The Art of War

Sun-Tzu Wu is the reputed author of the Chinese classic Ping-fa (The Art of War), written approximately 475-221 B. C. Penned at a time when China was divided into six or seven states that often resorted to war with each other in their struggles for supremacy, it is a systematic guide to strategy and tactics for rulers and commanders. In doing business on the Internet during this time of rampant computer viruses and hacker attacks it may be wise for us to follow some of his tactical principles in order to insure the safety of ourselves and our future clients. Know your enemy and know yourself; in a hundred battles, you will never be defeated. When you are ignorant of the enemy but know yourself, your chances of winning or losing are equal. If ignorant both of your enemy and of yourself, you are sure to be defeated in every battle. In a chilling article entitled Big Brother is Watching Bob Sullivan of MSNBC recounts a tale during a recent visit to London: Only moments after stepping into the Webshack Internet cafe in London†s Soho neighborhood, â€Å"Mark† asked me what I thought of George W. Bush and Al Gore. â€Å"I wouldn†t want Bush running things,† he said. â€Å"Because he can†t run his Web site.† Then he showed me a variety of ways to hack Bush†s Web sites. That was just the beginning of a far-reaching chat during which the group nearly convinced me Big Brother is in fact here in London. â€Å"I don†t know if he can run the free world,† Mark said. â€Å"He can†t keep the Texas banking system computers secure. So-called â€Å"2600† clubs are a kind of hacker â€Å"boy scout† organization – there are local 2600 chapters all around the globe. It is in this environment, and this mindset, that London†s hackers do their work. They do not analyze computer systems and learn how to break them out of spite, or some childish need to destroy: Mark and friends see themselves as merely accumulating knowledge that could be used in self-defense if necessary. They are the citizen†s militia, the Freedom Fighters of the Information Age, trying to stay one step ahead of technology that could one day be turned against them. Jon-K Adams in his treatise entitled Hacker Ideology (aka Hacking Freedom) states that hackers have been called both techno-revolutionaries and heroes of the computer revolution. Hacking â€Å"has become a cultural icon about decentralized power.† But for all that, hackers are reluctant rebels. They prefer to fight with code than with words. And they would rather appear on the net than at a news conference. Status in the hacker world cannot be granted by the general public: it takes a hacker to know and appreciate a hacker. That's part of the hacker's revolutionary reluctance; the other part is the news media's slant toward sensationalism, such as, â€Å"A cyberspace dragnet snared fugitive hacker.† The public tends to think of hacking as synonymous with computer crime, with breaking into computers and stealing and destroying valuable data. As a result of this tabloid mentality, the hacker attempts to fade into the digital world, where he-and it is almost always he-has a place if not a! In his self-conception, the hacker is not a criminal, but rather a â€Å"person who enjoys exploring the details of programmable systems and how to stretch their capabilities.† Which means that he is not necessarily a computer geek. The hacker defines himself in terms that extend beyond the computer, as an â€Å"expert or enthusiast of any kind. One might be an astronomy hacker† (Jargon File). So in the broadest sense of his self-conception, the hacker hacks knowledge; he wants to know how things work, and the computer-the prototypical programmable system-simply offers more complexity and possibility, and thus more fascination, than most other things. >From this perspective, hacking appears to be a harmless if nerdish enthusiasm. But at the same time, this seemingly innocent enthusiasm is animated by an ideology that leads to a conflict with civil authority. The hacker is motivated by the belief that the search for knowledge is an end in itself and should be unrestricted. But invariably, when a hacker explores programmable systems, he encounters barriers that bureaucracies impose in the name of security. For the hacker, these security measures become arbitrary limits placed on his exploration, or in cases that often lead to confrontation, they become the focus of further explorations: for the hacker, security measures simply represent a more challenging programmable system. As a result, when a hacker explores such systems, he hacks knowledge, but ideologically he hacks the freedom to access knowledge. Political hackers are another group considering themselves modern freedom fighters. â€Å"Hacktivists† have officially moved from nerdish extremists to become the political protest visionaries of the digital age, a meeting at the Institute of Contemporary Arts in London was told on Thursday. Paul Mobbs, an experienced Internet activist and anti-capitalist protestor, will tell attendees that the techniques used by politically minded computer hackers — from jamming corporate networks and sending email viruses to defacing Web sites — has moved into the realm of political campaigning. Mobbs says that the term â€Å"Hacktivism† has been adopted by so many different groups, from peaceful Net campaigners to Internet hate groups, that it is essentially meaningless, but claims that Internet protest is here to stay. â€Å"It has a place, whether people like it or not,† says Mobbs. Steve Mizrach in his 1997 dissertation entitled Is there a Hacker Ethic for 90s Hackers? delves into this subject in great detail. He describes the divergent groups of hackers and explains their modus operandi: I define the computer underground as members of the following six groups. Sometimes I refer to the CU as â€Å"90s hackers† or â€Å"new hackers,† as opposed to old hackers, who are hackers (old sense of the term) from the 60s who subscribed to the original Hacker Ethic.  § Hackers (Crackers, system intruders) – These are people who attempt to penetrate security systems on remote computers. This is the new sense of the term, whereas the old sense of the term simply referred to a person who was capable of creating hacks, or elegant, unusual, and unexpected uses of technology. Typical magazines (both print and online) read by hackers include 2600 and Iron Feather Journal.  § Phreaks (Phone Phreakers, Blue Boxers) – These are people who attempt to use technology to explore and/or control the telephone system. Originally, this involved the use of â€Å"blue boxes† or tone generators, but as the phone company began using digital instead of electro-mechanical switches, the phreaks became more like hackers. Typical magazines read by Phreaks include Phrack, Line Noize, and New Fone Express.  § Virus writers (also, creators of Trojans, worms, logic bombs) – These are people who write code which attempts to a) reproduce itself on other systems without authorization and b) often has a side effect, whether that be to display a message, play a prank, or trash a hard drive. Agents and spiders are essentially ‘benevolent' virii, raising the question of how underground this activity really is. Typical magazines read by Virus writers include 40HEX.  § Pirates – Piracy is sort of a non-technical matter. Originally, it involved breaking copy protection on software, and this activity was called â€Å"cracking.† Nowadays, few software vendors use copy protection, but there are still various minor measures used to prevent the unauthorized duplication of software. Pirates devote themselves to thwarting these things and sharing commercial software freely with their friends. They usually read Pirate Newsletter and Pirate magazine.  § Cypherpunks (cryptoanarchists) – Cypherpunks freely distribute the tools and methods for making use of strong encryption, which is basically unbreakable except by massive supercomputers. Because the NSA and FBI cannot break strong encryption (which is the basis of the PGP or Pretty Good Privacy), programs that employ it are classified as munitions, and distribution of algorithms that make use of it is a felony. Some cryptoanarchists advocate strong encryption as a tool to completely evade the State, by preventing any access whatsoever to financial or personal information. They typically read the Cypherpunks mailing list.  § Anarchists – are committed to distributing illegal (or at least morally suspect) information, including but not limited to data on bombmaking, lockpicking, pornography, drug manufacturing, pirate radio, and cable and satellite TV piracy. In this parlance of the computer underground, anarchists are less likely to advocate the overthrow of government than the simple refusal to obey restrictions on distributing information. They tend to read Cult of the Dead Cow (CDC) and Activist Times Incorporated (ATI).  § Cyberpunk – usually some combination of the above, plus interest in technological self-modification, science fiction of the Neuromancer genre, and interest in hardware hacking and â€Å"street tech.† A youth subculture in its own right, with some overlaps with the â€Å"modern primitive† and â€Å"raver† subcultures. So should we fear these geeky little mischief-makers? The New York Post revealed recently that a busboy allegedly managed to steal millions of dollars from the world†s richest people by stealing their identities and tricking credit agencies and brokerage firms. In his article describing this event Bob Sullivan says, â€Å"Abraham Abdallah, I think, did us all a favor, for he has exposed as a sham the security at the world†s most important financial institutions.† The same two free e-mail addresses were used to request financial transfers for six different wealthy Merrill Lynch clients, according to the Post story. Merrill Lynch didn†t notice? Why would Merrill accept any transfer requests, indeed take any financial communication seriously at all, from a free, obviously unverified anonymous e-mail account? I†m alarmed by the checks and balances that must be in place at big New York brokerage firms. Rather than being a story about a genius who almost got away, this is simply one more story of easy identity theft amid a tidal wave of similar crimes. The Federal Trade Commission has received 40,000 complaints of identity theft since it started keeping track two years ago, but the agency is certain that represents only a fraction of real victims. This is a serious problem, long ignored by the industry. If fact, just last year the credit industry beat back a congressional bill known as The Identity Theft Protection Act, claiming it would be too expensive for them. â€Å"Clearly there has to be more leveling of the playing field. We have to hold banks and credit unions accountable.