Yakety-Yak (Don't Talk Back)

Not long ago, I noted how the IT world, in general, seems to be far more interested in the latest cool new feature than in the risks that often accompany that feature.

You'd have thought that the September 11th attacks here in the US of A and subsequent warnings about our continuing vulnerability to cyber-attacks would have acted as wake-up calls to the IT community. Unfortunately, governments in the USA and elsewhere have simply used the attacks as a pretext for increased surveillance of ordinary citizens while doing little or nothing to actually improve security.

Meanwhile, businesses and consumers continue to gaze at the latest sparkly trinket.

Which brings me to IP telephony, a.k.a.Voice Over IP or VoIP. Gartner says IP phone shipments have jumped 53 percent from last year and I, personally, know folks who now do all their voice communications via Skype or similar products. Never mind that, according to a presentation at the latest Hack in a Box conference, VoIP systems are easily hackable and could be used for identity theft or that hackers can already download tools to attack the protocol used by VoIP handsets.

In fact, as a recent Business Week article bluntly states, "VoIP calling systems are just as susceptible to hacking and digital mischief as any other Internet-based application". That includes worms, viruses, DDOS attacks, and phishing.

That last one is especially scary. Most of you out there are probably familiar with how e-mail phishing works (the rest of you can click here). The VoIP version of this would direct you to a phone number - very possibly the actual phone number of your bank - where you would give your personal information to someone who is allegedly on your bank's customer service staff but who is, in reality, working for someone else entirely. Like, for example, the Russian Mafia. That's because your bank's VoIP system has been hacked in much the same way web sites are hijacked now.

Worse yet, the security tools for VoIP systems are far less well-developed than those for PCs and servers. In this area, unfortunately, the Bad Guys are way out in front.

(My)Space Cowboy

I've been hangin' around the IT Corral fer nigh on to thirty years, pardner, an' I've seen some pretty darn dumb ideas come down the Ol' Checksum Trail. You prob'ly even remember some of 'em, even if y'are jes' a whippersnapper:

• Microsoft's "Bob" operatin' system (and they weren't talkin' J.R. "Bob" Dobbs, neither)
• Apple's Newton ('nuff said)
• IBM's OS/2 "Warp" (not enough Trekkies to keep that one afloat, I reckon)
• Pointcast, Backweb and all them other "information push" and "webcasting" technologies that were a-gonna to ree-vo-lutionize content delivery a while back
• Internet-enabled ever'thin' (what kinda durn fool wants ta surf the web from a refrigerator?)

Dead, ever' one of 'em, and planted up thar on Reboot Hill. Nights, some of the real old-timers - them UNIX guys with the suspenders and the beards, y'know - they claim they can see their ghosts a-walkin' 'round up thar, tryin' to sell ya stock options. Freeze the blood in yer veins, by cracky!

OK, that's enough of channeling old Gunsmoke re-runs, but you get the picture. In technology, as in any other field of human endeavor, the mediocre or outright stinky ideas always out-number the real winners. My nominee for the latest bad idea: social networking web sites in general and myspace.com in particular.

You've probably heard about myspace.com by now, although what you've heard probably depends on whether you're getting your information from technology news outlets like ZDNet or InformationWeek vs. mainstream media sources or propaganda services like Faux (a.k.a. Fox) News. To hear the latter two tell it, myspace is a hotbed of sexual perverts, child molesters and, for all I know, Yetis and Martians. To most of the Propeller Beanie crowd, on the other hand, it appears to be the Next Big Thing.

You know - like information push.

It's not that the idea of the Internet as a social network is inherently bad. Back before there was even a single web site, like-minded folks exchanged information and opinions and formed various types of personal relationships via e-mail and usenet newsgroups. Social networking sites have just made it easier to do so and therefore more accessible to a wider range of people.

"Aye, there's the rub."

Because the easier it becomes to create something - like, say, a web site on myspace.com - the more likely you are to have incompetent people creating it. Myspace has taken this to its logical extreme, allowing members to stick pretty much anything they want on their pages in any way they want, resulting in some of the worst web sites since the early days of Microsoft FrontPage.

I experienced this on a personal level this past weekend when, in a fit of unaccustomed leisure time, I decided to visit the myspace page of a close friend. She had recently gone through a rather nasty relationship break-up and I was curious to see how she was doing. We hadn't talked in a while and her insane work schedule make phone conversations highly unlikely.

We may have to have that phone call yet, though, since I never was able to locate her page - it seems she's using a nom de net that I didn't know about. I did, however, slog through a number of other myspace pages in the process and, to paraphrase the late Warren Zevon, they ain't that pretty at all. Most were so chaotic and so filled with junk media that they were effectively useless. Huge image files there were in abundance, along with automatic slide shows and, that most obnoxious of all features, music that began playing as soon as the page loaded. I decided that the game was not worth the virtual candle and hit the "close" box.

And let 's not even start on the abusive pop-up and pop-under ad boxes!

Besides, even with a less-cluttered interface, fewer ads, and no spyware cookies, a social networking web site is no substitute for - well - social networking. In person.

Jes' lak in the ol' days, by cracky!