Understanding Computer Risk, Hackers, and Cyber-Terrorism

In today's environment, millions of people rely on computers to do business, homework, and to dispatch information to others. It is therefore very important to secure the information that we have on our computers. If you are using a computer exclusively, it is your duty to do all you can to reduce computer risks, prevent data loss, and to reduce computer abuse. In the business world, data protection is paramount because a company's data is fast becoming one of the most value asset that any company owns. Keeping your electronic data secure from hackers is therefore most important.

A computer security risk is any action, deliberate or otherwise that could cause lost of information, damage to critical software, or data corruption. Computer security risks also extend to program incompatibilities, or computer hardware obsolescence. Many instances of computer loss or computer damage are planned and are therefore not accidental. Any intentional breach in computer security is said to be a computer crime which is slightly different from a cyber crime. A cyber crime is really an illegal act perpetrated through the Internet, whereas a computer crime will be any illegal behaviour which involves the use of a computer.

There are several distinct groups of people involved in computer crimes and understanding who they are is important. The most popular form of criminal computer acts is broadly known as hacking. In this case, a person uses a network or the Internet to gain illegal access to a computer. Hackers too, have gained much notoriety over the last 10 years because they are seen as representing people who are in rebellion against the systems of society. Some of the more recent names assigned to people posing computer security risks are cracker, cyber-terrorist, cyber-extortionist, unethical employee, script kiddie and corporate spies.

The term hacker was actually used in reference to ordinary people with the ability to break into computer systems legally. However, with the wide-spread use of the Internet, a hacker has now become known for illegal actions. A hacker is defined as someone who accesses a computer or computer network unlawfully. They often claim that they do this to find leaks in the security of a network. Recent developments in computer programming have spawned the term Ethical Hacking. This is an IT-related term for posing as a thief to catch loopholes in your own computer systems. The term cracker has never been associated with something positive this refers to someone how intentionally access a computer or computer network for unlawful or unethical purposes.

A cyber-terrorist is someone who uses a computer network or the internet to destroy computers, websites, or systems for political reasons. The intention here is to cause harm to important systems such as a banking system or a military computer network in order to score political points. Unlike a regular terrorist attack, cyber-terrorism require highly skilled individuals, thousands of dollars to implement, and many months of planning. The term cyber extortionist is used to refer to someone who uses emails or other electronic communication media as an offensive weapon. As an example of this, a cyber-terrorist can access a web-based database, confiscate it, and erase other available copies. They can then demand a ransom for the release of this information.

They could carry out their illegal act by doing other things such as sending a company a very threatening email. The information they may have could be trade secrets, company data, or even personal information about one of the senior officers of the company. By demanding a ransom for not releasing such information through the Internet, they are participating in cyber-terrorism against the company or persons.

Many computer security risks are related directly to disgruntled employees. It is for this reason why many of the top companies in the USA have adopted sections of the Sarbanes-Oxley Act of 2002. Executives of each public company must take personal responsibility for the security of a company's data in addition to truthfulness in accounting practice. All stake-holders must be assured that the data which a company has about a person such as credit cards must be secure at all times. As the Internet grows, only time will tell what other measures will become necessary to reduce computer risk, thwart cyber-terrorism, and mitigate against the impact of hackers and crackers all over the globe.

Anthony writes technology and protecting your computer from online attacks, at: computer risks and writes on many other fascinating subjects as well. Visit him to learn the latest trends, in motivation, personal development. See his fast-rising working from home blog.

Spyware Removal Tool - Paid or Free?

Spyware and malware can shut down your computer life. It can destroy your desktop and cause you no end of stress and damage. The simpler forms of adware can irritate you at most, the simple forms of spyware can collect data about you, what sites you visit, what programs you use, etc. Malicious spyware can trace the keystrokes of your keyboard and steal information right off of your desktop. Spyware has been known to ruin businesses, facilitate identity theft and the ensuing theft of money in your online bank accounts, PayPal, etc. There is not much you can do when you have been the victim of cyber crime, but there is a lot you can do to make sure it does not happen again. Protect your computer and do not be the next victim of spyware, adware, and malicious software.

There are a variety of very strong spyware removal products that are commercially available to help you protect yourself from cyber crime. These days with wireless internet connections, your computer is probably on the internet from the time you turn it on to the time you shut it down at night. Anytime your computer is connected to the web, you could be at risk. Adware Spyware removal tools can help to clean your computer from unwanted risks, protect your computer from websites that automatically download data onto your computer, as well as real time cyber attacks.

There are many free anti spyware products on the internet that promise you protection from malicious software. Many of these programs hardly do a thing for your computer. To make sure you are really protected from the bad guys on the internet, you have to have bigger friends than free software geeks. Here are three reasons you should by the best spyware removal programs from the big boys.

Better funded research - For one, big boys like Norton have enormous budgets and large teams for research. Proper research can mean the difference between a security breach and tight PC internet safety. With new viruses being discovered almost every day, it takes a large team to be able to find ways of blocking them and keeping you and your information secure.

Cleaner, faster software - The software engineers from larger corporations that specialize in PC security are good at making sleep software that works well with various computers. Whether you use windows or have a Mac, there will be fixes that allow the program to work seamlessly on your computer. Too many small programs have a bulky interface that interrupts other program functions. With sleeker faster programming you can still achieve maximum computer speed.

Protects against real time threats - Many free protection companies do not protect against real time internet threats. Norton and other big malware protection programs help to stop websites that are deliberately hurting your computer or uploading malicious software to your computer. Stop internet criminals by determining that you are not going to be the victim of cyber crime.

Rich Vial is a webmaster for Spyware Removal & Adware Spyware Removal visit: urspywareremoval.com

How to Protect Your Computer

It is very obvious that more people are using computers these days and more people are on the web on daily basis. For this reason most computer users are now increasingly concerned with web safety. Computer safety tips are sought after more and more. The predominant availability of personal computers and connections to the internet provides most people with around the clock access to information, financial services, and shopping. The World Wide Web is also an amazing tool for educators and students to communicate and learn. However, this frequent use of computer brings out more and more hackers and con artists and requires that web users observe some essential tips on how to protect their computer.

It is so unfortunate that certain individuals take advantage of the Internet to perpetrate criminal activities. As with any new technology, there are always individuals prepared to exploit this great new technology illegally for personal gain. Hackers can try to gain illegal access to your computer and then utilize that login to take over your identity, defraud you, or even launch internet attacks against other web users. By following the preferred computer safety tips outlined below, you can minimize the harm cyber hackers can do not only to your computer, but to many other people's computer.

Unfortunately, there is not a single computer security method or technological solution that will eliminate online crime. These generally accepted computer safety tips highlight that using practices that include Internet habits as well as technological solutions can make a difference. Technical solutions (software) are increasingly necessary and cannot be eliminated with just good practices.

The following recommended computer safety tips will to some extent help you protect your computer from unauthorized access.

1 whenever you're online or offline try to protect your private information. Make sure you know who you're communicating with on the internet. Especially when you are in a chat room. Do not give out your password, social security number, and credit card number.

