For me this has appeared in projects where two ISP businesses have brought their customers under one organisation and these customers do not have unique username to identify them selves to the new ISP. What! Two ‘Fred’s!! Will the real Fred please step forward? Hmm, if only it was that simple. In the late ’90 when ISP’s and online portals were coming together this happened time and again, and it was always messy.

At around the same time the ‘kiddies’ got their hands on software that would allow them to steal passwords from customers in the school holidays. So now usernames and passwords are under siege. A single stolen password could be reused by the baddies over and over again without recourse.

Then spam came along and polluted the one personal identifier that the whole internet had agreed from the outset would be unique. Bugga. Stopping spam and protecting mailboxes became another major project. Without a way of identifying who the hell sent the spam in the first place, or even being sure who sent what looks like the good email, then all manner of arcane solutions had to be employed.

By now the ‘kiddies’ have grown up and are selling their password stealing skills to the spammers who are selling their spam networks to real criminals, who don’t want you email. They want your bank account. Enter the rise and rise of ‘phishing’.

So now I am looking at ways of improving on the humble static password. When was the last time you changed yours? Are you sure nobody else knows it?

All of these things tie right back to ‘identity’ (as the industry insists on calling it). Who am I? Who are you? And how do we prove it to each other in such a way that it doesn’t get in the way of what we were trying to do in the first place.

I want to talk about this here because there is a lot in this idle mind that I need to get out. I know this stuff and I hear some of the biggest names in many different industries grappling with the same problems and, in my opinion, in quite misdirected ways. This surge of blog energy was inspired by an interview with Kim Cameron on Microsoft’s Channel 9. I get frustrated because i believe that they are trying to solve the wrong problem, and as a result won’t get the outcome they are seeking.

But although privacy is important that is not the real threat. There is a real danger that spyware has already found its way onto your computer. Over the last three years there has been a very dangerous convergence between organized crime and the writers and creators of these online nasties.

This past year I have been working with a bank to help them find a solution to help their customers to protect themselves when they bank online. This has been an exciting job, but ultimately disappointing. Disappointing because there is an ongoing denial of the inability of customers, who are just general computer users , to reasonably be able to protect their home computers.

I recently experienced this for myself. when out of the blue i started to get my homepage redirected, and popup began to harass my browsing experience. More than anything, this passed me off. How dare someone compromise my machine! This happed despite a security update regime that borders on the obsessive, with OS patches, antivirus updates, firewalls, and multiple anti spyware applications running and regularly updated. And still it got through, and even after running separate spyware & virus scans I couldn’t get it off.

Now I did get rid of it eventually by going through every running process and looking it up via the omnipresent Google, then killing off the nasty manually, but this is beyond the reasonable expectations of the majority of computer users.

To add insult to injury I noticed today that Westpac have updated their terms of use for internet banking. The amazing (to me anyway) addition is a clause on spyware:

“Part 3, page 11 – Spyware
If you knowingly use a computer that contains software, such as Spyware, that has the ability to compromise access codes and/or customer information, you will be infringing our rules for access code security referred to above and we will not be liable for any losses that you may suffer as a result.”

For all of the reasons above it is unreasonable to expect that mass market pc users are going to comply with this clause .simply because even with the best intentions they are defending against a determined and financially motivated foe. Actually that probably describes the bank as well.

While I was working on anti spam projects this was a question that came up all the time. The challenge of spam is that the definition of it is a kind of continuum, with email that you want and value at one end and crappy porno, and scam related junk mail at the other end. In between though there is a grey are that generates a lot of passion from people.

In Australia I am actually quite happy with the definition that has been established in the 2003 Spam Act. This basically requires an organisation to either have specific permission to contact someone that they have an existing relationship with or to make a first contact to request that permission. This should put the onus on the business properly establish permission to communicate further.

