December 17, 2007

Review: magicJack

Richard Kuper
The Kuper Report


Are you looking for a way to reduce your phone bill to practically zero? Do you have a windows pc, running Windows XP or Vista (Mac version promised soon). Then you may wish to check out magicJack.

How it works
Basically, you need to have your pc on and you need to be logged in. Then you take magicJack, which looks like an oversized thumb drive with an exposed circuit board, and plug it into an available USB port. If you wish or need to, it comes with a USB extension cord if it's too crowded to plug the device in without it. But do be sure to plug it directly to a USB port and not to a USB extension port.

Then just wait for a minute or two, and answer any prompts you may get along the way, such as what area code you want and where you live (for 911). Then you are pretty much ready to start making calls for free to anywhere in the US and Canada. You can either plug a regular land-line phone into the magicJack, or else use a computer-connected headset. You will need to go into the menu and change the default to use the headset. Then you are ready to make calls. I was even able to use it to send a fax from a standard fax machine plugged into magicJack, but that option is not officially supported.

Want to call folks outside the US and Canada. Just have them get a magicJack and they will get a US-based phone number and then you can call each other for free.

It even works on PCs with USB 1.1 (it's just slower to set up and start up).

And you can take it with you and plug it into any pc and you will have the same phone number wherever you are. And your email will get notified that you have voice messages, and you can even listen to them online.

Some caveats
The instructions say not to have a cd or dvd playing when you plug in/set up magicJack. I also discovered that my backup program needed to be disabled during magicJack startup.

It works best if you are physically connected to the internet, by cable modem, or DSL, or T1 or such. I encountered some drops when I tried using it on a notebook connected wirelessly to the internet. Your experience may be better.

The product is still listed as being in beta.

And, of course, you need your pc to be on in order to use it.

Is it really free?
Well, almost. It costs around $40 to get one. That gets you one full year of use. After that, its about $20 a year. Yes, those are yearly figures, not monthly.

One last caveat
For security and backup, one should also maintain a real land-line phone number and standard phone that does not require electricity to operate. When there is a power outage, the computer won't work, and so neither would any internet phone from your cable company or magicJack.

You can't beat the price, the sound quality is terrific, and it is really simple to use.

For more information and to order, go to

November 10, 2007

eBook Review: "How To Keep Your Boss From Sinking Your Project"

Richard Kuper
The Kuper Report

Don't let the title of this eBook by Andrew Stellman and Jennifer Greene scare you off if you think you have a great boss. Perhaps a more accurate title for this would have been the title of the first chapter: "Why Do Projects Fail?" The authors succintly get to the heart of the matter about why projects fail and what you can do to help reduce the chances of project failure and to help prevent your boss from being part of the problem. The chapter titles tell you what you will learn:

* Why do Project Fail?
* Set Expectations Early and Keep Them Up to Date
* Make an Informed Selection of a Software Process
* Keep Your Manager Involved with the Project
* Make Intelligent Course Corrections
* Alter Your Tactics, but Stay True to Your Strategy

The authors seem to target programmers as the intended audience, but in this writer's opinion this is a handy guide for all members of a project team.

I had the honor of meeting the authors recently when they presented essentially this material at a meeting of the New York City Software Process Improvement Network. They gave an interesting and lively presentation and there was some good back and forth discussion about process and project management. If you missed that event, or even if you attended it, this eBook makes a nice supplement. I recommend it for anyone involved in a project.

You can purchase it directly from the publisher's (O'Reilly) website for only $7.99.

September 24, 2007

Privacy and Security Watch: Are you giving away your personal or corporate data to thieves?

Richard Kuper
The Kuper Report

I came across a couple of articles that continue to bring home the fact that many companies and individuals still do not have a handle on ensuring the privacy and security of data:

What's on your hard drive?

When businesses or individuals discard old computers, apparently many are not ensuring that personal or business data has been securely removed first. According to this article, from a sample of 350 hard drives acquired in online auctions, details about salary, company financial data, medical data, credit card numbers, visa applications, details of online purchases, and even online pornography were found.