2 Remember the web is like a shopping mall where any body can enter. Protect your computer with the use of anti-virus software, a firewall, and anti-spyware software to ensure your computer is protected and secure.

3 Be sure that you do regular update of your computer.

4 Be sure to use very strong passwords to protect your information. Do not use your nickname or your surname. When using numbers, do not use your birthday.

5 Do not forget to back up critical files.

Owaduge Olumide is a writer. He writes on health and other sundry issues. You can get more of his views here: http://olempe.blogspot.com/

Cybercriminals Attempt to Extract Sensitive Data through Fake Outlook Notifications

Security researchers have alerted Microsoft Outlook users on a fake notification scam. The new phishing scam first identified by security experts at Internet Security firm Sophos attempts to gain access to e-mail accounts. Users receive an e-mail that asks users to download an attachment to reconfigure their Microsoft Outlook. Users, who download and open the attachment, receive a fake form, which appears strikingly similar to a genuine form of Outlook. The form seeks username, password and outgoing server details. Outlook users, who provide the requested information, inadvertently provide opportunity for remote scammers to compromise their e-mail accounts. Cybercriminals may use the information to impersonate as the legitimate user and send arbitrary mails, propagate spam and steal personal information. They may also attempt to gain access to other online accounts of the user through brute-force attacks or forget password option.

On the other hand phishers are facing threat from whalers, who attempt to gain access to online databases, where phishers store the stolen information by using a tool called autowhaler. The tool allows whalers to search common Phishing URLs, where phishers hide their login credentials. Recently, security researchers at GFI Labs identified a unique tool termed as '666 autowhaler'. When a whaler downloads the tool, they inadvertently download a Trojan designed to extract login credentials. The detection again reveals the vicious nature of cybercrime world.

Internet users must be wary of e-mails seeking login credentials or suggesting reconfiguration of e-mail clients. Phishing e-mails attempt to deceive users into compromising sensitive information by urging prompt action and spoofing the e-mail address to make them appear as coming from a legitimate source. They may also spoof the links in the e-mail to make them appear as a web address of a legitimate company. As such, they must prefer visiting a website by typing the web address rather than following a link on Instant Messengers (IMs), Internet Relay Chat (IRC) or e-mail addresses. Cyber security training programs and online degree programs may help users in improving their online computing practices. They may also report fraudulent e-mails to respective legitimate companies or concerned regulatory authorities in their country. Such attempts will help organizations and regulatory agencies to initiate appropriate action and prevent other Internet users from falling prey to fraudulent scams.

E-mail clients help employees to manage and organize their e-mails. Phishers may attempt to gain sensitive information regarding organizational networks by targeting employees through sophisticated schemes. Employees who receive e-mails seeking such information must immediately report to the concerned head of the IT department. Organizations must educate employees on the incident response procedures and information security practices through induction and e-learning programs. They may also collaborate with technical institutions and educational institutions and encourage employees to undertake online university degree programs and improve cyber security practices in the organization.

Cybercriminals constantly endeavor to improve their attack techniques. Professionals qualified in masters of security science may help organizations to assess prevalent security threats, envisage future threats and devise appropriate policies to improve the defenses of the organization.

View the original article here

Cyber Hackers Can Mess With Google - Are You Afraid For Your Business?

If you have been reading the news lately and picking up on all the commotion around hack attacks on some of the big guns like Google, Yahoo and Adobe you may be experiencing a twinge of anxiety over the security for your own business. You may have believed your network was invincible so this news could leave you feeling shaky. You have good reason to feel this way - according to an article in the Sydney Morning Herald the number of hackers tampering with private financial information belonging to Australian business is on the rise. Obviously using the internet and intranet for business has become a viable solution to accomplishing company objectives, but on the downside the criminal faction sees just as much opportunity.

Australia is a Frequent Target for Cyber Crime

Symantec, a data security firm reported that Australian and New Zealand businesses suffer 75% more security breaches than the global average with 89% of the companies polled in the last 12 months admitting at least one intrusion. Hackers are not necessarily going after the major companies where they can make off with large sums of money. Like any other thief, they go where the risk is low and they can get in and out of a system quickly and without detection. The fact is you don't have to be at any particular level of business profitability to be targeted. Smaller companies tend to use less comprehensive IT security making them more susceptible. In general, hackers are interested in easy money.

Google and Other Large Corporations are Not Exempt

The threat does not always revolve around banking information or sensitive intellectual property. As Google discovered in December 2009, issues such as human rights are at stake in cyber attacks. The advertising and search giant was appalled that a highly organized effort dubbed "Aurora" was being made to hack into the Gmail accounts of Chinese human right activists. They managed to infiltrate only two accounts and were not able to see the account holders' actual correspondence. The action put Google in the position where it felt it necessary to warn the Chinese human rights community of the attack and to prepare to withdraw business ties with China. Officials at Google did not directly accuse the Chinese government of being the perpetrators but they decided to review doing business with the country based its attempts to limit free speech on the internet. Google stated concern for the safety of the Chinese citizens and the potential for them to be interrogated and imprisoned.

There were at least 20 other large internet, media, finance and technology companies included in the attack: Yahoo, Adobe, Symantec, Dow Chemical and Northrop Grumman to name a few. It was accomplished through a technique called "spear phishing." This resembles an attack against 100 IT companies in July 2009 where company employees were targeted with infected email attachments.

Small and Midsize Businesses have Minimal Defense

Most businesses are totally defenseless against these sophisticated attacks. They use instant messages and emails that seem innocent at first because the senders appear to be friends and trusted colleagues. The messages are fine-tuned to evade the anti-virus programs designed for these applications. Evidently the best practices for IT security that have successfully held attackers at bay for many years are no longer sufficient. There is an innovative caliber of attacks circulating around the globe using custom malware written specifically for individual companies. The hackers don't seem to mind if it takes longer to get around the antivirus software in use by the large corporations. They continue painstakingly to tweak their malware until it is effective. Smaller companies that don't have the budget for a large scale security have not stood a chance. The hackers have the ability to commandeer only one employee's laptop and make it a gateway for total administrative access to the company's entire network.

The security firm, iSec Partners that investigated the attack on Google and ensuing corporations recommend we make fundamental changes to the way we protect our networks. They say we have simply not been prepared for the level of sophistication demonstrated by the new cyber criminals.

Hacker Stories in the Australian News

Internet news sites report the direct effects of cyber hacking on Australia. Today Online posted a news article about a hacker called "Ghostbuster" that has been targeting Melbourne businesses as a response to violence against Indians. The person behind the attacks has been sending threatening emails stating Australian servers will be hacked until racism against Indian nationals is ended. The action came in the wake of the murder of a 21-year-old Punjabi student in January 2010. Several Melbourne businesses were victimized when their entire networks were thrown into chaos.

In the technology section of The Age is a report describing the effects on government websites by hackers associated with the group "Anonymous", known for its attacks on Scientology. This is the same group that temporarily blasted pornography across Prime Minister Kevin Rudd's website. On the morning of February 10, 2010 a number of government sites were down. The attack was in opposition to the government's plans for internet censorship. Communications Minister Stephen Conroy was not happy with the fact that Australian citizens could not obtain needed services online and felt it was irresponsible on the part of the hackers.