† Last month the U.S. Federal Bureau of Investigation (FBI) was again warning electronic-commerce Web sites to patch their Windows-based systems to protect their data against hackers. The FBI's National Infrastructure Protection Center (NIPC) has coordinated investigations over the past several months into organized hacker activities targeting e-commerce sites. More than 40 victims in 20 states have been identified in the ongoing investigations, which have included law enforcement agencies outside the United States and private sector officials. The investigations have uncovered several organized hacker groups from Russia, the Ukraine, and elsewhere in Eastern Europe that have penetrated U.S. e-commerce and online banking computer systems by exploiting vulnerabilities in the Windows NT operating system, the statement said. Microsoft has released patches for these vulnerabilities, which can be downloaded from Microsoft's Web site for free. Once the hackers gain access, they download proprietary information, customer databases, and credit card information, according to the FBI. The hackers subsequently contact the company and attempt to extort money by offering to patch the system and by offering to protect the company's systems from exploitation by other hackers. The hackers tell the victim that without their services they cannot guarantee that other hackers will not access their networks and post stolen credit card information and details about the site's security vulnerability on the Internet. If the company does not pay or hire the group for its security services, the threats escalate, the FBI said. Investigators also believe that in some instances the credit card information is being sold to organized crime groups. Defend yourself when you cannot defeat the enemy, and attack the enemy when you can. Scott Culp in a detailed list of security precautions on Microsoft†s Web page suggests that there are ten immutable laws of security. Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore. It's an unfortunate fact of computer science: when a computer program runs, it will do what it's programmed to do, even if it's programmed to be harmful. When you choose to run a program, you are making a decision to turn over control of your computer to it. That's why it's important to never run, or even download, a program from an untrusted source – and by â€Å"source†, I mean the person who wrote it, not the person who gave it to you. Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore. In the end, an operating system is just a series of ones and zeroes that, when interpreted by the processor, cause the machine to do certain things. Change the ones and zeroes, and it will do something different. To understand why, consider that operating system files are among the most trusted ones on the computer, and they generally run with system-level privileges. That is, they can do absolutely anything. Among other things, they're trusted to manage user accounts, handle password changes, and enforce the rules governing who can do what on the computer. If a bad guy can change them, the now-untrustworthy files will do his bidding, and there's no limit to what he can do. He can steal passwords, make himself an administrator on the machine, or add entirely new functions to the operating system. To prevent this type of attack, make sure that the system files (and the registry! , for that matter) are well protected. Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore. He could mount the ultimate low-tech denial of service attack, and smash your computer with a sledgehammer.  § He could unplug the computer, haul it out of your building, and hold it for ransom.  § He could boot the computer from a floppy disk, and reformat your hard drive. But wait, you say, I've configured the BIOS on my computer to prompt for a password when I turn the power on. No problem – if he can open the case and get his hands on the system hardware, he could just replace the BIOS chips. (Actually, there are even easier ways).  § He could remove the hard drive from your computer, install it into his computer, and read it.  § He could make a duplicate of your hard drive and take it back his lair. Once there, he'd have all the time in the world to conduct brute-force attacks, such as trying every possible logon password. Programs are available to automate this and, given enough time, it's almost certain that he would succeed. Once that happens, Laws #1 and #2 above apply  § He could replace your keyboard with one that contains a radio transmitter. He could then monitor everything you type, including your password. Always make sure that a computer is physically protected in a way that's consistent with its value – and remember that the value of a machine includes not only the value of the hardware itself, but the value of the data on it, and the value of the access to your network that a bad guy could gain. At a minimum, business-critical machines like domain controllers, database servers, and print/file servers should always be in a locked room that only people charged with administration and maintenance can access. But you may want to consider protecting other machines as well, and potentially using additional protective measures. If you travel with a laptop, it's absolutely critical that you protect it. The same features that make laptops great to travel with – small size, light weight, and so forth – also make them easy to steal. There are a variety of locks and alarms available for laptops, and some models let you remove the hard drive and carry it with you. You also can use features like the Encrypting File System in Windows 2000 to mitigate the damage if someone succeeded in stealing the computer. But the only way you can know with 100% certainty that your data is safe and the hardware hasn't been tampered with is to keep the laptop on your person at all times while traveling. Law #4: If you allow a bad guy to upload programs to your web site, it's not your web site any more. This is basically Law #1 in reverse. In that scenario, the bad guy tricks his victim into downloading a harmful program onto his machine and running it. In this one, the bad guy uploads a harmful program to a machine and runs it himself. Although this scenario is a danger anytime you allow strangers to connect to your machine, web sites are involved in the overwhelming majority of these cases. Many people who operate web sites are too hospitable for their own good, and allow visitors to upload programs to the site and run them. As we've seen above, unpleasant things can happen if a bad guy's program can run on your machine. If you run a web site, you need to limit what visitors can do. You should only allow a program on your site if you wrote it yourself, or if you trust the developer who wrote it. But that may not be enough. If your web site is one of several hosted on a shared server, you need to be extra careful. If a bad guy can compromise one of the other sites on the server, it's possible he could extend his control to the server itself, in which case he could control all of the sites on it – including yours. If you're on a shared server, it's important to find out what the server administrator's policies are. Law #5: Weak passwords trump strong security. The purpose of having a logon process is to establish who you are. Once the operating system knows who you are, it can grant or deny requests for system resources appropriately. If a bad guy learns your password, he can log on as you. In fact, as far as the operating system is concerned, he is you. Whatever you can do on the system, he can do as well, because he's you. Maybe he wants to read sensitive information you've stored on your computer, like your email. Maybe you have more privileges on the network than he does, and being you will let him do things he normally couldn't. Or maybe he just wants to do something malicious and blame it on you. In any case, it's worth protecting your credentials. Always use a password – it's amazing how many accounts have blank passwords. And choose a complex one. Don't use your dog's name, your anniversary date, or the name of the local football team. And don't use the word â€Å"password†! Pick a password that has a mix of upper- and lower-case letters, number, punctuation marks, and so forth. Make it as long as possible. And change it often. Once you've picked a strong password, handle it appropriately. Don't write it down. If you absolutely must write it down, at the very least keep it in a safe or a locked drawer – the first thing a bad guy who's hunting for passwords will do is check for a yellow sticky note on the side of your screen, or in the top desk drawer. Don't tell anyone what your password is. Remember what Ben Franklin said: two people can keep a secret, but only if one of them is dead. Finally, consider using something stronger than passwords to identify yourself to the system. Windows 2000, for instance, supports the use of smart cards, which significantly strengthens the identity checking the system can perform. You may also want to consider biometric products like fingerprint and retina scanners. Law #6: A machine is only as secure as the administrator is trustworthy. Every computer must have an administrator: someone who can install software, configure the operating system, add and manage user accounts, establish security policies, and handle all the other management tasks associated with keeping a computer up and running. By definition, these tasks require that he have control over the machine. This puts the administrator in a position of unequalled power. An untrustworthy administrator can negate every other security measure you've taken. He can change the permissions on the machine, modify the system security policies, install malicious software, add bogus users, or do any of a million other things. He can subvert virtually any protective measure in the operating system, because he controls it. Worst of all, he can cover his tracks. If you have an untrustworthy administrator, you have absolutely no security. When hiring a system administrator, recognize the position of trust that administrators occupy, and only hire people who warrant that trust. Call his references, and ask them about his previous work record, especially with regard to any security incidents at previous employers. If appropriate for your organization, you may also consider taking a step that banks and other security-conscious companies do, and require that your administrators pass a complete background check at hiring time, and at periodic intervals afterward. Whatever criteria you select, apply them across the board. Don't give anyone administrative privileges on your network unless they've been vetted – and this includes temporary employees and contractors, too. Next, take steps to help keep honest people honest. Use sign-in/sign-out sheets to track who's been in the server room. (You do have a server room with a locked door, right? If not, re-read Law #3). Implement a â€Å"two person† rule when installing or upgrading software. Diversify management tasks as much as possible, as a way of minimizing how much power any one administrator has. Also, don't use the Administrator account – instead, give each administrator a separate account with administrative privileges, so you can tell who's doing what. Finally, consider taking steps to make it more difficult for a rogue administrator to cover his tracks. For instance, store audit data on write-only media, or house System A's audit data on System B, and make sure that the two systems have