Where Do Hackers Begin Their Attack?

When the internet became more user-friendly in the mid to late 90’s, it opened the door to various security caveats ⁠— a criminal’s honeypot. The world connected via routers, servers, and computers is now a primary target for those looking to exploit data theft  a craft by which well-informed and expert computers users utilize a combination of various skills, knowledge, and tools to steal and/or compromise data stored on computers. Stolen data is used for a variety of purposes such as identity theft, political gain, financial crimes, and sometimes for merely stroking the ego.

Footprinting, a term used by the IT industry to define methods of reconnaissance used by computer hackers, is an interesting subject that one ought not to overlook — it is the act of discovering the security posture of individuals’ or businesses’ computer systems. In order to achieve data theft, unveiling security weaknesses is required. Discovering specific routers, operating systems, programs, and IP addresses linked to computers is generally the beginning — once that is known, flaws and security holes unique to those systems can be further probed. Although circumventing physical security such as doors, locks, cameras, and guards is a way to achieve this and could be part of a plan to penetrate a system, the ideal access would be remote access from a computer whereby a hacker can remain completely anonymous and hidden.

When a skilled hacker has obtained the security profile of a victim, it’s just a matter of time before the payload is delivered — the purpose for which the hacker started probing in the first place. Many users do not realize that antivirus software is considered a last line of defense as opposed to the front line. Becoming educated on common hacker techniques and designing networks around this knowledge is the ideal approach to hardening computers and networks against what inevitably follows a hacker’s footprinting attempts.

Young i Professionals (YiPs) Networking Event

Join a group of your fellow young professionals at the 2019 Fall Conference & Expo! Play networking games, win prizes, enjoy delicious food, and meet some of the speakers as well as your fellow YiPs. This is an opportunity to get your feet wet and start making connections before diving into the conference Monday morning.
Please fill our your RSVP below.

Security Risks in Mobile Devices

The desktop computer industry is giving way to more convenient ways of computing — mobile devices such as smartphones and tablet computers. Convenience is a good thing but generally, it can give way to security caveats. Whether the business or nonbusiness user takes advantage of the devices, there are some points to keep in mind when using them. Complacency tends to sneak in for the duration of mobile device use, depending on the general usage. Another more common danger is that mobile devices can be lost or stolen relatively easy.

It’s a computer hacker’s pastime to set up WiFi access points — requiring no password — in order to obtain a connection to a victim’s mobile device. Although the internet is a lot more secure today through the implementation of encrypted websites, there are still many websites that don’t use encryption. Unencrypted web pages can be “sniffed” or monitored via what’s called network sniffing software. This enables computer hackers to gaze at what is being transmitted between the victim (WiFi user) and the website accessed. While some of this information might not be directly revealing of the victim, that doesn’t mean it’s safe. Hackers generally attempt to build a profile on victims before delivering what’s called the “payload” or the intended result — this can range from a wide variety of illegal activities such as stealing photos and E-Mails to identify theft. Computer hackers will generally be stealth and when there aren’t any immediate negative consequences from using unknown WiFi access points, complacency can take control resulting in a negative outcome.

Shopping malls, coffee shops, and various other types of venues are now providing free charging stations for their customers to use. This type of convenience complements very well the use of mobile devices — but again, not without its security caveats. Phones can be left on a table to charge and when the owner is distracted, it can be stolen easily. Sometimes mobile device users will simply forget their phones at whatever venue they’re visiting. It’s important to enable strong password protection on mobile devices so that thieves cannot access the private information on them. Mobile devices can come with encryption options as well — depending on the sensitivity of the data being protected, this could serve well as a “multi-layer” security approach.

Interested in learning more about IT security? Visit COMMON’s webcast library to view hours of education.

Session Suggestions from a Young i Professional

As a young i professional, I have found that attending conferences is both a daunting and exhilarating experience. You usually feel more exhilaration from all the learning than you do daunted by the experience of trying to find sessions that will be a challenge for you while also at a level where you can understand the concepts that were thrown at you.

Unfortunately, you have to figure out which sessions to take before you can feel the exhilaration of education. I am hoping to ease a little bit of that stress and point out several sessions that would be good to attend if you are just starting your career or are new to the platform.

All speakers’ work hard to provide good content and one of the hardest parts of that job is to decide at what level you wish to teach. Do you keep it at a beginner level, intermediate, or advanced? Or do you try and cross all levels of knowledge? As a speaker myself, I tend to try and cover all levels of expertise by beginning the session with the basics before moving to more advanced information. This way the session has a progression to it.