In the Sydney Morning Herald one journalist mentions the statistics that there are now more mobile devices in the country than Australians. It is not unusual for an individual to own two or three. The rising use of wireless broadband provides accessibility and convenience for subscribers but it also expands the territory for cyber criminals. Currently there are more barriers to cyber hacking wireless devices than terrestrial networks, such as the cost of making a phone call. However with the advances in mobile device technology to the point where it can replace the need for owning a laptop computer the potential for being targeted by hackers exists. The actual devices may be secure but the Wi-Fi network, often free and faster for users in public places is a temptation for cyber criminals. You may believe you have connected to a site operated by an airport, hotel or coffee shop, but there is no way of knowing for sure who controls the IP address that now has access to everything in your computer or mobile device. It is not that difficult for hackers to present a fake website you feel you can trust that they can use to steal from your network at any time in the future.

Millions of dollars are stolen everyday from individuals and businesses that use the internet. We are warned frequently about viruses, worms and phishing scam but somehow we get caught anyway. The situation is getting worse as hackers become better adept at breaking down the unique systems designed to keep them out. If you are still experiencing discomfort about the vulnerability of your network it will pay off to attend to your gut feeling.

Adam Rippon is the owner of Sydney Technology Solutions, Australia's leader in managed IT solutions for small and midsize businesses.

Data Center Design Specialist Opens New Bangalore Office

International building services consultancy hurleypalmerflatt (http://www.hurleypalmerflatt.com/) continues to expand across the globe with the opening of its new Bangalore office. hurleypalmerflatt's seventh base outside of the UK will be led by Regional Director Rod Buchanan and will support the company's drive for new business in India.

For a number of years low carbon building expert hurleypalmerflatt has provided its clients in India with a wide range of specialist building engineering services. The new office in Bangalore will further strengthen the firm's presence in the region.

David Young, CEO of the data center design specialist, stated: "India's economy is booming and we're seeing a strong demand for British-trained engineering specialists to support growth across the continent. We have a strong track record in exporting talent overseas to work alongside home-grown talent and, with our new Bangalore office, hurleypalmerflatt is well positioned to benefit from opportunities in the region."

Learn more about the services offered hurleypalmerflatt at http://www.hurleypalmerflatt.com/services

View the original article here

No More Hacking

In theory at least, the Wild West days of the Internet are over. Based upon the inventions articulated in his five-patent suite, inventor, Harry Emerson III, has mapped out a union between our secure and venerable telephone system - AKA POTS (Plain Old Telephone Service) - and the hyper-evolving, media-rich Internet which is so famously not one bit secure. As it evolves, he believes this next generation telecommunications system, dubbed IronPipe(TM), will have huge implications for national security as well as tremendous new revenue opportunities for the carriers and supply chains which serve them. Conceived in response to what he views as the seriously flawed paradigm which is currently developing as telecommunications migrate to the Internet, Mr. Emerson says he designed IronPipe(TM) to offer an alternative with a high degree of security. The Internet has produced something akin to a gold rush experience for those mining its resources and developing its vast potentialities, he said. But, in the midst of this frenzy, he has observed that fundamental requirements of privacy, secrecy, and security are seldom openly discussed when it comes to Internet-based phone services known as "Voice over Internet Protocol (VoIP) systems such as SKYPE, which are rapidly being developed.

These are serious issues, he maintains, and they need to be fully considered by users such as corporations, telecommunications carriers, VoIP carriers, law enforcement agencies, and federal and state governments, as well as by the millions of Internet using individuals who are concerned with their own personal privacy. According to Mr. Emerson our current state of vulnerability came about because we have turned a blind eye to these issues of privacy, secrecy and security, combined with the scramble for profit, and an unregulated environment for VoIP. "The Internet is a lawless frontier where nothing is safe and secure and reliability is always one step away from calamity," he says. "As things stand today, VoIP does little to protect the interests of the aforementioned entities, not to mention protecting the security of the United States. We are suffering untold numbers of hacker attacks DAILY, with systems broken into and identities stolen. Not too long ago the entire worldwide DNS system (Domain Name System) was brought to its knees by hackers," he said. In his opinion, if the technology continues to develop in its current direction, no one will be able to guarantee that communications cannot be intercepted and monitored. In addition, if we examine our current circumstances, a lot of the excitement generating the rush to VoIP is based upon an illusion, the appearance that we are being offered new and sophisticated technologies. In fact, existing VoIP offerings are simply discounted POTS services, he says, with no value-added features, only lower cost caused by fierce price pressure from cable TV and other low-overhead vendors. The result is the continued downward spiral on price that has plagued the telecommunications industry for 30 years. IronPipe(TM) is a re-thinking of 21st century telecommunications architecture, which will return a sense of safety to our society as a whole, reinvigorating our economy from the inside out. If his vision is implemented, Mr. Emerson says we won't have to put up with either the fear of intrusion, or the huge financial burden of protecting ourselves from the ever-increasing army of those with malicious intent. According to him, we now have a choice.

The challenge is that VoIP companies such as Skype, Vonage and the various Cable carriers which have migrated to the Internet did so not only to provide cheaper communications, but to avoid regulatory scrutiny. "If you don't have to deal with the regulations it tends to make things cheaper," he said. "But these profits come at a price." "The integrity of the communications system has been compromised because of short term thinking primarily geared towards reducing costs." In its simplest terms, IronPipe will enable us to make web 2.0 Internet-style media rich calls utilizing the existing private, protected, secure, Public Switched Telephone Network (PSTN), and its unseen private data network - known as SS7, which connects all the main switches around the world. While VoIP uses the Internet exclusively and thus can be, and regularly is, compromised, if we establish Internet calls through these telephone company switches there will be no access from the outside. We can create rich media visual telephone calls on broadband Internet connections, using wireline or wireless touch-screen phones such as the iPhone, simply by dialing a phone number, and still enjoy the privacy, security and reliability of traditional telephone calls. In short, Mr. Emerson says that his technology seamlessly merges the best of the Internet with the best of the telephone network. Considering the cost to government, industry and society at large to protect against intrusion and to remediate the damage caused by intrusion, IronPipe could be well worth looking into.

About Harry Emerson - Emerson Development LLC:

Harry Emerson is an expert in computers, voice and data communications, and the Internet. His career history includes 25 years in various sales, management, and strategic capacities at AT&T and the design and management of large-scale, multi-million dollar enterprise applications and data systems including the consolidation of 40 data networks into a single corporate-wide network, and an application for 5,000 sales representatives to access 120 million customer records. He has numerous patents issued and pending against a variety of technologies including FM radio, Internet streaming, PC software, and telecommunications. His background in switching systems and data networking, along with concepts he developed in corporate architecture and strategy positions, ultimately led to the development of a patent portfolio that defines the next generation of telecommunications, featuring secure, rich MultiMedia capabilities. Mr. Emerson co-founded GEODE Electronics to commercialize a series of patented enhancements to commercial FM radio. Subsequently, Mr. Emerson co-founded SurferNETWORK, an Internet streaming media business. He is a member of the NJTC Telecommunications/Media Industry Network Advisory board and the founder of Emerson Development LLC and the Inventor of the IronPipe system to create a secure Internet.