The use of raw email lists to generate leads therefore becomes prohibited. The other important requirement of the Spam Act was in providing email recipients with the ability to easily adn quickly unsubscribe from the communications

Where the grey seeps in is where a business starts to send messages that do not relate to the original relationship. This actually shouldn’t be a problems when combined with the unsubscribe functions. For example if a magazine that I buy has a number of ad’s in it but also provides relevant content then I will continue to read it. However if they start stuffing the content with irrelevant advertising I have a choice – Buy the mag again or don’t. With a working unsubscribe, I have the ability to not ‘buy’ their messages.

So this might just work for Australian email marketing but it doesn’t apply to the rest of the world but it is a start

Since leaving my old job in June I have felt a weight lift from my shoulders. The work I am doing now has been exciting and full of new experiences. The best thing though is the sense that the business respects what I bring to the organization and wants to keep me around. I never had that sense at my old job.

Fast forward?.
I started this post on the 20th of December but I have only just made the time to try and get back into the swing of things here. It is now New Year 2005. The holiday break was good to have but as always I almost feel that I need to really get away now.

To any one who is still checking this ole thing from time to time – thanks. I?ll be working harder to keep up with it this year.

This week I have been running customer focus groups looking at a few of the options for the new development that I have signed on to deliver. As the “business” rep in these sessions it does feel a bit weird being the ‘subject matter expert’ when I can still count the day’s that I’ve been there. Thankfully I have been able to come up with enough answers without just making up crap.

It is a good thing that I like doing these focus groups, because it is eating up days and nights. They finish at around nine at night and there will be four this week. That makes the days long. I had hoped to kick off some serious running training this week, but the long days are killing that, but more of that in a different post.

On Friday, after leaving my old job for the last time, I bought a book that I had been eyeing off for a while. ?Re-imagine!?, by Tom Peters. After reading through the first few chapters I felt the same brain rush that I had the first time I saw ?The Matrix? in 1999 and wished like hell I had bought it when I had first seen it months ago.

It was a rush, not because I was suddenly learning new things, but because the ideas that the book starts throwing at you are exactly the same ones that I was failing to get across in the Old Place.

In short it has helped me to believe in myself again with a passion that I haven?t felt in over 2 ? years and that is the feeling that Keanu gave me as he snarled ?My name is Neo? and catapulted himself out of the path of the incoming train. He believed.

Tomorrow I start a new job with this new invigorated feeling. There is a lot about the job that I have no idea about, like the team structure, and other corporate logistic issues but one thing that I am certain of is that I am going to have a great time succeeding at it.

However, as you may noticed, some hours of time have passed and with a cooler head I have been able to consider “venting” more carefully. I have become aware that there are more people reading the murmurings of this idle mind than I might even have expected, not that that makes it a lot since my expectations were close to negligible to begin with. But even with a few disparate souls reading what I think, there are some types of thoughts best unshared.

So even if I just write this post as a reminder to myself, then fine. What this has led me to think about is what I want to express here. What I think I have come up with is that the posts must be about me, about my thoughts, my opinions and my dreams.

What I will not write about will be mean or angry thoughts about others, no matter what, because although the feelings may be real and the hurt painful, these words will last longer and that is not the purpose of this place.

So now with a clear conscience I will sleep tonight.

Question:
“I received an email that I was expecting and the information I needed was sent as an attachment. When I tried to access this it received a message stating I was denied access to an “unsafe attachment”. Others I talked to received the same attachment with no warnings and no consequences to their system.”

The problem here is that the email program is assuming that the attached file is dangerous and will not allow it to be used. This is based on the file type and not the contents of the file. File types that are considered dangerous include .exe, .zip , .scr, .pif, .bat, etc. Also applications like Word and Excel that can contain macros will also be considered unsafe.

To access these files you will need to change the security settings of your email program. It is best to do this only when there is a particular file that you want and that you are expecting. This way the software forces you to think twice before clicking on a dodgy attachment. For example in Outlook Express (version 6.0) go to “Tools –> Options” then select the Security tab.

