http://www.digitronix.com.auRSS feeds for DigiTronix PTY LTD60http://www.digitronix.com.au/Articles/tabid/763/articleType/ArticleView/articleId/13/When-SPAM-and-AntiVirus-doesnrsquot-work.aspx#Comments0http://www.digitronix.com.au/DesktopModules/DnnForge%20-%20NewsArticles/RssComments.aspx?TabID=763&ModuleID=1129&ArticleID=13http://www.digitronix.com.au/DesktopModules/DnnForge%20-%20NewsArticles/Tracking/Trackback.aspx?ArticleID=13&PortalID=0&TabID=763http://www.digitronix.com.au/Articles/tabid/763/articleType/ArticleView/articleId/13/When-SPAM-and-AntiVirus-doesnrsquot-work.aspxBeing a consultant to the mining industry we often have to undertake additional training to remain certified and competent in all aspects of mining and mine safety.   Just this week I attended one such exercise over a two-day period and whilst the training itself was rigorous there were a few breaks to network and interact.   The trainer, a jovial 60-year old coal miner, was checking his email in-between the major breaks via his wireless broadband (although I doubt the 500mb limit would do him much good) and whilst he knew plenty about coal mining (he started when he was 15 in Scotland) one can only assume that he either couldn’t work the projector or didn’t care as his email was displayed on the classroom screen for all to see.   Whilst this is nothing new to see I did notice that just about every break that at least one or two SPAM messages came through.  With all of today’s technology and tools a our disposal I would expect maybe one or two a week – but this was more like 12 a day.   Now over the years one gets to learn the tray icons that run in the lower right hand corner of Windows and it struck me that the trainer was running “protection” software from an industry heavyweight in the anti-virus space.   But it wasn’t working.   And that’s the risk with this kind of software.  It started as an anti-virus software and when firewalls became the norm it adapted.  Then spam started to bug everyone and it adapted too.   But it’s core skill is still in fighting viruses.   So all the while this software is doing more, scanning more, anticipating more and preventing more and its CPU and memory is more.  Seriously I wonder who’s the virus here?!   And it was letting SPAM through.   This is the problem with this kind of software.  It depends on so many factors.  It depends on updating itself every day at some set interval.  It depends on your PC’s ability to hold the spam and anti-virus databases and it depends on your Internet connection –- far too much.   Consider this:  Before the anti-spam software can do it’s “magic” it has to download the email from your ISP or host.  At that point it’s too late.  You’ve already downloaded the spam and apart from eradicating the annoyance of reading it little else has been achieved.   If you use one of these “washer” programs and think you’re covered – think again.  SPAM has evolved beyond the basic check of email headers.   It’s astonishing too that some ISP’s consider that a variable accuracy open-source anti-spam and anti-virus solution is good enough solution for your email.     And so the vicious cycle begins.  The crowd that you fork-over money to decides that your money is only good enough for a mediocre anti-spam and anti-virus solution.  So you fork over more money to another crowd that decides in order to protect you as well as it can on a best-effort basis that it needs to chew up all of your PC’s resources.  To fix that you donate money to the coffers of PC manufacturers and so it goes on…   … and we’ve had enough of it …   … quite enough.   Whilst we do operate a hosting division within DigiTronix (namely DigiHost) it offers only business-grade hosting. And whilst we may use the same software offered at other hosting providers we install our copies on enterprise-grade servers of significantly higher quality and reliability than “entry-level” servers.   We install perimeter and core firewalls and re-enforce this with intrusion detection services – something overlooked by the cheap providers.   However there is one thing that we have done so differently that you may very well be surprised.   We’ve turned off all of our spam and anti-virus scanners.  That’s right. We’ve turned them off.    They don’t work.    The best we’ve ever achieved was around 86% spam reduction and this after two years of “training” the filter.  For the volume of mail we did it equated to around 120,000 spam messages slipping through every month – completely unacceptable.   Today we use a distributed cluster of “spam firewalls” as seen on the left manufacture by Barracuda Networks.   These appliances offer spam accuracy of 94% out of the box and with training creep as high as 99.4%.     Anti-virus, anti-spamming, anti-phishing, anti-spoofing and all the other anti’s are incorporated within this device.   Recently we have taken the decision to offer this excellent protection to customers outside of our network via our new jamspam service.   There is no software and nothing to install and or as little as 60c per email address per month you could have enterprise-grade protection.   For more information on this service please see http://www.jamspam.com.auDigiTronixFri, 06 Feb 2009 15:40:00 GMTf1397696-738c-4295-afcd-943feb885714:13http://www.digitronix.com.au/Articles/tabid/763/articleType/ArticleView/articleId/12/The-thing-about-email-ldquobackupsrdquo-ishellip.aspx#Comments0http://www.digitronix.com.au/DesktopModules/DnnForge%20-%20NewsArticles/RssComments.aspx?TabID=763&ModuleID=1129&ArticleID=12http://www.digitronix.com.au/DesktopModules/DnnForge%20-%20NewsArticles/Tracking/Trackback.aspx?ArticleID=12&PortalID=0&TabID=763http://www.digitronix.com.au/Articles/tabid/763/articleType/ArticleView/articleId/12/The-thing-about-email-ldquobackupsrdquo-ishellip.aspx…that nobody does them properly.   