Jacqueline Herships is a publicist, journalist and communications strategist working to build public understanding of key environmental and security issues of the time.

Your Money and Your Life - Gone in Sixty Seconds Flat!

Cybercrime is on the rise. Your Money and Your Life: Gone in Sixty Seconds Flat! "How?", you ask. OK, let me elaborate on a few of the many ways cybercriminals steal your money, and, literally, your life and they can do so in seconds, not minutes, or hours.


You may not be the only one using your computer. Cybercriminals known as hackers may be using your computers and you may not even know it. Would you ever know if your computer were taken over and being used by a hacker? Not likely. When a hacker hijacks a computer, the victim rarely knows. A computer that has been hijacked is one that is completely taken over by a hacker, or a group of hackers, to be used for their own purposes. The idea is that the real owner of the computer never knows their system has been hijacked, so the hackers can secretly use it whenever and however they want.


Personal information is now so readily available that a total stranger with nothing more than an online connection and a credit card could discover everything there is to know about you. He or she could compile a complete dossier on you, your family members, friends, work associates, or business rivals without any special investigative training.


Fears about identity theft are not limited to spyware or to records stolen from corporate databases. As it turns out, the neighbor next door can be just as big a concern. "Definitely, using the Internet to spy on average citizens is our next big social problem," said Avivah Litan, security analyst for identity-theft issues at the research firm Gartner.


One of the latest hacking trends is called "Drive-by Hacking". Popular wireless Internet access points have now become a major target for hackers. Hackers simply take their laptop computers in their cars and drive through business parks or residential neighborhoods remotely scanning for open wireless networks. This is the latest version of the drive-by garage door remote theft where criminal would use universal remote controls to open garage doors without arousing the suspicions of neighbors, police, or home security companies.



The new trend recently discovered: online hazards in hotels. Authorities are becoming alarmed at the number of traveler-victims who have reported that their personal or financial information was stolen after they had used a computer in a hotel's business center. It seems like the criminal use keylogging software to record the victim's key strokes. See related Story: ABC News Video: Online Hazards in Hotels.

With cybercriminals always on the move and coming up with new and creative moves to steal people's money, it would be wise to educate ourselves about the attacks, risks, and threats they perpetrate. Learn all you can, and then take evasive and preventative action. Get the strongest protection you can get that is best suited to your needs. The best defenses are a combination of education and managed protection service. Off-the-shelve individual or combined anti-spyware, antivirus, and anti-spam software programs may not be sufficient protection, because hackers seem to stay one step of these programs. The popular off-the-shelf products offer you no personalized support. If you want help, you'll pay for it over and over again! If you need a virus removed with these cheap programs, you'll pay for it. You may get technical support from your PC manufacturer for security problems, but in most cases, you probably will not. Even if you do, it will likely be for a fee, and one that repeats itself should you need additional help down the road.

To protect yourself, you need an Internet security team of experts making sure that you, your family, and your business computer are always safe and secure. The best protection you can have in today's rapidly changing world of cyber-attacks is to have expert support for all your Internet security needs that will provide technical support without any hassles and without charging you extra fees. It will become even more critical than it is today as time goes on. You need to find your own personal team of experts to rely on. If you ever have a security problem, you will want to have a trusted expert you can call for professional help, without any hassles and extra costs!

Remember: When you say "No!" to hackers and spyware, everyone wins! When you don't, we all lose!

� MMVII, Etienne A. Gibbs, MSW, Internet Safety Advocate and Educator

Etienne A. Gibbs, Internet Security Advocate and Educator, consults with individuals, small business owners, and home-business entrepreneurs regarding online protection against spyware, viruses, malware, hackers, and other pc-disabling cybercrimes. For more information, visit http://www.SayNotoHackersandSpyware.com/.

IP Changer For Enhanced Online Shopping Security

By using an IP Changer you can make your online shopping more secure. Online shopping has grown rapidly and is finally being accepted as a major retail channel for all kinds of products. It is a multibillion dollar industry and growing so fast that it may not be too long before it becomes a measure means of day to day shopping. The concerns about secure transactions and safety of personal information that consumers need to provide have gradually been alleviated with secure sites and 128 bit or higher data encryption and transfer. Although rapid strides have been made in online shopping security there remained areas of vulnerability that have been plugged by a new technique using IP Changer.

As the security of online transactions increased so did online shopping. The important benefits from online shopping are convenience of 24/7 shopping from home avoiding traffic and crowds. You can easily comparison shop for quality and price rapidly and efficiently. You can save money from online coupons and specials and have merchandise delivered to you at times with free shipping. To top it off you save money on gas because you don't have to drive anywhere to shop.

Nevertheless, there are still strong reasons to be cautious because of scary identity theft in the form of your credit card, bank account, or social security numbers. Once stolen they can be used to create a financial, personal or medical catastrophes for you. Financial catastrophe by charging to your credit cards or taking new cards in your name or charging loans on bank accounts opened in your name or taking money out from your bank accounts. Personal catastrophe by using your social security number to take a driver's license and committing crimes under your identity. Medical catastrophe by using your social security number and as your imposter when getting medical attention at a doctor's office or a hospital. This can be extremely dangerous if the medical records get contaminated and next time you have a medical emergency you may be given medical treatment such as blood transfusion based on the imposter's medical records and history, thus endangering your life.

It is therefore very important that when you shop online and give your vital personal and financial information you take all the precautions to safeguard this information. Some of the precautions consumers can take are:

1. Use unique passwords

2. Use passwords that have 8 or more numbers, letters (both upper and lower case) and punctuation marks.

3. Make sure the e-commerce site is set up for encrypted secure transactions with SSL (secure socket level) certification.

4. Do not give out personal and financial information such as birth date, social security number, bank and credit card account numbers, security codes such as mother's maiden name over the phone or by e-mail or fax. Only provide minimal information required to complete the transaction over a secure internet connection.

5. Check out the e-commerce store's history and customer feedback and even check out online for any red flags against it including its standing with better business bureau.

6. Make sure the site has clear terms of agreement, security policies, warranties and return and refund policies clearly defined.

7. Be extra careful when shopping online from overseas companies.

8. Make sure your internet security software with antivirus, fire wall, anti-spy ware, anti phishing and anti mal ware features are updated and functioning properly.

Even with all these security features and precautions it should be noted however, that it is not fool proof especially when shopping online from public places such as hotels, libraries, airports or coffee shops over unsecured networks such as the wi fi networks. It is because there are many tech savvy cyber criminals that can find ways to penetrate your computer and network security (especially wireless networks) if they can get hold of IP Address of the computer you are using to shop online. IP address is a six digit number that is a unique identity tag for your computer provided by your internet service provider (ISP).

