“Ten years ago, I spoke to 300 telecom engineers …and made the observation that within 10 to 20 years, most of the world’s telephone systems will have moved to Internet technology. You might imagine that my remarks were met with derision, if not outright anger, perhaps because the idea of an accountant explaining the future of something like the telephone system just seemed too bizarre at the time. Fast forward to 2004 — telecom industry prospects are looking up and there is much talk of Voice over Internet Protocol (VoIP) technology. It seems I have been proven right.” Read my latest article, Not Your Father’s Telephone. (PDF)
Archives for April 2004
This week, I’m keynoting the Canadian Reinsurance Conference in Toronto. This is the third insurance event for me this month, after previous talks to senior management of Towers Perrin Reinsurance, and an opening adddress for the annual meeting of The Cooperators, a multi-billion dollar insurance company. A common theme in all of these talks is my unique insight into “the future of risk,” a look at the complex, surprising, new and challenging types of risks that society might be faced with in the future. It’s a good example of the type of customized talk that can come from my “What Comes Next? (and What Should You Do About It?)” keynote. (PDF, 800k)
A year ago this month, my Profit article noted that “unfortunately, most entrepreneurs continue to ignore computer security shortfalls that leave them vulnerable to system crashes, hacker attacks, virus outbreaks and even internal sabotage. My point? Companies better pay attention to security issues, or they’ll find things getting increasingly ugly.
Fast forward a year. Wow! Today I got an e-mail from Rogers Communications — they’re my high speed provider — notifying me that an attempt had been made to break into a computer — and that the attempt came from my Internet address.
Whoah! Obviously, I don’t spend my time hanging around trying to hack into systems; indeed, I’ve long been warning companies about the risks of neglecting security.
Not only that, but through the years, I’ve taken the time to understand security from both a high-level and very-technical level. Given the, I don’ take security lightly.
Needless to say, the message struck my immediate interest … and so I sent it on to the head of PR for Rogers, asking what’s up!
A short time later, the answer came back — it looked like my Web server on my inbound connection, which I use to access e-mail while on the road, had been compromised — it appeared on a list of “public proxy servers” on several Russian sites. Sure enough — I’ve been hacked…..
I’m digging into it further, and I’m really none too amused. What this involves is less any type of sophisticated “hacking’ and more simple negligence on my part — it looks like someone took advantage of what is known as an “open proxy server” on a Web server I run here. That allowed people to travel to other Web sites anonymously, using my Web server as the launch point. I could have sworn I took the time to ensure that all such features were turned off … but somehow did not.
Needless to say, there was all kinds of nefarious activity underway, I’m red in the face, and there are some big lessons learned.
I imagine I’ll have quite a bit to say about this — quite a bit more to learn — quite a few articles to write — and quite a bit of guidance for those who might be overly confident about their own security!
Over at the Register, a statistic that is quite believable based on what is arriving in my mailbox.
But I barely receive any spam into my inbox now, given the tools that I’ve put in place. One of the eight Linux servers in my home grabs all the mail sent to my main inbox. I use procmail to first run a test against all the mail, accepting mail from known sources. It then runs it against Pyzor, which seems to accurately weed out a huge amount of inbound spam. Then, another series of tests are run using SpamAssassin, which gets rid of another large chunk. And finally, SpamPal processes any remaining stuff that might manage to get through the first two!
Does it work? You betcha — I figure it’s now weeding out 99.9% of all spam, and letting only the real stuff get through. (I have a look at the spam every once in a while, and for the last month, only one or two real messages per week have been labelled as spam). Pyzor seems to be the most effective tool, bar none, but SpamAssassin does wonders too.
On June 6, 2004, I’ll take to the streets of Toronto with my family, as one of thousands of participants in the 2004 Becel Ride for Heart, sponsored by the Heart & Stroke Foundation of Canada. It’s a particulary poignant date — it was my mom’s birthday. She died of heart disease in 1998, and we’ll do the 50k in her memory.
My goal is to raise over $2,500 for the Foundation; the money goes to ongoing research and education in the field of heart disease. You can make your donation online, and a tax receipt is issued to you.
Will you help?
I’m featured on the cover of this month’s Small Market Meetings magazine, reporting on my comments in my keynote at the MPI MidAmerica session last March in Cincinnati. My belief? Based on the rapid rate of change and innovation in the economy, “there’s an even greater need than ever to bring people together, to share the passion, and build relationships.” You can read the article online.