different administrators. The more accountable your administrators are, the less likely you are to have problems. Law #7: Encrypted data is only as secure as the decryption key. Suppose you installed the biggest, strongest, most secure lock in the world on your front door, but you put the key under the front door mat. It wouldn't really matter how strong the lock is, would it? The critical factor would be the poor way the key was protected, because if a burglar could find it, he'd have everything he needed to open the lock. Encrypted data works the same way – no matter how strong the cryptoalgorithm is, the data is only as safe as the key that can decrypt it. Many operating systems and cryptographic software products give you an option to store cryptographic keys on the computer. The advantage is convenience – you don't have to handle the key – but it comes at the cost of security. The keys are usually obfuscated (that is, hidden), and some of the obfuscation methods are quite good. But in the end, no matter how well-hidden the key is, if it's on the machine it can be found. It has to be – after all, the software can find it, so a sufficiently-motivated bad guy could find it, too. Whenever possible, use offline storage for keys. If the key is a word or phrase, memorize it. If not, export it to a floppy disk, make a backup copy, and store the copies in separate, secure locations. Law #8: An out of date virus scanner is only marginally better than no virus scanner at all. Virus scanners work by comparing the data on your computer against a collection of virus â€Å"signatures†. Each signature is characteristic of a particular virus, and when the scanner finds data in a file, email, or elsewhere that matches the signature, it concludes that it's found a virus. However, a virus scanner can only scan for the viruses it knows about. It's vital that you keep your virus scanner's signature file up to date, as new viruses are created every day. The problem actually goes a bit deeper than this, though. Typically, a new virus will do the greatest amount of damage during the early stages of its life, precisely because few people will be able to detect it. Once word gets around that a new virus is on the loose and people update their virus signatures, the spread of the virus falls off drastically. The key is to get ahead of the curve, and have updated signature files on your machine before the virus hits. Virtually every maker of anti-virus software provides a way to get free updated signature files from their web site. In fact, many have â€Å"push† services, in which they'll send notification every time a new signature file is released. Use these services. Also, keep the virus scanner itself – that is, the scanning software – updated as well. Virus writers periodically develop new techniques that require that the scanners change how they do their work. Law #9: Absolute anonymity isn't practical, in real life or on the web. All human interaction involves exchanging data of some kind. If someone weaves enough of that data together, they can identify you. Think about all the information that a person can glean in just a short conversation with you. In one glance, they can gauge your height, weight, and approximate age. Your accent will probably tell them what country you're from, and may even tell them what region of the country. If you talk about anything other than the weather, you'll probably tell them something about your family, your interests, where you live, and what you do for a living. It doesn't take long for someone to collect enough information to figure out who you are. If you crave absolute anonymity, your best bet is to live in a cave and shun all human contact. The same thing is true of the Internet. If you visit a web site, the owner can, if he's sufficiently motivated, find out who you are. After all, the ones and zeroes that make up the web session have be able to find their way to the right place, and that place is your computer. There are a lot of measures you can take to disguise the bits, and the more of them you use, the more thoroughly the bits will be disguised. For instance, you could use network address translation to mask your actual IP address, subscribe to an anonymizing service that launders the bits by relaying them from one end of the ether to the other, use a different ISP account for different purposes, surf certain sites only from public kiosks, and so on. All of these make it more difficult to determine who you are, but none of them make it impossible. Do you know for certain who operates the anonymizing service? Maybe it's the same person who owns the web site you just visited! Or what about that innocuous web ! site you visited yesterday, that offered to mail you a free $10 off coupon? Maybe the owner is willing to share information with other web site owners. If so, the second web site owner may be able to correlate the information from the two sites and determine who you are. Does this mean that privacy on the web is a lost cause? Not at all. What it means is that the best way to protect your privacy on the Internet is the same as the way you protect your privacy in normal life – through your behavior. Read the privacy statements on the web sites you visit, and only do business with ones whose practices you agree with. If you're worried about cookies, disable them. Most importantly, avoid indiscriminate web surfing – recognize that just as most cities have a bad side of town that's best avoided, the Internet does too. But if it's complete and total anonymity you want, better start looking for that cave. The Art of War Sun-Tzu Wu is the reputed author of the Chinese classic Ping-fa (The Art of War), written approximately 475-221 B. C. Penned at a time when China was divided into six or seven states that often resorted to war with each other in their struggles for supremacy, it is a systematic guide to strategy and tactics for rulers and commanders. In doing business on the Internet during this time of rampant computer viruses and hacker attacks it may be wise for us to follow some of his tactical principles in order to insure the safety of ourselves and our future clients. Know your enemy and know yourself; in a hundred battles, you will never be defeated. When you are ignorant of the enemy but know yourself, your chances of winning or losing are equal. If ignorant both of your enemy and of yourself, you are sure to be defeated in every battle. In a chilling article entitled Big Brother is Watching Bob Sullivan of MSNBC recounts a tale during a recent visit to London: Only moments after stepping into the Webshack Internet cafe in London†s Soho neighborhood, â€Å"Mark† asked me what I thought of George W. Bush and Al Gore. â€Å"I wouldn†t want Bush running things,† he said. â€Å"Because he can†t run his Web site.† Then he showed me a variety of ways to hack Bush†s Web sites. That was just the beginning of a far-reaching chat during which the group nearly convinced me Big Brother is in fact here in London. â€Å"I don†t know if he can run the free world,† Mark said. â€Å"He can†t keep the Texas banking system computers secure. So-called â€Å"2600† clubs are a kind of hacker â€Å"boy scout† organization – there are local 2600 chapters all around the globe. It is in this environment, and this mindset, that London†s hackers do their work. They do not analyze computer systems and learn how to break them out of spite, or some childish need to destroy: Mark and friends see themselves as merely accumulating knowledge that could be used in self-defense if necessary. They are the citizen†s militia, the Freedom Fighters of the Information Age, trying to stay one step ahead of technology that could one day be turned against them. Jon-K Adams in his treatise entitled Hacker Ideology (aka Hacking Freedom) states that hackers have been called both techno-revolutionaries and heroes of the computer revolution. Hacking â€Å"has become a cultural icon about decentralized power.† But for all that, hackers are reluctant rebels. They prefer to fight with code than with words. And they would rather appear on the net than at a news conference. Status in the hacker world cannot be granted by the general public: it takes a hacker to know and appreciate a hacker. That's part of the hacker's revolutionary reluctance; the other part is the news media's slant toward sensationalism, such as, â€Å"A cyberspace dragnet snared fugitive hacker.† The public tends to think of hacking as synonymous with computer crime, with breaking into computers and stealing and destroying valuable data. As a result of this tabloid mentality, the hacker attempts to fade into the digital world, where he-and it is almost always he-has a place if not a! In his self-conception, the hacker is not a criminal, but rather a â€Å"person who enjoys exploring the details of programmable systems and how to stretch their capabilities.† Which means that he is not necessarily a computer geek. The hacker defines himself in terms that extend beyond the computer, as an â€Å"expert or enthusiast of any kind. One might be an astronomy hacker† (Jargon File). So in the broadest sense of his self-conception, the hacker hacks knowledge; he wants to know how things work, and the computer-the prototypical programmable system-simply offers more complexity and possibility, and thus more fascination, than most other things. >From this perspective, hacking appears to be a harmless if nerdish enthusiasm. But at the same time, this seemingly innocent enthusiasm is animated by an ideology that leads to a conflict with civil authority. The hacker is motivated by the belief that the search for knowledge is an end in itself and should be unrestricted. But invariably, when a hacker explores programmable systems, he encounters barriers that bureaucracies impose in the name of security. For the hacker, these security measures become arbitrary limits placed on his exploration, or in cases that often lead to confrontation, they become the focus of further explorations: for the hacker, security measures simply represent a more challenging programmable system. As a result, when a hacker explores such systems, he hacks knowledge, but ideologically he hacks the freedom to access knowledge. Political hackers are another group considering themselves modern freedom fighters. â€Å"Hacktivists† have officially moved from nerdish extremists to become the political protest visionaries of the digital age, a meeting at the Institute of Contemporary Arts in London was told on Thursday. Paul Mobbs, an experienced Internet activist and anti-capitalist protestor, will tell attendees that the techniques used by politically minded computer hackers — from jamming corporate networks and sending email viruses to defacing Web sites — has moved into the realm of political campaigning. Mobbs says that the term â€Å"Hacktivism† has been adopted by so many different groups, from peaceful Net campaigners to Internet hate groups, that it is essentially meaningless, but claims that Internet protest is here to stay. â€Å"It has a place, whether people like it or not,† says Mobbs. Steve Mizrach in his 1997 dissertation entitled Is there a Hacker Ethic for 90s Hackers? delves into this subject in great detail. He describes the divergent groups of hackers and explains their modus operandi: I define the computer underground as members of the following six groups. Sometimes I refer to the CU as â€Å"90s hackers† or â€Å"new hackers,† as opposed to old hackers, who are hackers (old sense of the term) from the 60s who subscribed to the original Hacker Ethic.  § Hackers (Crackers, system intruders) – These are people who attempt to penetrate security systems on remote computers. This is the new sense of the term, whereas the old sense of the term simply referred to a person who was capable of creating hacks, or elegant, unusual, and unexpected uses of technology. Typical magazines (both print and online) read by hackers include 2600 and Iron Feather Journal.  § Phreaks (Phone Phreakers, Blue Boxers) – These are people who attempt to use technology to explore and/or control the telephone system. Originally, this involved the use of â€Å"blue boxes† or tone generators, but as the phone company began using digital instead of electro-mechanical switches, the phreaks became more like hackers. Typical magazines read by Phreaks include Phrack, Line Noize, and New Fone Express.  § Virus writers (also, creators of Trojans, worms, logic bombs) – These are people who write code which attempts to a) reproduce itself on other systems without authorization and b) often has a side effect, whether that be to display a message, play a prank, or trash a hard drive. Agents and spiders are essentially ‘benevolent' virii, raising the question of how underground this activity really is. Typical magazines read by Virus writers include 40HEX.  § Pirates – Piracy is sort of a non-technical matter. Originally, it involved breaking copy protection on software, and this activity was called â€Å"cracking.† Nowadays, few software vendors use copy protection, but there are still various minor measures used to prevent the unauthorized duplication of software. Pirates devote themselves to thwarting these things and sharing commercial software freely with their friends. They usually read Pirate Newsletter and Pirate magazine.  § Cypherpunks (cryptoanarchists) – Cypherpunks freely distribute the tools and methods for making use of strong encryption, which is basically unbreakable except by massive supercomputers. Because the NSA and FBI cannot break strong encryption (which is the basis of the PGP or Pretty Good Privacy), programs that employ it are classified as munitions, and distribution of algorithms that make use of it is a felony. Some cryptoanarchists advocate strong encryption as a tool to completely evade the State, by preventing any access whatsoever to financial or personal information. They typically read the Cypherpunks mailing list.  § Anarchists – are committed to distributing illegal (or at least morally suspect) information, including but not limited to data on bombmaking, lockpicking, pornography, drug manufacturing, pirate radio, and cable and satellite TV piracy. In this parlance of the computer underground, anarchists are less likely to advocate the overthrow of government than the simple refusal to obey restrictions on distributing information. They tend to read Cult of the Dead Cow (CDC) and Activist Times Incorporated (ATI).  § Cyberpunk – usually some combination of the above, plus interest in technological self-modification, science fiction of the Neuromancer genre, and interest in hardware hacking and â€Å"street tech.† A youth subculture in its own right, with some overlaps with the â€Å"modern primitive† and â€Å"raver† subcultures. So should we fear these geeky little mischief-makers? The New York Post revealed recently that a busboy allegedly managed to steal millions of dollars from the world†s richest people by stealing their identities and tricking credit agencies and brokerage firms. In his article describing this event Bob Sullivan says, â€Å"Abraham Abdallah, I think, did us all a favor, for he has exposed as a sham the security at the world†s most important financial institutions.† The same two free e-mail addresses were used to request financial transfers for six different wealthy Merrill Lynch clients, according to the Post story. Merrill Lynch didn†t notice? Why would Merrill accept any transfer requests, indeed take any financial communication seriously at all, from a free, obviously unverified anonymous e-mail account? I†m alarmed by the checks and balances that must be in place at big New York brokerage firms. Rather than being a story about a genius who almost got away, this is simply one more story of easy identity theft amid a tidal wave of similar crimes. The Federal Trade Commission has received 40,000 complaints of identity theft since it started keeping track two years ago, but the agency is certain that represents only a fraction of real victims. This is a serious problem, long ignored by the industry. If fact, just last year the credit industry beat back a congressional bill known as The Identity Theft Protection Act, claiming it would be too expensive for them. â€Å"Clearly there has to be more leveling of the playing field. We have to hold banks and credit unions accountable.† Last month the U.S. Federal Bureau of Investigation (FBI) was again warning electronic-commerce Web sites to patch their Windows-based systems to protect their data against hackers. The FBI's National Infrastructure Protection Center (NIPC) has coordinated investigations over the past several months into organized hacker activities targeting e-commerce sites. More than 40 victims in 20 states have been identified in the ongoing investigations, which have included law enforcement agencies outside the United States and private sector officials. The investigations have uncovered several organized hacker groups from Russia, the Ukraine, and elsewhere in Eastern Europe that have penetrated U.S. e-commerce and online banking computer systems by exploiting vulnerabilities in the Windows NT operating system, the statement said. Microsoft has released patches for these vulnerabilities, which can be downloaded from Microsoft's Web site for free. Once the hackers gain access, they download proprietary information, customer databases, and credit card information, according to the FBI. The hackers subsequently contact the company and attempt to extort money by offering to patch the system and by offering to protect the company's systems from exploitation by other hackers. The hackers tell the victim that without their services they cannot guarantee that other hackers will not access their networks and post stolen credit card information and details about the site's security vulnerability on the Internet. If the company does not pay or hire the group for its security services, the threats escalate, the FBI said. Investigators also believe that in some instances the credit card information is being sold to organized crime groups. Defend yourself when you cannot defeat the enemy, and attack the enemy when you can. Scott Culp in a detailed list of security precautions on Microsoft†s Web page suggests that there are ten immutable laws of security. Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore. It's an unfortunate fact of computer science: when a computer program runs, it will do what it's programmed to do, even if it's programmed to be harmful. When you choose to run a program, you are making a decision to turn over control of your computer to it. That's why it's important to never run, or even download, a program from an untrusted source – and by â€Å"source†, I mean the person who wrote it, not the person who gave it to you. Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore. In the end, an operating system is just a series of ones and zeroes that, when interpreted by the processor, cause the machine to do certain things. Change the ones and zeroes, and it will do something different. To understand why, consider that operating system files are among the most trusted ones on the computer, and they generally run with system-level privileges. That is, they can do absolutely anything. Among other things, they're trusted to manage user accounts, handle password changes, and enforce the rules governing who can do what on the computer. If a bad guy can change them, the now-untrustworthy files will do his bidding, and there's no limit to what he can do. He can steal passwords, make himself an administrator on the machine, or add entirely new functions to the operating system. To prevent this type of attack, make sure that the system files (and the registry! , for that matter) are well protected. Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore. He could mount the ultimate low-tech denial of service attack, and smash your computer with a sledgehammer.  § He could unplug the computer, haul it out of your building, and hold it for ransom.  § He could boot the computer from a floppy disk, and reformat your hard drive. But wait, you say, I've configured the BIOS on my computer to prompt for a password when I turn the power on. No problem – if he can open the case and get his hands on the system hardware, he could just replace the BIOS chips. (Actually, there are even easier ways).  § He could remove the hard drive from your computer, install it into his computer, and read it.  § He could make a duplicate of your hard drive and take it back his lair. Once there, he'd have all the time in the world to conduct brute-force attacks, such as trying every possible logon password. Programs are available to automate this and, given enough time, it's almost certain that he would succeed. Once that happens, Laws #1 and #2 above apply  § He could replace your keyboard with one that contains a radio transmitter. He could then monitor everything you type, including your password. Always make sure that a computer is physically protected in a way that's consistent with its value – and remember that the value of a machine includes not only the value of the hardware itself, but the value of the data on it, and the value of the access to your network that a bad guy could gain. At a minimum, business-critical machines like domain controllers, database servers, and print/file servers should always be in a locked room that only people charged with administration and maintenance can access. But you may want to consider protecting other machines as well, and potentially using additional protective measures. If you travel with a laptop, it's absolutely critical that you protect it. The same features that make laptops great to travel with – small size, light weight, and so forth – also make them easy to steal. There are a variety of locks and alarms available for laptops, and some models let you remove the hard drive and carry it with you. You also can use features like the Encrypting File System in Windows 2000 to mitigate the damage if someone succeeded in stealing the computer. But the only way you can know with 100% certainty that your data is safe and the hardware hasn't been tampered with is to keep the laptop on your person at all times while traveling. Law #4: If you allow a bad guy to upload programs to your web site, it's not your web site any