And it is very difficult to do, too.  Even if you were familiar with your email software (well, at least from the perspective of “driving” it) you’re still required to be expertly familiar with the many locations that it stores its files and databases in.  Then you have to consider whether the tools you’re using (hopefully not “drag & drop”) can support open files and let’s not even discuss whether that was the index or the data that you’ve just copied to a “reliable” backup media.   At the end of the day it’s just all too hard.   We won’t even discuss the reasons you chose to back-up email in the first place.  Was it because your email had undergone metamorphosis in to your central filing system or had it become your database of crucial information?   Whatever the scenario we must all accept and acknowledge that email has become a crucial aspect of daily life – just like the telephone, the car and the morning cup(s)(ss)(sss) of coffee.  So if email is that important why is it afforded lesser rights?   Why is email “backed up” using “Windows Explorer” on to a “removable” hard-drive?  I’m sure there are good intentions behind this but having good intentions is no substitute for good intent.    One of the justifications no doubt offered for the “removable” storage is that the said media can be taken “off-site” for “security” and “redundancy” (two lovely industry buzzwords right there).  Yet the said media returns the very next day (if it was ever removed the night before) with the exact same data – unchanged.   So it’s not a very good backup strategy if you bring back the exact media you sought to protect, is it?  If I was working on a document – say this article right here – and I backed it up on a “removable” device then if my PC crashed tomorrow morning at exactly 07:00am I would be sweet, right?    But the real world does not work like that (if it did I could tell Windows Vista when it would be most appropriate to crash through some drop downs and check boxes) and we should also consider the consequence of the action.   Let’s assume this article which for simplicity we will call article.doc is saved to my “removable” device.  The next “backup” I do will also be article.doc to the device and it will overwrite the first copy.  Perhaps this is acceptable to you but consider instances where you need to merge and revert changes.  Overwriting article.doc negates any past information that may have been there so you will never have backed up that data which is most important – past information.   And that, right there, is the crux of a backup.  Saving old information.  Keeping a copy of the exact information on your PC (assuming you backed up the right information) is not a backup.  It’s nothing more than a redundant copy of information.  Sure you (might) be able to fall back on it but that’s assuming that no information changed anywhere on your PC between the time it was backed up and the time it lost information.   You know it and I know it too – your “removable” hard drive will fail.  It’s a mechanical device.  Motors get worn, platters get scratched and all of a sudden you’re facing an ailing hard drive.  But this does not affect you because you have a spare one on the shelf and in any case you verify the media before you write to it and quite frequently test a restore to make sure it works.  Right?  RIGHT?!   What about the content of the email?  One of our customers lost a lawsuit of some $160,000 plus expenses (so really, their house) because they could not prove anything contrary to courts when required.  Where was the information?  You guessed it.  A string of email correspondence that went missing during a system crash.   When you have a he-said, she-said barney you really need the I-said part.   Quite clearly this is a flawed “redundant copy” strategy and very dangerous, but there are low-cost and safe options available to you.   DigiTronix PTY LTD has partnered with a prominent Australian online vendor to provide a 100% reliable back-up solution and strategy.   After careful scrutiny and a trial of the service on our own systems (heaps of GB’s) I was impressed with it’s features and performance.   Firstly there’s the question of file types and file state and if you’ve ever worked with enterprise data you’ll know what a tedious job this is.  Every file likes to be backed up differently.  Microsoft Exchange for example prefers you to back up the individual mailbox (stuck somewhere in the abyss of a large data store) through it’s API’s.  Open data files such as those from QuickBooks or MYOB normally back-up as corrupted data if the software cannot handle open files.   However the Online Backup Manager handled everything I could throw at it.  It’s also smart – just like the “big boys” software.  For example the usual “Windows Explorer” copy (or even any other bad software) makes an exact copy of the file to the media.  However the tool makes an incremental copy of the file.   And this is important because the service is an online service.  There is no need to back up the same file every night if it has not changed and the Online Backup Manager (the tool) checks every file for changes before backing it up.  Thus only changed files are backed up saving heaps of traffic with your ISP (and charges).  The Online Backup Manager backs up changed files only and never the entire file.  Only the changed data is transmitted to the service.   Even very large files that have changed do not need to be transmitted in their entirety. The Online Backup Manager compares today's file with the file on the Backup Server and then only sends the portion of the file that has changed today. This means that even your ever-increasing Outlook.pst file that would take hours to transmit in full can be backed-up in just moments as it has usually only changed by a few megabytes.   