This is where new IP Changer software has come to the rescue. This software can route your internet connection through multiple serves called proxy servers located at a variety of locations with their own unique IP addresses. The IP changer software can rapidly Change IP with these proxy servers and at any given time present only a single IP address other than the IP address of your computer, thus hiding your actual IP address in the process. Simultaneously, all the data is transmitted in secure encrypted form. As a result you can transact online shopping anonymously and securely even over unsecured wi fi networks from home or public places.

Having been privy to very valuable insight into security concerns about online shopping immediately visit http://www.change-ip-proxy.com for more detailed information about IP Change and IP Changer.

Dark Elements of the Web

There's no doubt how much of our lives now depend on your computers. We use these machines to communicate with our friends, learn more about our assigned topic for schoolwork, create beautiful graphics, create office reports and many other things which may just not have happened if not for this technology called the Internet.

Indeed, we can almost live in it because it practically has most of the things we need. However, Internet experts who don't have very good intentions just may abuse this convenience that we're enjoying. For example, its very convenient for us to buy something just by going to a certain website, picking some options and typing our credit card information. The problem is, the comfort we enjoy in taking advantage of this technology is the same comfort cyber criminals are so happy about because it makes them able to launch their cyber attacks quite easily. These attacks are, of course, going to undermine our computer's Internet security and if we don't want to expose ourselves to Internet threats, we need to understand what they are and, just as importantly, the people who are behind them.

Of course, by definition, an Internet security risk is anything that compromises the safety or condition of your computer and everything in it by way of the Internet. Damage may include anything within your data, your software, hardware and even processing incompatibilities. There are many types of people who could bring us many different types of risks as well, but these cyber criminals known as either hackers, crackers, cyberextortionists, cyberterrorists, unethical employees, script kiddies or corporate spies.

It's interesting to know that hackers were once viewed as good although it's undeniable that these days, the term has many negative connotations. A hacker is technically a aperson who breaks into a computer network's security walls and tries look into the leaks or the holes of the system. Originally, hackers did this to find out what made these systems weak and what could be done to make them stronger. These days, however, the term has been used to point to somebody who hacks for selfish purposes. For example, these days, people hack other people's computers to get their victims' personal information such as credit card usernames and passwords and use this information for illegal acts. On the other hand, the word cracker has retained its positive value and is always considered to be a good force in any network setting.

A cyberterrorist is someone who uses the Internet to launch an attack against another person's computer and usually for political reasons. Cyber attacks are pretty much like traditional terrorism wherein the people who are actually involved in the crime are highly skilled and trained. Meanwhile, an unethical employee would be someone who works in a company and uses the company's information or files to attack that company's management. A script kiddie is someone who tries to hack but has mediocre skills, that's why his tricks don't always work. A corporate spy is someone who is assigned to spy or pry into a specific network in order to steal information in an act called corporate espionage. Companies do this in order to take a step ahead of their competitors in the business.

However, as far as you're concerned, these cyber threats are all nothing when they don't see how or where to find your computer so they can embed a really nasty code in there. These threats are nothing because when you use an IP hider, you don't run around the web exposed. You're alway protected by a fake IP supplied by the software, thus, nobody can even find you, let alone damage your computer or steal your information.

Cloud Security Alliance Working Toward Cloud-Specific Certifications

The Cloud Security Alliance (CSA) is working with other key players in cloud security and auditing to determine which organizations should provide the certification, as well as what such a certification should include. Certification is likely to be managed by multiple bodies.

[The CSA�s] research identifies the vulnerabilities that threaten to hinder cloud service offerings from reaching their full potential. For example, companies must be aware of �abuse and nefarious use of cloud computing,� which includes exploits such as the Zeus botnet and InfoStealing trojan horses, malicious software that has proven especially effective in compromising sensitive private resources in cloud environments. However, not all of the threats in this category are rooted in malicious intent. As the social Web evolves, more sites are relying on application programming interfaces (APIs), a set of operations that enable interaction between software programs, to present data from disparate sources. Sites that rely on multiple APIs often suffer from the �weakest link security� in which one insecure API can adversely affect a larger set of participants. Together, these threats comprise a combination of existing vulnerabilities that are magnified in severity in cloud environments as well as new, cloud-specific techniques that put data and systems at risk. Additional threats outlined in the research include:

� Malicious Insiders
� Shared Technology Vulnerabilities
� Data Loss/Leakage
� Account/Service and Traffic Hijacking

Source: http://www.hp.com/hpinfo/newsroom/press/2010/100301b.html

The entire cloud model of computing as a utility and its dynamic characteristics makes this a whole new ballgame for certification. Jim Reavis, CSA�s Co-founder and Executive Director, quoted in Dark Reading, says, �[Cloud computing] brings everything into question: where the machines are, what is the nature of data. If data is encrypted on the public cloud providers� [systems] and the key held by a separate cloud [provider]�is that even data? There�s some rethinking we need to do.�

In the same article, Bret Hartman, chief technology officer at the RSA, states that an enterprise�s own security controls and their cloud security provider�s controls must go hand in hand as well. �It�s complicated with cloud computing because there are multiple parties involved,� Hartman says. �I think it�s time for us to think about what a cloud certification would be ... and there would be different levels of certification required,� Hartman says. �It would be different than SAS 70.�

Source of Information : Implementing and Developing Cloud Computing Applications 2011

SysTrust Certification

SysTrust certification was developed jointly by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA).

A SysTrust engagement is performed by a licensed CPA to evaluate a system�s reliability as measured against the SysTrust principles and criteria. The CPA performs tests to determine whether the system was available for operation and use at times set forth in service level statements or agreements. If the system meets the requirements of the Trust Services Principles and Criteria, an unqualified attestation report is issued.

Source: https://www-935.ibm.com/services/us/index.wss/summary/iss/a1029093

Trust Services are defined as:

A set of professional assurance and advisory services based on a common framework (i.e., a core set of principles and criteria) to address the risks and opportunities of IT.9

The objective in developing Trust Services was to establish a core set of principles and related criteria for key areas related to IT, e-commerce, ebusiness, and systems, all of which form the measurement basis for the delivery of the related service(s).

The SysTrust seal indicates that this core set of principles have been examined by an independent auditing firm in conformity with the rigorous AICPA and CICA Trust Services Principles & Criteria. The certification attests that:

� The system was available for operation and use at times set forth in service-level statements or agreements

� The system was protected against unauthorized physical and logical access

� Information designated as confidential was protected as committed or agreed

Source: https://www-935.ibm.com/services/us/index.wss/summary/iss/a1029093

Source of Information : Implementing and Developing Cloud Computing Applications 2011

SAS 70 and Cloud Computing

Increasingly, vendors point to SAS 70 and ISO 27001 certifications as evidence of their security credentials.

Vendor Security Credentials
� Google
�Asked to flash its cloud security credentials at an industry forum, Google pointed to its SAS 70 certification, giving more support to that set of standards as a measure of how well cloud providers lock down customer data. �We need to prove we are secure,� says Rajen Sheth, the product manager at Google who came up with Google Apps, speaking at a panel on cloud services at the Enterprise 2.0 conference in Boston.*�

� Microsoft
Microsoft announced that it recently gained SAS 70 Type I and Type II attestations and ISO/IEC 27001:2005 certification.