more. This is basically Law #1 in reverse. In that scenario, the bad guy tricks his victim into downloading a harmful program onto his machine and running it. In this one, the bad guy uploads a harmful program to a machine and runs it himself. Although this scenario is a danger anytime you allow strangers to connect to your machine, web sites are involved in the overwhelming majority of these cases. Many people who operate web sites are too hospitable for their own good, and allow visitors to upload programs to the site and run them. As we've seen above, unpleasant things can happen if a bad guy's program can run on your machine. If you run a web site, you need to limit what visitors can do. You should only allow a program on your site if you wrote it yourself, or if you trust the developer who wrote it. But that may not be enough. If your web site is one of several hosted on a shared server, you need to be extra careful. If a bad guy can compromise one of the other sites on the server, it's possible he could extend his control to the server itself, in which case he could control all of the sites on it – including yours. If you're on a shared server, it's important to find out what the server administrator's policies are. Law #5: Weak passwords trump strong security. The purpose of having a logon process is to establish who you are. Once the operating system knows who you are, it can grant or deny requests for system resources appropriately. If a bad guy learns your password, he can log on as you. In fact, as far as the operating system is concerned, he is you. Whatever you can do on the system, he can do as well, because he's you. Maybe he wants to read sensitive information you've stored on your computer, like your email. Maybe you have more privileges on the network than he does, and being you will let him do things he normally couldn't. Or maybe he just wants to do something malicious and blame it on you. In any case, it's worth protecting your credentials. Always use a password – it's amazing how many accounts have blank passwords. And choose a complex one. Don't use your dog's name, your anniversary date, or the name of the local football team. And don't use the word â€Å"password†! Pick a password that has a mix of upper- and lower-case letters, number, punctuation marks, and so forth. Make it as long as possible. And change it often. Once you've picked a strong password, handle it appropriately. Don't write it down. If you absolutely must write it down, at the very least keep it in a safe or a locked drawer – the first thing a bad guy who's hunting for passwords will do is check for a yellow sticky note on the side of your screen, or in the top desk drawer. Don't tell anyone what your password is. Remember what Ben Franklin said: two people can keep a secret, but only if one of them is dead. Finally, consider using something stronger than passwords to identify yourself to the system. Windows 2000, for instance, supports the use of smart cards, which significantly strengthens the identity checking the system can perform. You may also want to consider biometric products like fingerprint and retina scanners. Law #6: A machine is only as secure as the administrator is trustworthy. Every computer must have an administrator: someone who can install software, configure the operating system, add and manage user accounts, establish security policies, and handle all the other management tasks associated with keeping a computer up and running. By definition, these tasks require that he have control over the machine. This puts the administrator in a position of unequalled power. An untrustworthy administrator can negate every other security measure you've taken. He can change the permissions on the machine, modify the system security policies, install malicious software, add bogus users, or do any of a million other things. He can subvert virtually any protective measure in the operating system, because he controls it. Worst of all, he can cover his tracks. If you have an untrustworthy administrator, you have absolutely no security. When hiring a system administrator, recognize the position of trust that administrators occupy, and only hire people who warrant that trust. Call his references, and ask them about his previous work record, especially with regard to any security incidents at previous employers. If appropriate for your organization, you may also consider taking a step that banks and other security-conscious companies do, and require that your administrators pass a complete background check at hiring time, and at periodic intervals afterward. Whatever criteria you select, apply them across the board. Don't give anyone administrative privileges on your network unless they've been vetted – and this includes temporary employees and contractors, too. Next, take steps to help keep honest people honest. Use sign-in/sign-out sheets to track who's been in the server room. (You do have a server room with a locked door, right? If not, re-read Law #3). Implement a â€Å"two person† rule when installing or upgrading software. Diversify management tasks as much as possible, as a way of minimizing how much power any one administrator has. Also, don't use the Administrator account – instead, give each administrator a separate account with administrative privileges, so you can tell who's doing what. Finally, consider taking steps to make it more difficult for a rogue administrator to cover his tracks. For instance, store audit data on write-only media, or house System A's audit data on System B, and make sure that the two systems have different administrators. The more accountable your administrators are, the less likely you are to have problems. Law #7: Encrypted data is only as secure as the decryption key. Suppose you installed the biggest, strongest, most secure lock in the world on your front door, but you put the key under the front door mat. It wouldn't really matter how strong the lock is, would it? The critical factor would be the poor way the key was protected, because if a burglar could find it, he'd have everything he needed to open the lock. Encrypted data works the same way – no matter how strong the cryptoalgorithm is, the data is only as safe as the key that can decrypt it. Many operating systems and cryptographic software products give you an option to store cryptographic keys on the computer. The advantage is convenience – you don't have to handle the key – but it comes at the cost of security. The keys are usually obfuscated (that is, hidden), and some of the obfuscation methods are quite good. But in the end, no matter how well-hidden the key is, if it's on the machine it can be found. It has to be – after all, the software can find it, so a sufficiently-motivated bad guy could find it, too. Whenever possible, use offline storage for keys. If the key is a word or phrase, memorize it. If not, export it to a floppy disk, make a backup copy, and store the copies in separate, secure locations. Law #8: An out of date virus scanner is only marginally better than no virus scanner at all. Virus scanners work by comparing the data on your computer against a collection of virus â€Å"signatures†. Each signature is characteristic of a particular virus, and when the scanner finds data in a file, email, or elsewhere that matches the signature, it concludes that it's found a virus. However, a virus scanner can only scan for the viruses it knows about. It's vital that you keep your virus scanner's signature file up to date, as new viruses are created every day. The problem actually goes a bit deeper than this, though. Typically, a new virus will do the greatest amount of damage during the early stages of its life, precisely because few people will be able to detect it. Once word gets around that a new virus is on the loose and people update their virus signatures, the spread of the virus falls off drastically. The key is to get ahead of the curve, and have updated signature files on your machine before the virus hits. Virtually every maker of anti-virus software provides a way to get free updated signature files from their web site. In fact, many have â€Å"push† services, in which they'll send notification every time a new signature file is released. Use these services. Also, keep the virus scanner itself – that is, the scanning software – updated as well. Virus writers periodically develop new techniques that require that the scanners change how they do their work. Law #9: Absolute anonymity isn't practical, in real life or on the web. All human interaction involves exchanging data of some kind. If someone weaves enough of that data together, they can identify you. Think about all the information that a person can glean in just a short conversation with you. In one glance, they can gauge your height, weight, and approximate age. Your accent will probably tell them what country you're from, and may even tell them what region of the country. If you talk about anything other than the weather, you'll probably tell them something about your family, your interests, where you live, and what you do for a living. It doesn't take long for someone to collect enough information to figure out who you are. If you crave absolute anonymity, your best bet is to live in a cave and shun all human contact. The same thing is true of the Internet. If you visit a web site, the owner can, if he's sufficiently motivated, find out who you are. After all, the ones and zeroes that make up the web session have be able to find their way to the right place, and that place is your computer. There are a lot of measures you can take to disguise the bits, and the more of them you use, the more thoroughly the bits will be disguised. For instance, you could use network address translation to mask your actual IP address, subscribe to an anonymizing service that launders the bits by relaying them from one end of the ether to the other, use a different ISP account for different purposes, surf certain sites only from public kiosks, and so on. All of these make it more difficult to determine who you are, but none of them make it impossible. Do you know for certain who operates the anonymizing service? Maybe it's the same person who owns the web site you just visited! Or what about that innocuous web ! site you visited yesterday, that offered to mail you a free $10 off coupon? Maybe the owner is willing to share information with other web site owners. If so, the second web site owner may be able to correlate the information from the two sites and determine who you are. Does this mean that privacy on the web is a lost cause? Not at all. What it means is that the best way to protect your privacy on the Internet is the same as the way you protect your privacy in normal life – through your behavior. Read the privacy statements on the web sites you visit, and only do business with ones whose practices you agree with. If you're worried about cookies, disable them. Most importantly, avoid indiscriminate web surfing – recognize that just as most cities have a bad side of town that's best avoided, the Internet does too. But if it's complete and total anonymity you want, better start looking for that cave.