In most cases, developers today are not just focused on the native languages to the IBM i. There are several shops that have you mixing the languages, or your expertise is in those languages but now you are being tasks to integrate with the IBM i. If this describes you, I would recommend these sessions:

From a developer’s perspective, having knowledge of SQL is a must! And, Birgitta Hauser has a series of great sessions you should attend. As someone who has attended several of her sessions for a few years now, she is an enjoyable speaker to listen to. Her session on Embedded SQL an Introduction is a must, even if it’s just to hear her present. My own SQLRPGLE the Better File Access is also a good one if you want to see what record level access vs. embedded SQL looks like.

All developers know that tooling is extremely important for you to fulfill your day-to-day jobs. Have you been given tooling you are not familiar with? Here are a couple of sessions that should help you out given by excellent speakers: Charles Guarinos Debugging with RDI from the on ramp to the cruising lane will help you immensely in debugging RPG code regardless of the level. Tim Rowe’s sessionOn the Best of ACS, will help you use ACS in a much more efficient way.

Another important part of today’s development process is source control, unit testing, and standards. Git for open source and source control given by Stephanie Rabbini is a must. If you are looking at unit testing your RPG programs or procedures, then attend my Unit Test RPG using IBMiUnit. If you’re wanting to look at how we handle standards, and get some ideas for your shop, then attend my Programming Standards and Guidelines.

Hopefully these session recommendations help you plan out your conference experience and ease some of the uncertainty of which session to attend. I’ll see you in Indianapolis for another great conference!

 

Editor’s Note: If you are looking for more YiPs recommendations for intro level sessions, you’re in luck! There is a Young i Professionals Picks category offered on the Online Session Guide. Check it out and get some inside pointers from your peers.

Marina Schwenk started her career in January 2015 at Everbrite LLC in Greenfield WI after graduating from Gateway Technical College in May of 2014 with an Associate’s degree in IT Software Development. Marina works as a developer in both RPG and Java and she also is one of two junior IBM i admins at Everbrite. Marina earned her bachelor’s degree in Computer Information Systems Software Development from Bellevue University in June of 2017. She is currently working on her Master’s degree program in Computer Information Systems Software development, with the goal of teaching part time, and empowering the younger generation. Marina is also a member of the Wisconsin Midrange Computer Professional Association, Women in IT committee and has recently started speaking on a couple of topics, ranging from RPG to SQL. She has completed one open source project and is currently working on releasing iUnit an open source RPG unit testing framework written in RPGLE.

Favorite Hobbies: I love to read, deep/analytical thinking, music, cooking, walking deep in the woods or along the beach and traveling.

Fun fact about you: I almost did not end up in IT. I really wanted to become a FBI profiler and really wanted to go that direction, until for my family’s sake, I changed my mind. After that it took me a while to choose between my many passions which was helping people( Social work ), anything medical, anything scientific, English writer and IT. I decided on programming because I wanted to understand/contribute to the logic that run’s today’s applications and in that process, I also fell in love with the admin side of things so I currently have the best of both worlds.

Favorite tool within IBM i platform: Rdi, and ACS hands down. I would rather develop RPG using RDI any day and I absolutely love ACS.

Number of years on the platform: 4.5

What is YiPs? 

Standing for “Young i Professionals,” YiPs is a group geared towards newcomers to the platform of IBM i. Open to those who are fresh from college as well as those who have made a career change, the group offers support, networking opportunities, and education. For more information, visit the YiPs on LinkedIn.

Full List of Name Suggestions

Thank you, yet again, for your name suggestions. We loved reading them and hope you do too!

Newsletter Name Suggestions

CONNECT
Common Bytes
Commoner Newsletter
COMMON News
Common Exchange
Common Knowledge
COMMON Unite
iScoop
iConnect
Common Network
iConnector
COMMON Place
Sensor
The COMMONER
Blurb
Com Cast
COMMON Sense
COMMON PUBL-i-CATION
CONPOST
iConnect
PowerConnect
NowiKnow2
COMMON Sense
iConnect
Power News
BiWLetter Connector
Interesto
COMMONEWS
The Power of i
PowerUp Systems
JSYK (JUST SO YOU KNOW)
Common Now!
Un-Common Update
Power Connector
COM.News
COMMONSense
Common Connect News
COMMON Newsletter
Print400
POWERUP
The COMMON Thread
COMMON Newsletter
Fresh Ideas
Common NewsBytes
iConn
COMMON News
in common
PowerCon
CommoNews
The COMMON Newsletter
inCOMMON (we’ve a lot in commo
THEME

