Masters of the Domains (or, any service can be monetized)

The internet relies on a service called DNS  (Wikipedia) to, among other things, translate things like "" into a IP network address like


For the last six months or so, the router on our home network has been using OpenDNS to resolve network addresses, not the default name services supplied by our ISP, Comcast.  I’ve been using OpenDNS because it blocks  access known malware sites (should one of our computers become infected).  If I ever wanted to, I could use it to block access to NSFW sites, etc.  It’s also much faster than Comcast’s DNS.


Today, Google got into the DNS for end users game, announcing the Google Public DNS.  I’ve switched the router to use Google’s public DNS servers rather than OpenDNS, just to see what’s what. So far, I don’t see any difference in speed.  Google promises a very high performance system, security, and privacy.  OpenDNS has responded to Google’s announcement. Their best arguments for their service over Google’s include the ability to configure how the DNS responds to your queries and, well, let me quote them:  "it’s not clear that Internet users really want Google to keep control over so much more of their Internet experience than they do already — from Chrome OS at the bottom of the stack to Google Search at the top, it is becoming an end-to-end infrastructure all run by Google, the largest advertising company in the world."   As someone whose personal IT infrastructure is heavily vested in Google, I always wonder how far "Do no evil" goes and who gets to define "evil".


TechCrunch has an interesting piece about this, as well.

Smartphone wars: Android, Apple, and Microsoft

In an article in the Washington Post, MG Siegler explains what’s really going on in the battle for smartphone OS dominance.


…Google knows that the Droid isn’t an iPhone killer. Instead, it’s likely the best device they have so far to kill their real competitors: Symbian and especially Windows Mobile. Repeat after me: Android is trying to kill Windows Mobile, not the iPhone.


It’s a good read. Eric Schmidt has been targeting Microsoft for a long, long time.

Rogue security, Search Engine Optimization, and some darn clever folks

1 Comment

A couple of weeks ago, Sarah Silverman was on Bill Maher’s Friday night show on HBO, where she showed her latest video. The next morning, I hopped on to Google to find it and forward it to some friends who had probably missed the show. The first 10 links on Google were sites that informed me my computer was infected by a virus, then downloaded a setup.exe file to the system to “clean” the viral infection.

Running a Linux system, I wasn’t afraid to download the files. I then submitted several to VirusTotal, a site that runs them through multiple anti-virus scanners. Only of of the samples was tagged as being “potentially” bad that Saturday morning.

Symantec has released a white paper about sites that install rogue security software, the characteristics of such software, and the methods of description. The report is well worth reading. It’s not the software I find interesting but what must be the highly automated systems that were able to mutate a trojan-dropper program to make it undetectable, determine hot search terms, and get pages up across the internet in a way that they turned up at the very top of the Google search results. Anyone with a web site struggles with Search Engine Optimization (SEO), the art and science of getting your web site noticed by search engines and returned near the top of any search that is relevant to your content. The evil doers who distribute the malware have this absolutely nailed.

The first step, I suppose, is to monitor topics of increasing interest using sites like Google Trends, Bing xRank, and TweetStats. As topics rise in trends, the next step is to enlist a web of web sites (see the Symantec white paper for more about these) and publish pages with matching terms on the page and in the keyword META construct, and then use the search engine submission APIs to push these pages into the search engines. I suspect that the sites involved appear to be blogs, because those are more frequently spidered and pushed into the result stream than sites with static content. In parallel with this, there needs to be an engine that’s mutating the malware payload of the sites to evade detection by the anti-virus systems. This requires its own ecology of mutators, base programs, and testing machines that use the anti-virus engines themselves to kill off the mutants that won’t survive in the wild. The final step is a system that tears all of this down after a day or so, as the search engines determine the sites to be malware hosts, the anti-virus systems develop antibodies for the malware, and legitimate sites begin to move up in the search engine results.