Assignment Instructions Complete A Chart Showing Essay

Complete a chart showing how the First Amendment impacted a landmark Supreme Court Case. You will explain what the case was about and identify two current cases relating to this amendment. Amendment I – Freedoms, Petitions, Assembly Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press, or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances. Which landmark case will you use to as your primary example? Visit the Bill of Rights Institute Landmark Supreme Court Cases or do quick webs search to find a case. Note: use search terms like â€Å"landmark cases amendment 1† Brown v. Board of Education What is the landmark case about & how was this amendment upheld? Please respond in three to four complete   This was a landmark United States Supreme Court case in which the Court declared state laws establishing separate public schools for black and white students unconstitutional. The decision overturned the Plessy v. Ferguson decision of 1896, which allowed state-sponsored segregation, to the extent of how it applied to public education. Handed down on May 17, 1954, the Warren Court’s unanimous decision declared that â€Å"separate educational facilities are inherently unequal.† As a result by right, racial segregation was ruled a violation of the Equal Protection Clause to the Fourteenth Amendment of the United States Constitution. This ruling forced the people of the United States to abolish segregation and integrate with each other no matter what race you are. This ended up being a major victory of the civil rights movement. List two current court cases relating to this amendment. Do a quick web search for current court cases. Note: These cases must be from the last five years. 1. state of Florida versus George Zimmerman (2012) George Zimmerman was tried for the murder   Black teenager Trayvon Martin out of self defense. The Court Ruled George Zimmerman not guilty because he had pictures of a broken nose and a few other items that acquitted him of his charges. The reason I chose this case to relate to the Fourteenth Amendment is because people thought he killed Trayvon because Trayvon was black. This would be bringing us back to segregation. 2. Christian Legal Society v. Martinez (2010) The court ruled that a student organization at a public university was not free to limit their members to those who shared their belief system if that resulted in discrimination on the basis of sexual orientation.