� Amazon
Amazon Web Services (AWS) has successfully completed SAS 70 Type II Audit from independent auditors, and has stated that it will continue to obtain the appropriate security certifications and accreditations to demonstrate the security of our infrastructure and services. An overview of Security Processes applicable to Amazon Web Services is available at http://awsmedia.s3.amazonaws.com/pdf/AWS_Security_Whitepaper.pdf.

� Rackspace
Rackspace has achieved ISO/IEC 27001, ISO 17799, SAS 70 Type II audit process, Microsoft Gold Partner, Gartner Leader, Dell Partner, and Cisco Powered Network Certification.

� Salesforce.com and Force.com
Salesforce.com and Force.com are SAS 70 Type 2, SysTrust, and ISO 27001 compliant.

� ServePath
In addition to SAS 70 and ISO 27001 certifications, Serve-Path has a particularly rigorous service level agreement (SLA), which they call 10,000% Guaranteed�. It states:

For every minute ServePath fails to deliver, we will provide you with 100 minutes of service credit.

� The SLA covers the following elements of service:
� Network performance
� Hardware replacement (within 60 minutes)
� Support response time (30 minutes for server down, packet loss, or routing issues)
� Domain name services
� Power availability and performance
� Cooling and environment
� Server power cycling
� Physical security
� 24 x 365 onsite engineering

However, no credit will exceed one hundred percent (100%) of Customer�s fees for the service feature in question for the then-current billing month. Details of the SLA are available at http://servpath.com/pdfs/ServePathSLA.pdf

� Unisys
The Unisys Secure Cloud Solution allows balancing workloads across a global network of Unisys data centers, which are certified to key international standards such as ISO/IEC 27001:2005 for security, ISO/IEC 20000 for service management and the SAS 70 Type II auditing standard.

� Verizon
Verizon announced that it had successfully completed the first annual SAS 70 Type II examination of controls for its cloud computing data centers.

� IBM
IBM offers customers Security Assessment services. Of course, its own cloud offerings are fully compliant.

Source of Information : Implementing and Developing Cloud Computing Applications 2011

SAS 70 (Statement on Auditing Standards No. 70): Service Organizations

The Statement on Auditing Standards No. 70, commonly known as SAS 70, is an auditing statement put forth by the Auditing Standards Board as designated by the American Institute of Certified Public Accountants (AICPA). Over the years, more than 110 �SAS� have been issued, ranging on a number of critical subjects for auditing matters.

Source: http://www.sas70.us.com/what-is/history-and-overview.php

SAS 70 is part of the AU Section 324 Codification of Auditing Standards, which is used to report on controls placed in operation and the testing of the operating effectiveness of those controls. Put simply, it�s a widely used compliance audit for assessing the internal control framework on service organizations that provide critical outsourcing activities for other entities. Introduced in 1992, SAS 70 audits were used in the early and mid-1990s. They still are used for very traditional standards, such as evaluating a service organization�s services if those services are part of the user organization�s information system:

For example, if the ABC company used the XYZ company, which is a service organization, to perform and conduct transactions and procedures that are considered significant to the ABC company�s �information system� or business environment, then the XYZ service organization would need to be SAS 70 compliant.

Source: http://www.sas70.us.com/what-is/history-and-overview.php

Think of it as an audit that examines and tests the characteristics of internal controls for service organizations. Service organizations are the entities that undergo the SAS 70 audit. Who requires the audit to be done and why? Generally speaking, compliance legislation in recent years has revolved around corporate governance and the ability to have a strong mechanism of internal controls within organizations. Laws such as The Sarbanes-Oxley Act of 2002 (SOX), the Health Insurance Accountability and Portability Act (HIPAA), and the Gramm-Leach-Bliley Act (GLBA), have emphasized themes such as governance, privacy, security, confidentiality, and segregation of duties.

Source of Information : Implementing and Developing Cloud Computing Applications 2011

ISO 27001

ISO 27001 is an Information Security Management System (ISMS) standard published in October 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its full name is ISO/IEC 27001:2005 � Information technology -- Security techniques -- Information security management systems -- Requirements but it is commonly known as �ISO 27001�. Compliance with ISO 27001 requires that management:

� Systematically examine the organization�s information security risks, taking account of the threats, vulnerabilities and impacts;


� Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and

� Adopt an overarching management process to ensure that the information security controls continue to meet the organization�s information security needs on an ongoing basis.

Source: http://en.wikipedia.org/wiki/ISO/IEC_27001

ISO/IEC 27001 provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system (ISMS). The design and implementation of an ISMS is influenced by the organization�s needs and objectives, security requirements, processes, size, and structure.

An ISMS may be certified compliant with ISO/IEC 27001 by a number of accredited registrars worldwide, also called an Accredited Certification Body (CB). Certification against any of the recognized national variants of ISO/IEC 27001 (e.g., JIS Q 27001, the Japanese version) by an accredited certification body is functionally equivalent to certification against ISO/IEC 27001 itself. In the United States, accreditation is managed bu ANSI-ASQ National Accreditation Board.


The ISO/IEC 27001 certification, like other ISO management system certifications, usually involves a three-stage audit process:

� Stage 1 is a preliminary, informal review of the ISMS, for example, checking the existence and completeness of key documentation such as the organization�s information security policy, Statement of Applicability (SoA), and Risk Treatment Plan(RTP). This stage serves to familiarize the auditors with the organization and vice versa.

� Stage 2 is a more detailed and formal compliance audit, independently testing the ISMS against the requirements specified in ISO/IEC 27001. The auditors will seek evidence to confirm that the management system has been properly designed and implemented, and is in fact in operation (for example by confirming that a security committee or similar management body meets regularly to oversee the ISMS). Certification audits are usually conducted by ISO/IEC 27001 Lead Auditors. Passing this stage results in the ISMS being certified compliant with ISO/IEC 27001.

� Stage 3 involves follow-up reviews or audits to confirm that the organization remains in compliance with the standard. Certification maintenance requires periodic re-assessment audits to confirm that the ISMS continues to operate as specified and intended. These should happen at least annually but (by agreement with management) are often conducted more frequently, particularly while the ISMS is still maturing.