Symantec and other security providers have a number of ways for individuals, search engine providers, and system administrators to reduce the threat from such sites. Ultimately, it comes down to the message from X Files, “Trust No One”. Undermining trust and a feeling of safety is what terrorism is all about.

Why can’t the minds behind this use their powers for good instead of evil?

Virtual desktops and beyond

I’ve been following a discussion on Desktop Virtualization on LinkedIn’s CIO Forum with a mixture of confusion, deja vu, and real excitement. 

Initially, I wasn’t sure what problem was being solved.  Server virtualization is easy.  It solves several problems — too many boxes doing too little, eating too much power in too much space with operating environments tied to the hardware.

Desktop virtualization has been around for a long time, as Windows terminal services, Citrix services, and SunRay devices. The newer desktop virtualizaton technologies continue to solve the same problems in more powerful ways. The problems solved, like those of server virtualization, belong to IT management:   How do I deliver a controlled environment to the user?  How do I take the personal out of personal computer?  It’s not that I’m an evil tyrant bent on stifling the user’s creativity.  I just can’t figure out any other way of ensuring that stuff "will just work".  The end user is happier and more productive and IT really has only one "computer" to maintain, even if it’s a horribly more complex, distributed, virtualized desktop.  The central environment is safe from viruses, trojans, and nasties that might be on the personal computer, as well as conflicts from software, hardware, and missing updates.

Application virtualization is coming into its own with tools like VMWare ThinApp.  In desktop virtualization, I deliver an entire computer to you.  With application virtualization, I deliver a package to you that carries just enough of a computer to ensure that it will run.  If you want to edit a document, you don’t need all of Windows XP. You just need Word and enough of Windows for it to work.  It lives in a little bubble on whatever computing device you’re using. It’s the role of the virtualization software to translate it, whether that’s a Windows PC, a Linux PC, a Mac, an iPhone, or your TV. Like desktop virtualization, do what you want with your computer, because the application in the bubble is insulated.

Both desktop and application virtualization make the end-user’s choice of hardware and operating system irrelevant.  If there’s a client for that OS and hardware, then IT can deliver a standardized application.

And here comes Google…  Why would Google develop an operating system like Chrome?  Chrome is an operating system that’s delivered as a browser.  It seems kind of redundant to run Chrome on Windows, Mac OS/X, or Linux.  Those certainly are targets for Chrome, but Google Apps already run in Firefox, IE, and the rest on those platforms. There is another market — the instant on, I want to edit a spreadsheet and I want to do it now end user.  We’re all moving that way. If you had to wait 60-120 seconds to use your cell phone each time you "turned it on", you’d toss it away as unusable.  When we all carry something that the current netbooks want to be but aren’t, something like that little tablet computer they carried around on Star Trek TNG, we’ll expect instant on, instant connections, and a vast library of complex applications.  Phoenix has seen this coming. They’re building instant-on environments in bios.  And Google will be there with Google Apps and hundreds of cloud-based applications that either run in the cloud or on the local processor on a device that’s "just" a browser.


In Sync — email, contacts, and calendar

I’ve finally untethered my iPhone from iTunes, at least for keeping my calendar and contacts up to date.  I’m using Thunderbird to manage email, contacts, and calendar, and using Google as a back end to keep it all synchronized between the iPhone, my Linux desktop, my Windows Vista notebook, and Google Apps on the web.

This will work with any Google mail account, whether it’s or a google apps account like and will work with any phone that can synchronize directly with Microsoft Exchange.

  1. Contacts
    1. Import contacts into Thunderbird from Outlook.  The steps are here.
    2. Install the gContactSync addon for Thunderbird.
  2. Calendar.
    1. Install Lightning as an addon to Thunderbird. 
    2. Synchronize your Outlook calendar with Google using the free tool from Google.
    3. Install the Provider for Google Calendar as an addon for Thunderbird.
    4. Create a new calendar in Thunderbird following these directions.
  3. On the phone, create an Exchange account that points to your Google account and enable Calendar and Contacts.

Be sure to back up all of your address books, calendars, and phones first, just in case.