Organization Innovation and change Essay Example | Topics and Well Written Essays - 3000 words

Organization Innovation and change - Essay Example The next move in the realization of British airways came in 1974 when all these airlines merged to form the now famous British Airways (British Airways 7). In 1981,the airline was privatized by a conservative government. The reason for the move was the expectation that it would perform better as a private company. The conservatives government that made this move a head to overhaul the leadership by applying Lord John King to head the new company (British Airways 7). . British Airways Leadership Structure . At the top of the company is chief executive officer. He reports to board of directors. The board of directors has the prerogative of making all the strategic decisions concerning the company’s management (Brown 1998). The Chief Executive serves as the implementing force for the director’s decision. The chief executive and the board of directors constitute what is called the strategic apex in leader ship. Under the strategic apex are leaders of various departments suc h as logistics, finance, and human resources. All these officers play a very significant role in the operations of the company, and report to the strategic apex from time to time. ... It is vital to reiterate the fact that British Airways is multicultural as far as its workforce is concerned and this not to be forgotten in the analysis of change and innovation. . Research Method: The line of research was careful examination of information available on British Airways website. Information that guided the collection of information sought to gather information on company traditions. Employee treatment , the way the company handles changes in the external environment as far as air transport is concerned the management traditions, the workforce attitude towards the management and remuneration policies. As an outsider analyzing information that I have obtained, I had no bias in my analysis. . Overview of change and innovation in light of BA: It is essential that business entities ensure that there is perfect harmony between their internal environment and external influences (Bamberger& Meshoulam, 2000). This therefore calls for a calculated scenario where the speed of r esponse to external pushes and pulls is equal to changes in the external conditions (Hayes 2007). Companies always adjust their strategies when confronted by shifts in their immediate environments. This adjustment is what can be described as innovation can be defined as a set of changes made within a business entity that have an impact ( Hamel 2007). BA has experienced a number of changes in its immediate environment that have called for major changes in its internal structure ranging from remuneration policies to areas of investment. The extent of success of the responses or the innovation the company has undertaken will be discussed in later stages of the paper by exploring the different milestones achieved by the company. For

Production Notes Project - For a Theatre Class Essay - 1

Production Notes Project - For a Theatre Class - Essay Example eyes; Shakespeare being one of the greatest playwrights in history, it would be tough to play with the theme of the play however, I would like to set the entire backdrop during the colonial period and portray the kind of capitalism and conquest that the rich bourgeoisie did during the time. The play is about a feud going on between two families, the Capulets and the Montagues. The reason for the brawl between the families is only because of a matter of differences that the two sides are subject to, however the reasons for that are not provided. Shakespeare wrote that whoever breaches the peace between the two families would be subject to death. Thus, through my eyes, I would like to depict the feud between the families as a result of wealth and conquests accumulated during the colonial period in British England. I would thus like to begin the play with a short prologue depicting how the Montagues and the Capulets had both established themselves as the wealthy families in Britain and England but had a shortcoming which can be depicted through the capitalist market economies and societies of the time. The families fought with each other in order to establish their supremacy over the other and boom with respect to their personal production. The ball that the Capulets hold is to celebrate their good harvests for the year and growth and development in the agricultural sector. It is a moment of celebration and victory over any other primary sector competitor that they have in the market, including the Montagues. The peace treaty decided between the two was on the basis of how they would not intrude upon each other’s lands or indulge in any form of unhealthy competition. Thus through this entire backdrop, one can easily see the plight of the wealthy farming sector in old England at the time, and how they were fighting to survive among each other even though these two main families held supremacy over the market. The Capulets want to marry their daughter off to

Creating And Sustaining Brand Equity Long Term Case Study - 20

Creating And Sustaining Brand Equity Long Term - Case Study Example Pampers was launched – a development from the previous diapers available in the market, which – per research done by P&G - was particularly disliked by mothers because they didn’t fit well, they leaked and there was a tendency for the paper to crumble. (p. 130) Recent statistics point to the fact that Americans are spending less time in shopping malls. (Kalakota and Whinston 1997, p. 219) The reasons behind this vary but that they form a pattern that demonstrates how the purchasing behavior is beginning to change throughout the world with the emergence of time-strapped and career-oriented consumers. Understanding the dynamics of these demographic changes is crucial for brand development and brand loyalty. Today, lifestyle and demographic trends have taken consumers away from conventional retailers of the past. Of course, store-based retailing is still strong, consumers appear to have less and less time for the process of buying from stores. There is the rudiment of getting into the car, driving miles to stores, searching for products and subjecting oneself to endless queues. This could be explained by the fact that today there is more pressure from companies for employees to work for longer hours or perform more work as they make do with fewer employees. And so people found themselves shopping from catalogs, shopping channels, and, recently, online. The demographic trends, wrote Ronald Drozdenko and Perry Drake (2002), that contribute to the movement of shoppers away from store retailers include: higher percentage of women in the workforce; higher percentage of family members working; more child-rearing activities that require parents’ time; increasing access to the internet at home; increase in ethnic population; and, less brand loyalty. (p. 9)

Organisational Behaviour of Apple Inc Assignment

Organisational Behaviour of Apple Inc - Assignment Example OB is determined by numerous factors in the organization including individual characteristics, group mechanisms, as well as organizational mechanisms; all these factors are directly responsible for both OB as well as organizational effectiveness eventually. Individual factors include levels of motivation, satisfaction, stress, which become the essential determinants of the levels of commitment of people to the organization; personality and cultural values are the main variables of these individual mechanisms. Group mechanisms exert significant influence on individuals since people at the workplace often belong and work in one or more work teams that are led by some formal leader; group dynamics influence motivation, satisfaction, stress, as well as trust and learning in the organization. Eventually, individuals and teams are grouped into the larger organizational structure that also affects satisfaction, stress, motivation among other dynamics; the organizational structure determines the linkages between the various groups, which may either be decentralized or centralized around a central decision-making authority. Besides the organizational structure, organizations also possess an organizational culture that captures a shared knowledge concerning the fundamental values and believes about the way things are done in the organization thereby consequently influencing the attitudes and behaviors of employees significantly. This paper will conduct a case analysis of the OB of Apple Inc from the individual factors perspective, the group dynamics perspective, and the organizational mechanisms perspective; prior to the case evaluation, this paper will highlight the major challenges faced by Apple Inc and a theoretical framework.

