would the experts implement this to help their companies? (2 Viewers)

vba_php

Forum Troll
Local time
Today, 15:53
Joined
Oct 6, 2019
Messages
2,884
A thread today has given me the idea of posting this....if any of you guys here work in an IT department that is hesitant to download external files from emails, from websites, or even from coworkers via your own intranet, would it benefit you to research the possibility of creating software applications that are actually better at scanning for "rogueness" and "malicious" code than stuff like MaCaFee, AVG, Norton, Avira, etc....?? I just finished a contract at an large energy provider in a nearby town and my manager was a Python expert. He told me that some of the scripts he wrote to make database searching more efficient on the intranet was ignored for 10 years by the executives and rejected by the IT department at every offer because they were all scared of it not working properly or other unknowns. It literally took him that long to pry them out of their shells.

I've mentioned this in a previous thread, but this website: https://www.dreamincode.net/forums/ uses a very sophisticated piece of scanning software called CloudFare. It's actually so advanced that it sometimes detects problems with code being posted inside of ( code ) tags which is not malicious at all. I've had problems with both PHP and Javascript at that place. Something like this opportunity might be a great one for you guys here that have the ability to write sophisticated applications. Just a thought...you would certainly solve a problem, along with showing others how software from the big boys is starting to cause problems....???
 

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 15:53
Joined
Feb 28, 2001
Messages
27,001
Your contract manager acquaintance's problem with his python-based scanning script was because of something called "accountability." In my time working as a Navy contractor, we ran into small companies who could implement some interesting or useful thing, but the federal rules on that were basically, "If we buy this, who will maintain it?"

The "big boys" are established companies with decent capitalization. They have a major reputation to maintain. If they have a problem in their code, they WILL work to fix it if it is fixable at all. By contrast, there are smaller companies that simply cannot devote significant resources to code maintenance. If you have a problem there is little or no guarantee that they would be able to fix anything.

Here is a true story that relates to this issue:

When I started with the Navy back in 1988, they were transitioning from an old home-grown system to something written in a (then new) product called SmartStar. It was a product of a company called "Signal Technologies Inc." Over the years, STI split off the division and it became its own company, "SmartStar Inc." - which was no biggie to the Navy because someone was still capable of being "pinged" if there was a problem.

The "big boys" of SQL and database development environments passed SmartStar in the race for market share because SS was an interface maker that talked to all sorts of SQLs, but they had no "native" version. That was because the maker of their favorite machine got bought out.

In a period of 18 months (this was years ago), Sharebase, Inc. got bought out by TeraData, which got bought out by NCR, which got bought out by AT&T. Then in a typical corporate maneuver to undo what was essentially a strategic blunder, AT&T spun off NCR, which spun off TeraData. But TeraData didn't spin off ShareBase because they would have been in direct competition, so instead they just closed off the division and let some people go. Not really so bad for the folks let go, because they formed a new company called SYBASE and when into the database market anyway.

You may ask what this has to do with the topic... Remember I said that SmartStar had lost their primary database system and simply became a development interface to others. When those others all developed their own "native" development environments, SmartStar's market dwindled until they went out of business.

The Navy program suite that managed the U.S. Navy Reserve was implemented using the SmartStar I/F code, and suddenly we had nobody to call. We had to scramble to get waivers while a replacement product could be found and the conversion process could be designed, funded, and started. A company called B3 Systems was formed by the folks from SmartStar and they bought rights to the product so they could maintain it. That gave us breathing room to continue operation and to go in another direction to eventually replace the thing that had been running the Navy Reserve for (by this time) about 25 years.

When I say "running the U.S. Navy Reserve" let me be clear: If we went to war, that system mobilized the Navy Reserve (and demobilized them when it was over.) That system managed all however-many thousands of reservists (intentionally vague) across the USA - and also managed them world-wide when a reservist was on active duty. It was deemed to be a system critical to national defense. THAT level of a system. So you can bet that the Navy brass protected it carefully.

Eventually, our local software team implemented a web version of everything that the older system had done, and our user base started to dwindle. From a high of nearly a thousand users, we were down to less than 200 as the web portal took over. I had started during the transition of the Reserve Headquarters Support (RHS) project from its predecessor, and I watched it go down in its twilight years. I retired at 28 1/2 years of service. The system was shut off by one of the people I had trained in its operation, about one year after my retirement.

The moral of that long-winded story was that our project was fine as long as we had a big (or at least a decent) company we could turn to for support. But the risk/reward analysis told us that the moment we were supporting our base product on our own, the cost of a failure was so high and the risk was so high that we could not be allowed to run what we were running. NO benefit in lower costs could outbalance the incredibly high risk of a single failure.