The Backup Servers keep a history of your data and can rebuild back to a previous version (days, weeks or even months before), beyond even the most recent backup. So if you have a file, for example, that developed a corruption 6 backups ago, you can restore your data backup to 7 backups ago, before the corruption occurred.   And the data is SECURE.  Triple AES secure.  This might not mean much but consider that the FBI uses the same encryption standard to encrypt all of its TOP SECRET information.  Moreover the data is stored away from your offices on buzzword-compliant hardware so you’re safe.   Just like “big boys” software the backups can be scheduled to whenever and how often you want.  A complete “set and forget” approach.   The price is what finally pushed me over.  $50 for 10GB per month and all restores are free.  They’ll even make a DVD for free.   Now is there any excuse not to back up properly?   For more information on this please Contact Us.DigiTronixMon, 19 Jan 2009 04:53:00 GMTf1397696-738c-4295-afcd-943feb885714:12http://www.digitronix.com.au/Articles/tabid/763/articleType/ArticleView/articleId/10/SPAM-can-take-your-life-away.aspx#Comments0http://www.digitronix.com.au/DesktopModules/DnnForge%20-%20NewsArticles/RssComments.aspx?TabID=763&ModuleID=1129&ArticleID=10http://www.digitronix.com.au/DesktopModules/DnnForge%20-%20NewsArticles/Tracking/Trackback.aspx?ArticleID=10&PortalID=0&TabID=763http://www.digitronix.com.au/Articles/tabid/763/articleType/ArticleView/articleId/10/SPAM-can-take-your-life-away.aspxThere’s no doubting it.  SPAM is Internet cyber-crime at it’s best.  What’s worse is that it’s white-collar crime targeted at people just like you and me.   SPAM is a way for techno-savvy criminals to run their scams and cons with one purpose in mind: to part careless people from their money.  And there are so many careless people.  Statistically half the world has only a basic knowledge of email.  Coupled with thousands of newbie's entering the email world every day Spammers are not short of gullible victims.   Gullible victims that feel the urge to click “REMOVE” in email messages supposedly erroneously sent to them.  Every time they do this they validate their email address on a list of “People who responded” allowing the list of active addresses to be sold to other Spammers.  Spam is a business.  The more you click “REMOVE” the more Spam you will get.   YAHOO has been telling us this for years.  As a totally random exercise I created a new account at a free email provider.  Within four hours I received three Spam messages.  Clicking “REMOVE” on those messages brought another 15 within an hour – an increase of some 400%.  Burdening myself further I clicked “REMOVE” on eight of the 15 messages and signed-up to “free” offers on six of the advertised sites (although I doubt I will ever get my “free gift”).   It’s been four days and the email box is now at 423, no, 426 Spam messages.  So in just four days my Spam has increased 14,100%.   Every society in the world has its conmen, swindlers, cheats, thieves and petty criminals.  On the Internet they become Spammers, Crackers and Hackers and they all work together to form a nearly untraceable wide spread network of cyber-criminals.  Few of these criminals are ever caught and fewer still are prosecuted and with so many at large their gullible victims are in real trouble.   These cyber-criminals work hard at crafting their special scheme be it mortgage loans, credit loans, debt reduction, stock forecasts or whatever but their plan is clear.  What they are really after is your credit card number, hard-earned money and other personal data for their Identity-theft scheme.   It’s been confirmed too.  Identify-theft is the fastest growing crime in the world and a fair portion of it comes directly from responding to Spam.    Unfortunately the gullibility does not stop there.  Not all Spam comes directly from swindlers.  Some of it originates from real people thinking they’re working for a legitimate business selling their life insurance, health insurance or lending products.  These “sales persons” were themselves recruited by Spammers advertising via email or newspapers advertising those lucrative “work from home” jobs.  They don’t know it but they’re working for criminals.  Criminals sometimes operating from prison.   These are the total strangers who say “Here’s the information you requested” when you didn’t.  The strangers who just write to say “Hi” or the stranger who just so happens to have seen you and has a crush on you.   Users of Internet-banking, eBay, PayPal and Western Union are at a great risk too.  They receive messages identical in every way to that of the on-line service asking for registrant information or confirmation for one good reason or another.  The link they supply is the link of your on-line service but secretly in the background your information is being fed directly to the criminal’s cyber-headquarters.   These scams are given cute names like “spoofing” and “phishing” and completely belie the incredible danger that the victim is in.  Downplaying the danger yet alerting you to it is vital to on-line business.   Does it pay to Spam?  This article in TheRegister indicates that 80% of the Internet’s Spam originates from 200 professional gangs.  This report by research firm IDC predicts annual email volumes to be at around 97bn with more than half attributed to Spam.  Clearly with such large volumes of email a Spammer needs only a small percentage of respondents to be successful.   The moral of the story: Don’t click “REMOVE”.  Don’t respond to Spam and most certainly do not volunteer information of any nature because an email asked you to do so.   Our future articles will discuss anti-spam techniques and the best steps to take to protect yourself.DigiTronixThu, 15 Jan 2009 00:40:00 GMTf1397696-738c-4295-afcd-943feb885714:10