Digital Magazine Name Suggestions

COMMON DIGITAL
Common Insight
COMMON Commoner
COMMON FIBER
Common Interchange
Common Link
iWisdom
iShare
COMMON Place
Sense
COMMON Knowledge
Lifeline
Blast
Com Link
COMMON Ground
Eye on the i
POSTCON
iConnect
iTouch
iKnow
COMMON Knowledge
iMag
i power
DigiZine Connect
FlameOn
DIGI-COMMONEWS
The Digital Power of I
Digital PowerUp Systems
iCONNECT
Common Magazine
Un-Common Knowledge
Power Connect
COM.Mag
COMMONPlace
Common Connect E-mag
COMMON Online Magazine
COMMON Thread
COMMON Magazine
Upbeat Info
PowerConn
CONNECT
common connect
COMMON Source
PowerConnect
CommoZine
COMMON Online Magazine
The Common Denominator
CommonGood (for the common good)
COMMON Sense
THREAD

Vote to Rename COMMON Publications

Thank you everyone who submitted suggestions for the renaming of the community’s newsletter and digital magazine. We loved all your suggestions but had to narrow it down. For those of you who are curious to see the full list, click here and enjoy!

Vote below for your favorite newsletter and digital magazine name. Select ONLY your first choice option.

Thank you for voting! The new names will be announced shortly.

If you have any questions regarding the new name campaign, please contact COMMON’s Marketing Coordinator, Anna Marrah.

Artificial Intelligence creates a new sport

Artificial intelligence has been used in  many applications, ranging from finance to healthcare. According to Geek.Com. AI has entered the realm of sports.

AI has already performed analyses of athletic performance and has even been used in sports nutrition. However, artificial intelligence has been used to create an entirely new sport called Speedgate

AKQA used data from 400 popular sports and an algorithm to create 10 possible outdoor pastimes. After field testing the results, Speedgate made the cut.

  • Speedgate is played on a field with two “gates” on either end and a circle in the middle.
  • Two teams of six people, three forwards and three defenders, play the game, the goal of which is to kick or pass a ball through the opposite gate to score.
  • Kicking the ball through the opposite gate gains two points. Ricocheting the ball through the opposite gate scores three points,
  • Players are not allowed to cross the circle in the middle of the field but must throw or kick the ball through it to permit scoring through the gate on the other side.
  • Kicking, pushing, or hitting players on the opposite team is not allowed.
  • The ball must be kept in constant motion, thrown or kicked every three seconds.

It remains to be seen whether the first computer-generated sport will catch on, forming leagues, sparking a professional Speedgate industry, or make the Olympics. However, the game appears to be a great combination of a physical workout, skill, and strategy. One can imagine the new sport, which includes elements of rugby, soccer, football, field hockey, and croquet, becoming popular with people who want to stay fit and have a little fun doing it with something that is brand new. The motto, also generated by AI, is “Face the ball to be the ball to be above the ball.” Perhaps some human creativity should be used to improve that.

President’s Corner

For the past week, I have been in Berlin, Germany, participating in the 2019 COMMON Europe Congress (CEC). For me, it was truly one of the hottest conferences I have attended in some time, with temperatures soaring into the 90’s.  The venue was a hotel in the heart of Berlin with a spectacular 7-story high fish tank in the middle of the hotel atrium, complete with many varieties of fish and plant life with an elevator down the center for viewing.  As I am always interested in how other engineers patch things together with bailing wire and paperclips, I was fascinated that they had applied duct tape to seal said aquarium in the hotel lobby and not a drop of water was to be seen.

For me, one thing that is very different from my participation at the North America POWERUp Conferences, is that at the CEC, I have some time to attend sessions and learn, not just present sessions and attend meetings. Additionally, with the time zone change, many of my colleagues and customers are still asleep while I am in class learning – no urgent calls or email!

By far, one of the most interesting aspects of attending the COMMON Europe events is that I have an opportunity to hear ideas and thoughts from European speakers and attendees. Their perspectives bring in their cultural and marketplace experiences which in many cases are quite different from an American point of view.

I met with many of the IBM Champions from Europe as well as other committed community members, many with great ideas not just about pushing technology into the future and testing the limits of IBM i, but also thoughts about building stronger community spirit and friendship. Every champion whom I’ve met, is a Champion of the platform. This was especially visible at CEC as they converged from many countries from America to Russia and Sweden to Italy to Spain and all points in between. Everyone spoke of contributions and successes. It’s truly invigorating to meet, discuss, think and imagine. IBMers and IBM Champions showed more and more customer stories… they just keep coming!! The stories are about companies from everywhere; from small to big, local to international, and in businesses across the spectrum.