The reason your acquaintance got nowhere is that a one-man ship has no credibility in a risk/reward analysis. The reason that folks have trouble getting management to buy in on a small, obscure product is risk/reward analysis. If the reward is that a given product is a few bucks cheaper but the risk loses hundreds of thousands of dollars, that is a losing proposition every time.
 

AccessBlaster

Registered User.
Local time
Today, 13:53
Joined
May 22, 2010
Messages
5,826
"If we buy this, who will maintain it?"
That stops everyone dead in their tracks, not to mention who maintains the data? Is that a separate expense.
 

isladogs

MVP / VIP
Local time
Today, 20:53
Joined
Jan 14, 2017
Messages
18,186
Agree with the last two replies.
As the owner of a small company, the greatest problem I have making sales is certainly not the quality of the products I sell.
Many of my potential customers are understandably wary of purchasing from a small company in terms of concerns about long term maintenance. Even where they recognise the price is less, maintenance terms are covered and the product is better, it can be an uphill struggle to overcome that degree of caution on their part
 

moke123

AWF VIP
Local time
Today, 16:53
Joined
Jan 11, 2013
Messages
3,852
... hesitant to download external files from emails, from websites, or even from coworkers via your own intranet, ...


Earlier this year, a secretary at the agency I work for opened a word document that had been sent to her at @8:00am. I noticed a glitch in our network and texted a buddy in I.T. at @8:15am. By 8:30am they shut it down but by then our entire network was infected with a ransomware virus. Well over a million files encrypted. Various vendors, including our payroll vendor, would not allow us to connect to their systems until we could prove we were safe. It took nearly two months and in excess of $100k to restore the network and backups of the files.

So yeah, I hesitate to open files.
 

vba_php

Forum Troll
Local time
Today, 15:53
Joined
Oct 6, 2019
Messages
2,884
If the reward is that a given product is a few bucks cheaper but the risk loses hundreds of thousands of dollars, that is a losing proposition every time.
this is exactly why I keep mentioning Steve Jobs. He took the risk because he knew what he was doing and that lowered the risk significantly. but then again, he was in charge, he wasn't having to sell the idea to the higher ups.
Earlier this year, a secretary at the agency I work for opened a word document that had been sent to her at @8:00am. I noticed a glitch in our network and texted a buddy in I.T. at @8:15am. By 8:30am they shut it down but by then our entire network was infected with a ransomware virus. Well over a million files encrypted. Various vendors, including our payroll vendor, would not allow us to connect to their systems until we could prove we were safe. It took nearly two months and in excess of $100k to restore the network and backups of the files.

So yeah, I hesitate to open files.
yikes! sorry to hear about that. that makes me wonder though, how good are the server people and networking people at detecting suspicious activity during the day. are those people looking at the screens and seeing network activity in real time as it's happening? is that why you were able to detect the problem so quickly? you don't have to answer this either, but what kind of suffix or domain name did the lady get the email from? I'm sure this will be a very hot topic as robots and automated software become more sophisticated in terms of sounding human in their sentences and spammers discover new ways to workaround the weakest links in the filtering game.

that thread of mine in the FAQ section here regarding vba automation of internet explorer probably won't work much longer either. I've run into many websites that detect automation coming from an application not connected to the browser, even if the DOM elements are being clicked or forms are being submitted the proper way. and they block that stuff. for instance they will throw a message saying the form can't be submitted. google also knows how. for instance, for years now they have thrown an error message to people attempting to run google searches using the TOR browser and the onion routing concept. I saw it like 8 to 9 years ago I think. I'm sure that blockage is still in place today.
 

AccessBlaster

Registered User.
Local time
Today, 13:53
Joined
May 22, 2010
Messages
5,826
Agree with the last two replies.
As the owner of a small company, the greatest problem I have making sales is certainly not the quality of the products I sell.
Many of my potential customers are understandably wary of purchasing from a small company in terms of concerns about long term maintenance. Even where they recognise the price is less, maintenance terms are covered and the product is better, it can be an uphill struggle to overcome that degree of caution on their part
Colin, I have sat in on meetings where vendors are invited to pitch their products. Our interests revolve around modules that include package tracking, inventory control and general warehousing. These modules must interface with exiting proprietary software using API's etc.

The products range from $25,000 to $90,000. All have failed to close the deal not because of price, they fail because of what you and Doc eluded to.

Many vendors can build you a commercial sandbox application but how many will install it on "your SQL Server" and maintain it, not many. They want to sell you a cloud based product tied to a subscription, otherwise they loose that customers future business.