Source: http://en.wikipedia.org/wiki/ISO/IEC_27001

Source of Information : Implementing and Developing Cloud Computing Applications 2011

Recent VM Acquisitions

VMware has made several other acquisitions in 2010:

� Zimbra, a hosted e-mail service, acquired from Yahoo. The New York Times called it �the icing on the PaaS.�

� Parts of EMC�s Ionix IT management business, including solutions aimed at delivering improved management and deployment of servers and applications in a virtualized data center. This deal gives VMware some tools to measure and automate the provisioning and management of virtualized machines. Since a platform can have hundreds of thousands of VMs, automation is essential. VMware is acquiring from EMC, its parent, all technology and intellectual property of FastScale, Application Discovery Manager, Server Configuration Manager, and Service Manager and will maintain engineering, marketing, sales, and support operations in the United States, Europe, Israel, India, and Australia. (As part of the agreement, EMC will retain the Ionix brand and have full reseller rights to continue to offer customers the products acquired by VMware.) VMware says that this �new capability will provide a holistic view of configuration compliance of complete IT services from underlying physical assets to applications. VMware plans to further optimize the acquired products for dynamic, VMware vSphere-based cloud infrastructure, to deliver unparalleled visibility, control and simplicity of enterprise IT management.�

� Rabbit MQ, an open-source messaging protocol acquired by VMware�s SpringSource subsidiary. This acquisition �enables VMware to provide a messaging platform that is flexible enough to live on company servers, a platform or a private or public cloud computing environments� according to The New York Times. RabbitMQ is a successful and well-regarded technology that forms the backbone for many cloud messaging systems environments, providing a multi-protocol, completely open, portable messaging system. The code was created by Open Source vendors Cohesive FT16 and LShift based on the relatively young AMQP open standard for messaging middleware, an industry effort backed by major banks, Cisco, and a handful of smaller companies. As hardware is virtualized, translating some of the network equipment like load balancers into software allows services running on the virtualized hardware to better scale.

� Gemstone, which �provides a distributed data caching technology to help analyze and crunch data across a number of servers or in the cloud��something VMware can use to make sure its PaaS can handle data without bogging down� according to The New York Times.

� EngineYard? Maybe. As we go to press, EngineYard was also in talks to be acquired by VMware. EngineYard already works closely with VMware, because VMware provides its underlying software and is a strategic investor in Terremark, which hosts EngineYard�s enterprise-class PaaS.

Source of Information : Implementing and Developing Cloud Computing Applications 2011

Operating Systems Functionality

Proprietary systems vendors were, for a long time, considerably ahead of open systems in the level of functionality offered by their operating systems, especially in areas like the number of processors supported in SMP versions, robustness, availability, systems administration, and so forth. But over time, UNIX systems have caught up, and offer SMP, cluster support, and constantly-improving robustness and availability. This maturation of UNIX has thus significantly reduced any functionality advantage proprietary systems may now offer over UNIX (although that very process of maturation has drastically reduced the number of extant UNIX variants). In terms of functionality, we should see the same process happening between UNIX and Windows, as Windows gathers experience.

(There areonline masters degree programs in technology that can be helpbusinesses utilize the newest systems.)

There are five useful technical areas in which one may compare operating systems. We list them here, and then subsequently discuss them at greater length.

� Scalability. As already noted, this is a measure of the ability of a system to match the dimensions of a problem it must handle

� RAS�Reliability, Availability, and Serviceability. These characteristics drive the total availability of the servers and thus their capacity to support the uses for which they were acquired.

� Distributed services and Internet support. Here, we mean the integration of the basic elements that allow operation in a distributed system (these services are, properly speaking, middleware and do not form part of the operating system). Supporting basic Internet capabilities and supporting PC clients fall into this category.

� System management. By this we mean the complete collection of facilities� mainly software�that facilitate the management of the system. One may observe these facilities evolving towards some quasiautonomous decision-taking capabilities (so that the software can react without further human input), which should lead to lower cost of ownership.

� Capacity to simultaneously support various isolated workloads. Since a server is an expensive investment, systems managers are pushed into making each server support many different independent workloads simultaneously. The process of server consolidation, which is the act of reducing the number of (generally distributed) servers deployed in an enterprise to a smaller number of (probably co-located) servers, requires this capability. The management of several workloads according to a given policy (for instance, priority given to certain applications regarding the allocation of resources) is also called workload management. A system�s capability to be partitioned into several independent system to support, in complete isolation, different workloads is another approach to server consolidation. Dynamic partitioning capability (i.e., without stopping the complete system) is a key feature.

Source of Information : Elsevier Server Architectures 2005

Operating System Options and Installation Methods

An OS is installed on the computers' hard disk, inside an area called hard disk partition. There are several ways for installing a new operating system. The installation method is based on the system hardware and end-user requirements. Generally, you have four basic options for the installation of a new operating system:

Clean Installation

We can perform a clean installation on a new computer or in those cases where there is no upgrade path between the current operating system and the new one. This type of installation deletes all data on the hard disks partition where the current operating system is installed. A new PC requires, of course a clean installation. You can also do a clean install when the current operating system installation has corrupted files or does not work properly.

Upgrade Installation

Sometimes, it is also possible to perform an upgrade. When you perform an upgrade, OS configuration settings, installed programs and data are preserved. With this installation you have nothing to worry about, because you will not lose any personal data. You will just replace the old operating system files with the new, upgraded files. However, keep in mind that after the upgrade the applications and drivers that are incompatible with the new OS will not work as expected.

Multi-boot Installation

Another option is to install multiple operating systems on a single computer. You can install each OS inside a different disk partition and this way every OS will have its own files and configuration settings. On multi-boot installations, the users see a menu when they open their computers and they have to select the desired OS. Of course, only one operating system can run at a time.

Virtualization

This is relative new technique that is often used on servers. With virtualization we can run numerous copies of an operating system on a single set of hardware and create this way several virtual machines. Every single virtual machine works like a separate computer. This technology makes a single physical hardware resource to appear like multiple logical resources.

Before starting any operating system installation you have to make sure that all the hardware is certified to work with the new operating system. Also confirm that the hardware resources meet the minimum installation requirements. Moreover, when you perform an upgrade it is a very good practice to perform a virus scan before starting the installation and a complete full backup of all your personal data.

One method that helps you protect your data is this: Create multiple partitions on the hard disk and install a different OS on each partition. Then copy all your data inside an empty partition that does not contain an OS. This way you can upgrade the operating system without the risk of losing any data. Backup and recovery of data files is also easier with this design.

It is also important to decide the type of file system to use. The file system controls how the OS stores and tracks the files. There are several different file systems available. The most well-known are: FAT 32, NTFS, HPFS, ext2 and ext3. Every operating system is designed to use one or more of these file systems. There are advantages and disadvantages on every file system. Careful consideration should be made to the type of file systems supported by the selected OS and the benefits of each.

You can find several programs to modify the partitioning structure and file system of a hard drive after installation, but it is better to avoid them if possible. When modifying either the file system or partition structure on a hard drive, data loss may result. Careful planning can help preserve the integrity of the data.

Operating System Market Share

The quantitative future estimates from analysts, which we use as the basis for our discussions, must of course�as with any predictions�be taken carefully. Our main goal is to use them to extract and illustrate significant market trends. To start with, consider Figure 3.6, from Gartner Group data from November 2003 and showing server market trends sorted by the operating system provided with the servers.

The strong increase in sales for Linux and Windows is obvious. It is likely that Windows�s growth will be mostly in the midrange, as the high end is the hunting ground for proprietary systems and UNIX. Netware is expected to undergo a noticeable reduction in market.

Linux�s market share is expected to grow noticeably. This OS seems to have a promising future in the domain of dedicated servers (that is, servers which support a single application).

Among the proprietary versions of UNIX, we see that AIX�s share is expected to grow while those of HP-UX and of Solaris are expected to stay stable at best. For HP-UX, the seamless transition offered to customers between HP�s PA architecture and IA-64 is a factor in reducing the erosion of HP-UX�s market share. Since HP has not announced any intention to give access to HP-UX outside OEM agreements, its market share will be strictly limited to systems developed by HP.