Uncheck the box next to “Do not allow attachments to be saved or opened that could potentially be a virus”. You should now be able to open the file but don’t forget to re-check this setting once you have opened your file.

All the best from the E-Genie!

This may also be because people have started to leave me alone as my value to the business here fades before I leave. I expect that there will be a flurry of activity in my last week but I also won’t be disappointed if there isn’t.

This is also my second attempt to post a message via email. I screwed it up the first time.

You may also notice the inclusion of a photo here. This was taken in a pub in Washington DC. The beer was one of 4 in a beer sampling menu that ran parallel to the food. hmmmmm beeer.

I have been here too long and this place has sucked the life out of me. I sometimes feel like I have no fight left.

Anyway I have also been playing around with the look of this page since Blogger have revamped their blogging tools. Hopefully you will find a “comments” tag at the bottom of this post. Please have a go and tell me what you think of the new look.

For anyone who actually follows this ramble, I have made contact with Dad. He called, I apologised. Everything cool and now I have his number again.

I bought the PC that he was after yesterday. I hope it gets delivered soon. The case is rather funky, at least from the reviews pictures and the reviews. I had to draw the line at a gig of RAM. That had to fall out of the budget. 512MB will have to do.

I have just realised that this blog is nearly a year old. 18th of May is the first official post here. There were a few dabblings before that but I?ll call the 18th the official birthday of the site.

It is interesting to look back because this time last year I was thinking about similar things. Mainly writing, running and thinking. The ? marathon is coming around again in less than a month and thin time I am going to beat 100 minutes. There it is said now. No ?I hope to beat?, this time I WILL beat 100 minutes. In the mean time since last year I have run this race and finished and then run a Marathon later in the year.

Distance is no longer my enemy. Now I am against the clock. At the same time I still find the head space, the ?Idle mind?, to meditate as I run. This should lead to immediate writing but I am still not as fearless as some of my online peers and probably judge myself harder than any one else. I guess I am afraid of the overlap between the virtual space and the land of the real.

Tomorrow the game starts new again. I need to decide where to from here. Same old, same old or new rules of engagement. It has to be that latter but I am not sure yet what that means. Importantly I don’t doubt my own abilities. I am however, frustrated by some sort of perception that others have of me as a one horse race. Very wrong. It makes me angry because I don’t know weather those involved are too stupid to see me otherwise or choose not to for their own reasons. I have learned not to assume stupidity although it is usually the most likely cause.

Unfortunately, like many Americans, he had no sense that business models can be different in other places in the world. His business is based around his company hosting their messaging data stores on their premises. This might be ok if they were close to therest of the network and there were no data traffic costs but this is not the case.

They are hosting from New York state, in the US. From the customer point of view this may make very little difference at all, however for the ISP it take email from being a (relatively) low cost type of data and turns it into international data traffic which is much more expensive. Not to mention the effect of what happens it the link is unavailable to the US. Pahh!!Not going to happe with that model. Not from Australian ISP’s anyway.

In any case he was still very compelling and I would like to see a product like his take off, particularly since it is the same idea that I am pushing for work next year.

These are the thoughts that screw with my head. And yet I find myself fighting to get a person officially authorised to talk to me about a small part of the implementation of the idea. I need a believer. I need an evangelist. I don?t know if I can be that evangelist. Too much doubt.

I have been thinking, as well, about fear and what it prevents me from doing. On one hand I am in a good position to be able to present my message. I think that I am just afraid that no one will agree.

I guess all that I have to do is think back to every other idea that I have had, that I have been quiet about and then seen someone else carry out successfully. There is no point having the ideas if I can only keep them to myself. I think that if I can write and write and write, like a room full of monkeys the result will appear before me. But first I need to write.

I want to write about ?the value of data?, the ?amazing power of email and why it?s existence is threatened by Spam?.

Maybe the next action that I take will be about Spam. The value of data is not my problem anymore. God, how I wish it was. I just want the ideas to be set free?