I admire what you and others are doing, but the kind of service you offer is almost unheard of these days.
 

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 15:53
Joined
Feb 28, 2001
Messages
27,001
The state of Louisiana, two school districts, and the city of New Orleans were ALL hit by ransomware attacks in the 2019Q4. None of the ransoms was paid off, but several groups were hit hard. At least one school district had a payroll issue. The state DMV was impaired badly enough that people can't get license plates because those machines have not yet been fully restored. There are tons of side effects going on, and in each case it was someone opening an e-mail in other than text mode. That simple browser and e-mail setting (open all mail in text mode only) would have saved a ton of tears.
 

moke123

AWF VIP
Local time
Today, 16:53
Joined
Jan 11, 2013
Messages
3,852
I believe ours was a word doc sent from another employees home computer. The offending virus apparently only targeted network shares so it was never triggered on the home computer. But once it hit our system it spread like wildfire. We had to scan & clear @ 800 computers and had to restore @ 30 years of data and word docs. We didnt pay either but from what I heard the Perps who wrote it made about $4,000,000 in about 6 months.
 

vba_php

Forum Troll
Local time
Today, 15:53
Joined
Oct 6, 2019
Messages
2,884
The state of Louisiana, two school districts, and the city of New Orleans were ALL hit by ransomware attacks in the 2019Q4. None of the ransoms was paid off, but several groups were hit hard. At least one school district had a payroll issue. The state DMV was impaired badly enough that people can't get license plates because those machines have not yet been fully restored. There are tons of side effects going on, and in each case it was someone opening an e-mail in other than text mode. That simple browser and e-mail setting (open all mail in text mode only) would have saved a ton of tears.
a lady I did a database job for long ago used to live down in new orleans. when i saw this story come thru my feed, i sent it to her and asked if she still lived in ouchita parish, and her response: "no way! I moved out of there long ago after I retired." Not sure what that meant...
 

vba_php

Forum Troll
Local time
Today, 15:53
Joined
Oct 6, 2019
Messages
2,884
for those of you interested in who's got the privacy game figured out, see images. apparently google only allows tor usage for a limited number of times before the software becomes suspicious. it threw a captcha at me after 1 search and even after clicking the correct images 5 times in a row it still would not accept the correct answers. another test, run with russian search engine yandex, returned even stricter results. furthermore, it looks as though the big money making corporations of the world are also using the technique of preventing private browser access to their websites. when TOR first loaded for me, the default language was foreign, which indicates that the onion maintainers do not reside in this great country.
 

Attachments

  • tor allowed at google one time.jpg
    tor allowed at google one time.jpg
    89.5 KB · Views: 112
  • big players blocking tor.jpg
    big players blocking tor.jpg
    94.5 KB · Views: 121
  • russian tor blockage.jpg
    russian tor blockage.jpg
    98.1 KB · Views: 112
  • russian request for authorization.jpg
    russian request for authorization.jpg
    83.8 KB · Views: 113
Last edited:

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 15:53
Joined
Feb 28, 2001
Messages
27,001
from what I heard the Perps who wrote it made about $4,000,000 in about 6 months.

They are probably foreign, and I tend to be a forgiving man most of the time, but this is a case where I would have no qualms about sending in Seal Team 6 (the one that got Osama Bin Laden) to do a spot sanitization.
 

moke123

AWF VIP
Local time
Today, 16:53
Joined
Jan 11, 2013
Messages
3,852
They are probably foreign, and I tend to be a forgiving man most of the time, but this is a case where I would have no qualms about sending in Seal Team 6 (the one that got Osama Bin Laden) to do a spot sanitization.

The real crime was that for the last 15 years I had access to all the admin passwords even though I'm not in the I.T. department. Since this incident they locked everything down so tight and took away my access. (not that I dont have ways of getting around that however.)
 

kevlray

Registered User.
Local time
Today, 13:53
Joined
Apr 5, 2010
Messages
1,046
Fortunately we have a small but effective security team. We have had a couple of viruses attempt to spread into our entire network. Fortunately the virus was spotted early and stopped. Also all of the data on the network is backed up daily (If data is kept on a users local C: drive, it could be lost). All users have been required to watch data security videos. Hopefully it has helped.
 

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 15:53
Joined
Feb 28, 2001
Messages
27,001
With the Navy, we had to take yearly refresher videos on data security, operational security, records management, privacy act and its implications, HIPAA, and travel safety. Plus a couple of other lesser videos that varied from year to year depending on recent hot-button issues. It was the "Federal Records Management" and "National Secrets Act" videos that got me so upset with Hillary when she ran for President.
 

Users who are viewing this thread

Top Bottom