Email and Forum Questions Profiles in IT: Aaron Patzer Website of the Week: Gapminder Adobe Flash Will Not Be on iPhone or iPod Google promises what Jobs hates in next Android Symantec's View of Internet Threats Hacking Trivia Student found guilty of obstruction in Sarah Palin email trial Gulf Coast Oil Spill Cleanup Using Latest Tech NASA Pictures of 2010 Gulf Oil Spill
Email from Alice: Dear Tech Talk, I would like to clear off/erase all the programs on my hard drive and clean it up so that it’s available for donation. What’s the best/simplest way to do this? Love the show. Alice
Tech Talk Answers: Reformatting is all you probably need to do. Windows (all versions), and even MS-DOS before it, has the option to perform what’s called a "quick format". In reality, a quick format does very little except create an empty root directory on the hard disk. The rest of the disk is actually assumed to be properly formatted already and left alone. That’s why it’s quick.
And that’s why it’s insecure. Since the rest of the disk is left untouched, any data that may already have been there will remain.
So the basic and common answer is to reformat the disk, making sure to specify unconditional format. Depending on the version of Windows or MS-DOS you have, that’s typically a FORMAT /U at the command line, or making sure that Perform a Quick Format is not checked when using disk management tools. You could do this multiple times for extra security.
It’s theoretically possible to recover data even after a disk has been unconditionally formatted. If you really want to be sure, perform a Disk Wipe. There are a number of disk wipe software utilities that meet NIST standards for classified data. You can also download a free program from http://www.diskwipe.org.
Profiles in IT: Aaron Patzer
Aaron Patzer is an internet entrepreneur and the founder of Mint.com.
Mint.com allows users create an anonymous account and then add their bank, credit card, and investment accounts. It pulls transactional and balance information and creates detailed graphs and charts. It suggests budgeting and savings ideas.
Patzer received a BSEE from Duke University in 2002 and an MSEE from Princeton University in 2004.
Patzer got his first work experience in the Internet boom years of 1998-2000, starting Getawebsite.com and working for Miadora.com, an online jewelry store.
He served as Senior Research Assistant for Fraser Research from May 2003 to September 2003, developing software tools for optical networks
He worked as an engineer for IBM from March to August 2004.
He most stable job before Mint.com was with Nascentric, Inc, where he worked from August 2004 to February 2006 developing event-based circuit simulation software.
Aaron Patzer was always one to stay on top of his personal finances. He would spend time updating his account balances with Intuit Quicken or Microsoft Money.
He became frustrated with these programs and began developing his own software.
He had managed to save up about $100,000 while working for Nascentric, Inc.
He quit and worked full-time on Mint.com while living off of his savings.
Patzer thought about nothing else for the next seven months. He worked alone in a room, seven days a week, 14 hours a day for about seven months.
He built the alpha version of Mint using Java J2EE with a MySQL database.
He developed 5 patented or pending technologies at the core of the business.
In late 2006, after attending countless networking events trying to shop around his idea, one of the founders of Half.com agreed to listen to Patzer’s elevator pitch.
Within two weeks, Patzer had a term sheet for his first round of funding. The company wrapped up $12 million in Series B funding earlier this year. He ultimately raised more thant $31M in financing
Patzer formally launched Mint.com at Tech Crunch 40 in September 2007 — the start-up was chosen to present out of 700 other applicants for the event. He won the $50K first prize.
Less than a year later, the site had 400,000 registered users.
Mint.com received up two Webby awards and was named one of the "100 Best Products of 2008" by PC World.
In September 2008, Patzer was listed in Inc. magazines Top 30 Under 30.
Negotiated sale of Mint.com to Intuit for $170M cash. The deal closed Nov 2009.
At the time of the announced sale, Mint.com had an estimated 1.5 million users.
Named Top 40 Executives Under 40 by Fortune, Top 30 Under 30 by Inc., one of the top 5 "Money Heroes" of 2008, a 2008 Tech-Pioneer by the World Economic Forum in Davos.
He has been Intuit, VP & GM, Personal Finance Group since November 2009.
According to Patzer, more than two-thirds of the site’s users actually change their spending habits after getting Mint.com’s personalized saving suggestions.
Steve Jobs published an open letter on Apple’s website Thursday spelling out his criticisms of Adobe Flash.
Flash is proprietary, dated, unreliable and unsecure, according to Jobs.
It guzzles battery juice, can’t handle touchscreens and will denigrate the user experience, according to Jobs.
Flash was created during the PC era — for PCs and mice. Flash is a successful business for Adobe, and we can understand why they want to push it beyond PCs. But the mobile era is about low-power devices, touch interfaces and open Web standards — all areas where Flash falls short.
HTML5 and other open standards will win when it comes to mobile devices and PCs.
Google promises what Jobs hates in next Android
Speaking with the New York Times, Google’s Andy Rubin – who heads the development of Android – promised that the next version of the company’s mobile OS would include "full support" for Adobe Flash.
According to Rubin, Google is happy to be partnering with Adobe to bring the full web, great applications, and developer choice to the Android platform.
Adobe confirmed that it plans to demonstrate a version of Flash for Google’s Android software in May.
Symantec’s View of Internet Threats
Symantec has just published its annual in-depth threat report and recommendations on how to improve enterprise security.
Symantec Global Internet Security Threat Report: Trends for 2009 is available online.
Symantec gathered the data for this report it global network that includes more than 240,000 attack sensors in over 200 countries; 133 million virus submission systems; a vulnerability database with 35,000 vulnerabilities from 11,000 vendors in 80,000 technologies; and 5 million decoy accounts looking for spam and phishing in more than 1 billion e-mails per day and over 1 billion Web requests per day.
