and other sources believed to be reliable. Systems Modelling Ltd. (SML) does not represent expressly or by implication the accuracy, truthfulness or reliability of any information provided. It is a condition of use that users accept that SML has no liability for any errors, inaccuracies or omissions. The information is not intended to constitute legal or professional advice. You should consult a professional at Systems Modelling Ltd. directly for advice that is specifically tailored to your particular circumstances.
_______________________________________________________
PRIVACY POLICY:
We guarantee not to sell, trade or give your e-mail address to anyone.
To subscribe to this Newsletter send an email to
EuroIS-subscribe (at) yahoogroups (dot) com
To unsubscribe from this Newsletter send an email to
EuroIS-unsubscribe (at) yahoogroups (dot) com
EuroIS is the distribution list server of the PraxIS newsletter. It also offers a moderated discussion list for readers and a free shared storage area for user-contributed files. The archives of this group are on YahooGroups website http://finance.groups.yahoo.com/group/EuroIS/
_______________________________________________________