There are many tools available today for corporate and individual use that can shred the data on your hard drives and other storage devices. They are not very expensive, especially for individual use. Simply reformatting the hard drive, for example, will not wipe the data from it.

Do you or your employees connect to a file-sharing network?

If you connect your computer to a file-sharing network, such as BearShare or LimeWire or the like, you are opening up your computer to anyone who cares to search it and copy stuff from it. According to this article, "Three spreadsheets containing more than 5,000 Social Security numbers and other personal details about customers of ABN Amro Mortgage Group were inadvertently leaked over an online file-sharing network by a former employee." In this case, the computer had the BearShare software installed.

A common search, by those seeking something other than a song, is to search on terms like "password" to find data on connected computers that will net usable information for identity theft and other crimes. In addition, it would seem that most users of file-sharing networks do not take the appropriate steps to limit what can be searched on their computer. Any time you allow your computer to be accessed by others whom you do not know and therefore have no known level of trust, you are looking for trouble.

Regarding the leaked spreadsheet with over 5,000 Social Security numbers and other personal customer details, according to a spokesperson for ABN parent company Citigroup Inc.: "Citi's information-security standards require that confidential information be stored on Citi-managed devices." In the case of the spreadsheet, it would seem the employee had it on his home pc.

August 23, 2007

Corporate Cost Cuts Have A High Price

According to this article, "The recent health and safety scares that led to major toy and food recalls highlight the pressures facing companies that export their manufacturing".

May 16, 2007

Privacy and Security Watch: IBM loses tapes with personal information on current and former employees

It seems even the great IBM can be affected by such problems as losing tapes containing social security numbers and other personal information on employees and retirees, along with records of customer transactions.

According to this article, "An outside vendor was transporting the tapes from one IBM facility to another on Feb. 23 when the tapes fell out of a contractor's vehicle in Westchester County, N.Y., not far from IBM headquarters in Armonk. IBM representatives went to the scene and couldn't find the tapes."

For some reason, only some of the missing tapes were encrypted.

Richard Kuper
The Kuper Report

May 10, 2007

Privacy and Security Watch: University of Missouri Hacked For Second Time This Year

According to this article, The University of Missouri has been hacked for the second time this year. The hacker gained access to the social security numbers of over 22,000 students and alumni through a Web page that was used "to make queries about the status of trouble reports to the university's computer help desk."

Back in January, there was a similar breach. In that case, "a hacker obtained the Social Security numbers of 1,220 university researchers, as well as personal passwords of as many as 2,500 people who used an online grant application system."

Richard Kuper
The Kuper Report

May 09, 2007

Court Permits Search of Personal Computer in Workplace

According to this article at, "a federal court has just held that an employee did not have a reasonable expectation of privacy in the personal computer he brought to work." It seems that because this employee and a co-worker otherwise had to share a common personal computer, this employee decided to bring in his own computer and connect it to his employer's system. The employer, in this case, was a city government. The employee made no effort to protect any information on his personal computer and left it on and in a public space -- even when he was not at his desk. This failure to password or otherwise protect and guard the personal information on his personal computer eventually led to the discovery of child pornography on his personal computer. That eventually led to the appellate court case that resulted in this decision.

As the article concludes, "if you want to maintain your privacy rights under the Constitution, you yourself must keep your private matters private."

Richard Kuper
The Kuper Report

April 03, 2007

Privacy and Security Watch: More Security/Identity Breaches and Issues

According to an article in ComputerWorld, "RadioShack Corp. dumped 'thousands' of customer records behind a store near Corpus Christi, exposing consumers to possible identity theft." The article goes on to say "According to Attorney General Greg Abbott, the Fort Worth-based company violated multiple state statutes, including the Identity Theft Enforcement and Protection Act, a 2005 law that requires businesses to protect and properly dispose of customer personal information."

But in another ComputerWorld article in the same state of Texas, it seems that "Texas Gov. Rick Perry has signed into law a bill that allows the state's county and court clerks to disclose "in the ordinary course of business" Social Security numbers contained in documents held by their offices."