At the CEC, just as at POWERUp 2019, IBM spoke about the number of consecutive quarters of growth. It was recently announced that for the eleventh year in a row, Power Systems have been named as the most reliable server family.

I would like to share a more personal experience. After many years of working in the marketplace, talking to IBMers, customers and other partners, I thought I “got it”. I have seen the charts with new release roadmaps for both hardware and software. I have seen the architecture growing into the future. While I have always believed those charts, I felt that the reason for the long life was a combination of steady improvements delivered by IBM, new features and options from our vendor community and of course, both of them aided by the world’s most supportive user community. Straight forward and reliable, but perhaps not really exciting.

While I was in Berlin, my “Aha!” moment arrived!  Over the 31 years (more if the S/3x machines are included) that led to today’s platform, there have been many, many improvements to IBM i. There were new opcodes and new functions added here and there as the languages got more modern capabilities. New editors were announced, based on open standards. The database got more capabilities and even a name! The system got new communication capabilities and many new services. New file systems and new security bits were added. The hardware got faster and faster and as our amazing O/S allows the adoption of new technology quickly, frequently IBM i could use it before anyone else! We got cool new hardware stuff, and you know me, I love new hardware stuff!

Let me share some of the things that led up to my “Aha!” moment:

Over the last few years we have all been hearing rumblings about new and exciting things. Rumblings about the ability to do administration through a web browser. Rumblings that there was a client for ACS that would allow attachment from MAC or Linux machines, complete with actual, significant, usable, and ongoing improvements. The flexible deployment of ACS so easy that system administrators don’t even believe it. Rumblings that system administration could be done with SQL. But that was far from all. Capabilities were added to allow the solid and fine tuned character based applications to be readily web enabled and enabled for mobile too!

The database, Db2 for i, would amaze and delight Dr. E.F. Codd. Unbelievable capabilities fantastic performance, and tools to know how it’s working and how to make it work better.
Open Source on IBM i, while initially very exciting, had some issues with PTF deployment. However, even before the reality of this had sunk in to most IBM i customers, Yellowdog with YUM appeared and open source went from ‘we have some ideas’ to ‘we MEAN business.  RPMs literally appeared overnight and not just my personal favorites of joe and rsync, but hundreds of them now including R and other serious and widely adopted technologies.

Speaking of Open Source, I am working on a portal to provide instant access for developers.  My efforts here were stalled a little during the hectic run up to ‘Conference Season’ but that won’t stop us!  Using this portal, developers will be able to sign up for access. The system will be available within minutes if not seconds, bill by the hour, and all done automatically.  EVERY time I mention this to anyone in the open source space they cheer. It Will Happen.

Over the years, security has improved. There are accelerated enhancements to encryption and reporting and AUTHORITY COLLECTION!  At the CEC this week, I watched Carol Woodbury have to pause for a second as she told the audience about this new feature.  She is so thrilled with it.

And the latest release, IBM i 7.4 has so much content. The biggest feature is of course Db/2 Mirror for i. WOW!! Truly amazing and from many reports the effort invested to make this work will have positive implications in other areas not the least of which are database performance and communications.

Finally, I want to talk about cognitive computing in the IBM i marketplace.  In my experience, many customers are still trying to understand what might be possible with this new suite of technologies.  IBM is already delivering tools and showing early success stories. IBM i on POWER Servers is well positioned to deliver on this promise. At COMMON North America, we are working hard to create awareness and education to help customers do even more with their systems to solve real business problems with cognitive computing.

 

My “Aha!” moment happened.  As you can tell, I am in awe of both the subtle and not so subtle changes that have made the system what it is today with IBM I 7.4.  Truly an amazing revelation to me.

Admittedly I’ve might have missed some favorite technologies in my review. That is not to say any are less important, but rather because there are so many!!

Conferences are often a place to recharge. COMMON North America named the annual event to POWERUp for that reason!  The CEC was no different.

There were times this week I just wanted to stand up and cheer and I probably should have. At one opening session a few years ago, President Pete Massiello stepped onto the stage at the conference Opening Session wearing sunglasses because our future was so bright. I think today we should all be wearing welding glasses!

To the IBM team, I say BRAVO. Well done. Awesome. And of course keep it coming!!!