For Solaris, we should note that Sun has an IA-32 port. The battle between the different UNIX vendors will be interesting to watch, not least because it looks as though the players will be fighting over a shrinking field as they lose share to Linux and Windows Server 2003.

This shrink in market share is an effect of the competition that Windows and Linux are offering to UNIX systems in the low-end and midrange. The introduction of systems based on IA-64 (Itanium) is likely to relaunch the sales of UNIX on Intel platforms, in particular in midrange and high-end systems. And we should note that the various UNIX variants have had time and experience enough to reach a level of maturity and reliability that allows them to attack enterprise-critical systems, previously the domain of proprietary mainframe systems.

Windows looks set to dominate the market at the lower-cost domain, with its success in the higher end only coming with maturity. The process of maturing is, of course, much aided by the installation of a very large number of Windows systems�provided its vendor can provide the needed support and maintenance, since this exposes the system to a wide range of different situations.

Our thoughts must also encompass the �free software� phenomenon, as evidenced by Linux. Linux has the advantage of being essentially free at the point of acquisition; any problems it might have, compared to UNIX versions sold by the major manufacturers or by major software publishers will be in the level of support available. This risk is being mitigated however, as the same major manufacturers now include Linux in their catalogs and offer support and services for Linux as they do for their own systems. Independent software houses are also offering Linux support and services.

As we have emphasized before, a key element in choice of an operation system is the richness of the applications catalog associated with it. While the talk is encouraging, it remains to be seen just what the actual long term commitment of software vendors to Linux will be. While such vendors are most likely to be interested in the much larger marketplace offered them by Linux platforms, they are not likely to offer their applications in source form to the community.

For certain embedded and specialized systems, Linux has an undeniable attraction. Because such systems rarely are expected to run any extant application, but to execute some well-defined, application-specific applications, the richness of the application catalog is irrelevant. Qualifying such a system is eased by its natural closed character. The applications for such embedded systems may, themselves, be members of the world of free software� for example, the Apache web server, and the SAMBA PC file sharing package.


Market Evolution
As is often seen in the data-processing industry, a balancing effect had moved us from the centralized approach�terminals connected to mainframes� to a distributed approach, embodying minicomputers and of PCs. Unfortunately, the distributed approach, while providing more flexibility tended to give rise to inconsistencies in the company�s data and was hard to administer effectively. Now the world is swinging back towards a more centralized approach (at least as far as the management of data is concerned). �Upsizing� (or �server consolidation�) has the effect of increasing the average size of a server and concentrating a number of independent servers into a single server, whether it be a single large machine or a cluster.


Economic Considerations in the UNIX World
As in other areas, it is difficult for a systems vendor to bear the cost of development and maintenance for server-class UNIX systems if sales are weak. This leads to consolidations, concentrating the industry around ever-fewer UNIX versions. As the few remaining versions of UNIX differ, their uniqueness gives the UNIX market much of the flavor of the traditional proprietary market for high-end systems. And this, quite likely, will benefit Linux, which is not restricted at all in this manner.

Classes with accredited onlinecolleges are an option, to more effectively deal with businessevolution.

Source of Information : Elsevier Server Architectures 2005

64-Bit Architecture

The increase in size of both the data objects being operated on and physical memory and the need to hide disk and network access times by placing ever more information in the memory-based disk or network cache lead to severe pressure on the addressing ability of 32-bit processors and operating systems, which saturates at 4 GB. Some RISC processors�Alpha and PA from HP, SGI�s, MIPS, IBM�s Power, and Sun�s SPARC) support a much larger address space of 64-bits. Alpha was designed to be 64-bits right from its inception, while the others all began as 32-bit architectures and were extended later in life to 64-bits. In practice, Intel�s IA-32 architecture is limited to 32-bit addressing, although AMD has proposed a backwards-compatible extension to 64-bits. (It should be noted that, as defined, the IA-32 architecture allows addressing much more than 32-bits, but structured as 16,384 segments each of up to 4GB, but that no operating systems exist which make use of this feature). Intel�s new architecture, IA-64, is another architecture designed from inception to support 64-bit addressing. The first systems based on this architecture appeared on the market in the second half of 2001 with the Itanium processor (which had been codenamed Merced). The implementation of Itanium suffered so many delays and problems that many industry observers are of the opinion that the first commercially-attractive IA-64 implementation is Itanium�s follow-on, Itanium 2 (code-named McKinley). Systems based on, Itanium 2 appeared in the market in the second half of 2002.

Applications that can make good use of the vast address space offered by 64-bit addressing are primarily databases (particularly for decision support), with scientific applications and CAD programs also able to benefit. The advantages brought by a 64-bit architecture can be summarized as follow:

� The ability to address, per process and in virtual memory, a collection of objects representing more than 4 GB. This removes the need to manage the memory hierarchy explicitly within the application, and simplifies the ability to take advantage of the continuing increases in main memory size.

� The ability to support directly and efficiently files or filing systems whose size is greater than two to four GB.

� The ability to operate on large files placed directly in virtual memory. With a 64-bit address space, there is sufficient room for a substantial number of very large files to be placed mapped into virtual memory, where software can directly access them with load and store instructions rather than I/O operations and with the processor�s built-in address translation hardware doing all needed address translation. And, finally, the movement of data between memory and disk is handled automatically by the demand-paged virtual memory system itself.

� The ability to manage very large physical memories�larger than 4 GB. Memories of such size are principally used as cache for disk-based data; in particular, the performance of database management software depends in large part on their management of the memory hierarchy, which explains why database software generally takes responsibility for the management of disk caches. A DBMS can normally do better than a vanilla memory hierarchy manager, since the DBMS knows a lot about the data it is manipulating (whether a datum is data or index data, for example) and can act appropriately. Simply placing large amounts of (reused) data in memory provides a performance improvement, because it removes the need for the software to perform file-tomemory address mapping and also reduces I/O traffic.

It should however be noted that some 32-bit architectures (hardware and software system) can address physical memories of more than 4 GB and support file systems of more than 4 GB.

Clearly, to make full use of a 64-bit address space one needs�in addition to an appropriate processor�the necessary software: compilers, operating systems, applications. The vendors of 64-bit RISC systems (Compaq, Digital, HP, SGI, IBM, and Sun) offer such a suite. Some initiatives intended to adapt UNIX to IA-64 have fallen by the wayside. By mid 2004, Linux and Windows were the only operating systems planned for Itanium platforms and offered to system manufacturers, although there are 64-bit versions of AIX, HP-UX (available on both PA and Itanium for HP systems), Linux, Solaris, and Windows.

In the second half of 2001, IBM, with its z900 family of mainframe systems, introduced a 64-bit extension to the S/390 architecture, which had its roots in the S/360 system of the early 60s (with a 24-bit architecture). For servers, 64-bit architecture is a necessity, not a luxury. It acts as a foundation for the systems to support the changing needs of the application space and to take advantage of the opportunities offered by technology.

Source of Information : Elsevier Server Architectures 2005