So, at least in Texas, Social Security numbers are no longer considered protected data if they exist in "public records held by clerks in the state" but are protected data if held by anyone else. So if you have public documents containing personal data, such as mortgage records and tax liens in the state of Texas, your private information, already being posted by Texas to the internet and for sale unredacted, is no longer protected.

And now your browser may be used to capture your personal information on your computer and as a hacking tool against others. According to another article in ComputerWorld, javascript code that could be used to turn a Web browser into a hacker's tool is now available on Internet.

Meanwhile, in yet another ComputerWorld article we are told that there is a critical Windows flaw that Microsoft has apparently known about since December 2006 that affects Windows 2000 SP4, XP SP2, Server 2003 (up to SP2), and even Vista (both 32- and 64-bit versions). Microsoft was apparently in no hurry to fix this but the pressure has mounted and they are supposedly rolling out a fix soon. This critical flaw will allow a rogue program to "run malicious code on a victimized PC, infecting it with spyware, stealing identity information or adding it to a botnet of hijacked systems."

To borrow from a tag line in an old TV show (NYPD Blue, if memory serves):
"Be careful out there."

Richard Kuper
The Kuper Report

March 22, 2007

Privacy and Security Watch: Stolen Data from TJX (T.J. Maxx, Marshalls and HomeGoods stores) since 2003 Used in $8M Scheme Before Breach Discovery

According to recent reports in eWeek (links below), massive amounts of data, dating back to 2003, were stolen from TJX (T.J. Maxx, Marshalls and HomeGoods stores) over an extended period of time, starting in 2005. The breach, or intrusion as TJX prefers to call it, was not discovered until December 2006.

This is just the latest story in the ongoing issue of data security. Companies need to get their acts together and ensure that they are protecting the personal and private data of their customers. It may be time for the government to step in and create financial incentives for companies to do this. Of course, the Federal government and many state and local governments are guilty of not protecting the personal and private data of its citizens either, so they would also have to fine themselves (not likely). So this problem will continue to be a major problem until the public starts making its voice heard and making this a priority for government and corporations to take more seriously.

Here are the links to the TJX story:

Stolen TJX Data Used in $8M Scheme Before Breach Discovery

TJX: Data Theft Began in 2005; Data Taken from 2003

Richard Kuper
The Kuper Report

March 17, 2007

Is your cable TV connection only providing monophonic sound?

If you are fortunate to not need a cable box to get your cable TV, the feed directly from the cable company carries stereo sound, and connecting your TV directly to the cable will result in stereo sound on your TV. If, however, your cable service requires the use of a cable box, and you connect a stereo TV or stereo VCR or any other device using the coaxial (RF) cable wire (the typical connection made by the person who comes and connects your cable) from the cable box to your TV or VCR, you are only getting monophonic sound, not stereo.

So what do you need to do if your cable company requires the use of a cable box and you want stereo sound to come out of your stereo TV? (Note: I will address analog audio/video options here. If you have a digital TV, you may have additional choices.)

If your TV does not have any option except to connect the cable wire where an antenna would otherwise be connected, you are out of luck. No stereo for you. Your TV needs to have stereo RCA jacks for stereo sound to be fed to it. So to get stereo sound from your cable box, you need to connect the line-out jacks marked L and R (usually color coded red and white) to the line-in jacks marked L and R on your TV. But wait -- that only gets you sound. If you want a picture, you need to connect the yellow video-out to the matching yellow video-in on your TV. If both your cable box and TV have s-video, try that instead for a better picture. And if you are fortunate enough to have the option of component video out [that's 3 separate cables carrying just the video] and your TV can accept that, use that for the best picture. Now when you turn on your TV, don't panic when there is no picture or sound. That's because your input source is now Line 1 or Video 1 or some such similar choice. You are not using the TV tuner, so you are not watching through channel 3 or 4 (depending on where you live).

What if you want to include your VCR or other video-recording device in the loop? You would follow similar instructions, except that you would, in essence, be doing the same thing twice. First replace the term TV with VCR in the instructions above for connecting up the cables from the cable box. Then, pretend the VCR is the cable box and follow the instructions again. And as in the direct from cable box to TV above, you will need to remember that you are now watching through Line 1 or Video 1 or whatever it is called on your TV. One other thing. In order to watch TV you will need to also turn on the VCR.