There continue to be many targeted attacks on enterprise organizations. The attackers appear to do research on their prey companies to learn who the key people are and what kind of information an attack could yield intellectual property and corporate strategy.
Spear-phishing and zero-day vulnerabilities are common methods to reach these people.
Symantec notes that much of the information that is useful to attackers is publicly available in annual reports, on company Web sites, and, increasingly, on social networks.
Web-based attacks are still common, and they are the primary means to install malicious code on computers.
Top web-based attacks in 2009 targeted Internet Explorer and PDF readers.
Users tend to trust PDF files because they don’t think of them as executing anything; however, embedded code in the PDF can carry malware.
Attackers also target vulnerabilities in popular client-side applications such as Adobe Reader, Flash Player, Java SE Runtime Environment and RealPlayer.
Novice hackers are able to get into "the business" easily and with little skill by purchasing attack kits available over the Internet.
One reason the Zeus Trojan horse attack spread so far and wide was that there was an attack kit for sale that enabled the development of at least 90,000 unique binary files.
Because of all the variants, companies need to use additional security measures on top of signature-based detection methods, according to Symantec.
Social engineering tactics shifted toward taking advantage of people facing economic hardships. Phishing and spam attacks involved advertisements and Web sites pertaining to refinancing loans, reducing credit card debt, credit counseling and the like.
Symantec’s network detected more than 240 million distinct new malicious programs. One reason for such a high number is the emergence of "singletons" — attack code that shows up in only one computer. This trend further proves the need to complement signature-based security with reputation-based security and behavioral monitoring.
Executable file sharing has become the primary means of transmission of infections, especially for viruses and worms
Botnets are responsible for distributing 85% of spam. What’s more, bot herders are getting smarter; they are building "high availability" into their botnets, such as a secondary command and control server in the event that the primary server is shut down.
Hacker originally meant “one who makes furniture with an ax.” Perhaps because of the blunt nature of that approach, the word came to mean someone who takes pleasure in an unconventional solution to a technical obstacle.
Computer hacking was born in the late 1950s, when members of MIT’s Tech Model Railroad Club, obsessed with electric switching, began preparing punch cards to control an IBM 704 mainframe.
One of the club’s early programs: code that illuminated lights on the mainframe’s console, making it look like a ball was zipping from left to right, then right to left with the flip of a switch. Voilà: computer Ping-Pong!
By the early 1970s, hacker “Cap’n Crunch” (a.k.a. John Draper) had used a toy whistle to match the 2,600-hertz tone used by AT&T’s long-distance switching system. This gave him access to call routing (and brief access to jail).
Before they struck it rich, Apple founders Steve Wozniak and Steve Jobs made and sold “blue boxes,” electronic versions of Draper’s whistle.
Using a blue box, Wozniak crank-called the Pope’s residence in Vatican City and pretended to be Henry Kissinger.
Hacking went Hollywood in the 1983 movie WarGames, about a whiz kid who breaks into a Defense Department computer/
That same year, six Milwaukee teens hacked into Los Alamos Laboratory.
In 1988 Robert T. Morris created a worm, or self-replicating program, purportedly to evaluate Internet security.
The worm reproduced too well, however. The multimillion-dollar havoc that ensued led to Morris’s felony conviction, first under the Computer Fraud and Abuse Act.
Morris now researches computer science at…MIT
Student found guilty of obstruction in Sarah Palin email trial
The college student who used publicly available information to break in to the Yahoo! Mail account of Sarah Palin has been found guilty on two of the four charges filed against him.
David C. Kernell was convicted of felony obstruction of justice and a misdemeanor count of unauthorized access to a computer, according to news reports.
He was acquitted of wire fraud and the jury hearing the case deadlocked on a charge of identity theft.
Federal prosecutors haven’t said whether they will retry Kernell, who is the son of a Democratic Tennessee lawmaker, on that last charge.
Kernel faces a maximum of 20 years on the conviction of obstruction of justice, which was brought because he deleted evidence from his hard drive.
His attorney characterized the breach as a college prank with no criminal intent.
He was a student at the University of Tennessee who discussed the stunt on the 4chan website.
Kernell spent about 20 minutes online to compile information needed to reset the password for Palin’s Yahoo Mail account.
He is free on bail. A sentencing hearing has not been set.
Gulf Coast Oil Spill Cleanup Using Latest Tech
As the oil spill from the Deepwater Horizon disaster spreads, new technologies are being used to maximize clean-up efforts.
No one knows yet the full extent of the amount of oil that has been released from a rupture 5,000 feet below the surface of the Gulf, or how the leak will be plugged.
The cleanup team can get almost real-time access to National Oceanic and Atmospheric Administration (NOAA) satellite imagery of a spill incident area.
In the past, he explained, crews wouldn’t get satellite images until much later.
Day by day, the Coast Guard is using the imagery to re-initialize its oil spill models.
But one of the most important ways that the imagery is being utilized is to help direct aerial flyovers of the oil slick to try to determine where the worst areas are.
The team is also getting data from a series of data-gathering buoys and other ocean-based instruments to get real-time measurements of the conditions at sea.
Data provided by the Integrated Ocean Observing System (IOOS) has allowed spill response teams to get a wide range of real-time information about currents, tidal heights, and other measurements that previously were based only on predictions.
BP is using remotely operated vehicles (ROVs), small remote-controlled deep-sea submarines, complete with robotic arm, to try to work on the location of the leak itself. That work has been unsuccessful so far.
NASA Pictures of 2010 Gulf Oil Spill
NASA has released images of the massive oil spill on Wednesday, April 28, 2010.