There are more complicated options, but I've opted to not address them here.

And again, the above addresses standard stereo TVs and VCRs. Connecting digital and high definition (HD) TVs and other digital devices will require different cabling and connections to get the best picture and sound. But even on the HD cable boxes, the RF cable-out only provides monophonic sound.

You may want to share this article with your friends and family, who may not know that they are probably watching TV and recording programs in glorious monophonic.

Richard Kuper
The Kuper Report

February 14, 2007

"Offshore-developed software projects have 2.8X as many bugs as average software projects"

Richard Kuper
The Kuper Report

At the NYC SPIN meeting last evening, Michael Mah of QSM Associates and the Cutter Consortium gave a very interesting presentation about extreme programming and productivity measurement. As he was wrapping up he provided some statistics regarding offshore outsourced projects.

An excellent write-up of this event has been published by Ed Yourdon, and I will not even try to improve on the work of such a distinguished writer ("Death March," "Byte Wars," the recent "Outsourcing: Competing in the Global Productivity Race," etc.). So instead I will direct you to his blog entry here:
"Offshore-developed software projects have 2.8X as many bugs as average software projects"

January 08, 2007

So how secure is your pc?

Richard Kuper
The Kuper Report

So how secure is your pc? According to a January 7, 2007 article in the NY Times titled "Attack of the Zombie Computers Is Growing Threat" by John Markoff, "the bad guys are honing their weapons and increasing their firepower." Programs are secretly installing themselves "on thousands or even millions of personal computers" and then using these computers and their collective combined power to commit crimes across the Internet. For example, the article states: "Last spring, a program was discovered at a foreign coast guard agency that systematically searched for documents that had shipping schedules, then forwarded them to an e-mail address in China." Elsewhere in the article, we are told about a program that collected data from 753 infected computers, generated 54,926 log-in credentials, 281 credit card numbers, affected 1,239 companies including "35 stock brokerages, 86 bank accounts, 174 e-commerce accounts and 245 e-mail accounts" -- and that was just one file that was intercepted that had collected data over 1 month. One company that monitors such things claims there are more than 250,000 new infections daily.

There were a number of other examples, including the spam regarding a penny stock that boosted the price of the stock significantly - just long enough for whoever spawned it to make a nice profit.

Even more interesting was this paragraph that appears near the end of the article:

"Serry Winkler, a sales representative in Denver, said that she had turned off the network-security software provided by her Internet service provider because it slowed performance to a crawl on her PC, which was running Windows 98. A few months ago four sheriff’s deputies pounded on her apartment door to confiscate the PC, which they said was being used to order goods from Sears with a stolen credit card. The computer, it turned out, had been commandeered by an intruder who was using it remotely."

So now that you know about these problems, what are you doing to prevent them? Are you making the mistake of Serry Winkler and turning off your antivirus, antispyware, antimalware products, or, worse, have you failed to even install such software or ensure it is up-to-date? Are you perhaps making the ultimate error of being connected to the internet 24x7 logged in with adminstrator rights and no password? If you are accessing the internet from home via cable or dsl, do you have both a hardware firewall and a software firewall? If you have gone wireless, are you sure no one can intercept what you are doing over the air?

There are a variety of very good antivirus, antispyware, antimalware and other products to protect your computer. Some are even available for free or very low cost. Some are bundled as suites.

And before someone tries to give you the old and tired line "just get a Mac", be advised that the recent Mac vs. Windows ads have raised the profile of the Mac and Linux operating systems and attracted the interest of the bad guys. There have been an increasing number of reports regarding breaches of such machines -- perhaps not to the level of Windows machines, but that is primarily because there are fewer such machines in use. Should machines running Mac or Linux continue to grow in popularity and become a larger portion of the user community, rest assured that there are folks out there who will manage to wreak the same havoc on those machines as well.

So make sure to take all the necessary steps to ensure that your computer and data are secure. If you are a company, your responsibilities may be further defined by a variety of laws.