Computer Architecture Essay Example | Topics and Well Written Essays - 1000 words

Computer Architecture - Essay Example Von Neumann Architecture Von Neumann’s ideas are significant as they inspired the making of EDVAC computer back in 1952. The construction of Manchester Mark I computer preceded that of EDVAC. To Von Neumann, an efficient electronic computer would contain four main elements. These are the arithmetic logic unit, control unit, memory and input-output devices. In his architecture, Von Neumann moved if an efficient general purpose computer was to be made it is imperative to give it exemplary ability to store data and the intermediate outcomes of computation. On top of this, it is important to enable the computer to keep the instructions and commands given in carrying out whatever computation (Cragon, 2000). To achieve this, Von Neumann proposed that it is necessary to encode computer instructions in numeric form and enable the computer to store these instructions and their data in the same memory. The control unit help execute coded instructions saved in computer memory. Arithmetic unit performs arbitrary subsets of certain arithmetic operations. Von Neumann argued that operation speed, cheapness and simplicity of a machine should determine the economy of the arithmetic unit. Arithmetic unit accesses information from registers so as to be able to manipulate values. Data and program code reside in a computer’s memory. Input and output are enables a computer to communicate with the outside environment. Today’s input and output functions have improved on Von Neumann’s ideas and some take place within the computer (Null & Lobur, 2012). System bus There are wires found in the main board. It is these wires that interlink chips and devices plugged in the mainboard. The bus is the collectivity of these wires. The width of the bus goes with the number of wires. Data bus almost always contains wires in multiples of eight. Besides data wires, there are additional wires that help the computer in signaling and control. Bus throughput capability is the product of the speed of the bus clock (hertz) and the width of the bus (bits). Devices connected to the mainboard communicate via the bus. Bus arbitration is the method used to adjudicate the chance for each device to get access to the bus. Devices of high priority including processor and RAM get preference in accessing the bus (Cragon, 2000). These high priority devices have few interrupts. The control channel signals interrupts. Interrupt signals help interrupt CPU’s tasks in order to attention to whatever event that may occur. The CPU handles interrupt requests with respect to priority of their device. High priority devices have low interrupt numbers. In the past, bus arbitration has advanced over the years so that the computer does not need to arbitrate the bus. Direct memory access allows devices to insert or get data into or out of computer memory. The system bus has several functions. All types of buses allow sharing of data amongst the peripherals connected to the co mputer (Null & Lobur, 2012). System bus helps in addressing. Addressing helps in sending data to and from particular memory sections. System bus supplies power to different computer peripherals. It is the work of the bus to provide system clock that helps in synchronizing computer peripherals with other elements in the system. The use of Boolean operators in computer-based calculations Boolean operators can be used in the

Womens role in Chinese film Movie Review Example | Topics and Well Written Essays - 1750 words

Womens role in Chinese film - Movie Review Example One such film is Ju Dou, which was originally produced in 1990 (Zeng 75). The film features typical Chinese culture and elements especially the ancient ones. While the film has multiple themes, one of the most evident themes is the role of women. The main character, Ju Dou, is a typical Chinese woman who brings out the roles that Chinese women played in the 1920s, which is time setting of the film (Singh 4). Apparently, Ju Dou plays multiple roles including being a wife, a mother, an aunt, and a widower. However, her character in the film reveals the underlying roles of women including positive and negative ones. One of the main roles of women in Ju Dou is being wives. As the film begins, Ju Dou is made wife to an old man, Tianqing’s uncle. Before her marriage, the old uncle had two other wives who had already died. This shows that women are presented as wives. The fact that the old uncle would marry each time the wife died emphasizes the role of the woman as the wife. However, it is important to note that the role of the woman as a wife as depicted in the film is quite diverse. First, the woman plays the role of giving birth. The old uncle makes it clear in the film that he bought Ju Dou purposely for her to give him a son. His previous wives had died without giving him a son. So, he was desperate to get another wife who would give him the son. This role of the woman as child bearer is also evident when people make fun of Tianqing to get a woman who would bear him a son during the celebration party of Ju Dou’s newborn son. When Ju Dou finally bears a son, she becomes a darling of many. The old uncle is so excited that he starts treating her well and even organizes a celebration for her. Second, women play the role of sex objects for men’s pleasure. Tianqing’s uncle actually makes it clear to Ju Dou that he bought her and therefore he has all the

Imperialism and 1st World War Essay Example for Free

Imperialism and 1st World War Essay The portrayal of the artists is indeed a true picture of the horrors of World War I which cannot be envisioned by just reading accounts of the war as given in different readings. The paintings reveal the disgusting events that will surely put the shivers into the generation of today in realizing the atrocities and soul stirring hardships that were experienced by all those who were part of the war. While the monarchy of the combating countries relaxed and simply gave orders it were the soldiers representing the states that bore the brunt of the chilling circumstances. Soldiers were silent observers in seeing their colleagues butchered in helplessness while they themselves were lucky to come back alive into their trenches unaware of what the next day had in store for them. The medical corps and nurses were always on the alert to receive the dead and grievously wounded soldiers while those who were captured had to submit to the inhuman tortures at the hands of their captors. Several soldiers were maimed in leading a life of revulsion, helpless in leading a life of misery. The onslaught of gas attacks made several soldiers to die in agony while many suffered psychologically in being unable to lead normal lives. The fear of gas attacks was so severe that soldiers had to always move with gas masks in specified territories. There was always a sinister plan underway and it became difficult for the combatants to judge about who friends are and whom to understand as enemies. There was always an ongoing process to build tunnels and infrastructure to face the challenges of enemy attacks in a war that never seemed to end. All who were physically fit could be expected to be called for war duties with little hope of returning alive. The war was extensively destructive as nothing was spared and all means were used to inflict the maximum damages irrespective of the intensity of suffering and loss to life. Human life appeared to have no value nor did the sufferings of the masses for the leaders who gave orders to fight with the sole objective of winning the war. The focus was on winning over the adversaries by whatever means that was possible in using weapons and other means that inflicted maximum loss and suffering. References Discussion, Imperialism and 1st World War, http://dl. bergen. edu/webct/entryPageIns. dowebct

Anonymity and Loss of Self in Crowd Theory

Anonymity and Loss of Self in Crowd Theory Phillip Tyler In locating and explaining the place of anonymity in the behaviour of crowds, and its association with a loss of self (Dixon and Mahendra, 2012), an appeal must be made to crowd behavioral theory and evidence to support these theories. This paper will look to the history of the study of crowds, the process of de-individuation and the theory of crowds based on a theory of social identity to provide a picture of the place of anonymity in crowd theory, and the association with loss of self. The first instance of anonymity being a quality significant to crowd behaviour, can be found in the work of Le Bon. Le Bon laid foundations for the psychological study of crowds with his 1895 text La Psychologie Des Foules, in which he described crowds in generally negative and unfavourable ways. He remarked on their tendency towards impulsive behaviours, to become easily irritated and their seeming inability to use reason to decide action (Le Bon, 1896). This last quality was among the most important for Le Bon, as he believed that the crowd lost any individuals rationality and, therefore, could not be rational in itself. Instead, there existed a group mind that the individual became a part of, and this experience brought to the fore deeply hidden tendencies for aggression, leading to similarly aggressive actions, all of which was made possible by the removal of the rationality of thinking actions through to their consequences. The crowd was highly open to emotional and ideological suggestion, with sentiment able to move through the crowd swiftly as if such things were contagious (Dixon and Mahen dra, 2012). All this was made possible by the key feature of anonymity. Actions could be performed without thought for consequence because it was the crowd, and not the individual, performing the action; the individual remains unseen or anonymous, and hence defers responsibility for said action from them personally, to the crowd. For Le Bon, anonymity and loss of individual self were clearly and strongly associated, as when becoming part of the group the individual gave up their individuality. Le Bons work was based largely on distanced observation and his work was unsupported by evidence as would be required by modern psychology. He also had little experience of being in a crowd himself, this coupled with his belonging to a higher social class, could have led to his negative outlook on crowds. Though, it is mostly the lack of evidence that makes Le Bons case for anonymity less convincing, his was a stepping stone for other theorists and researchers to take the quality of anonymity on to sturdier ground. Anonymity was defined more clearly by Festinger, Pepitone and Newcome in 1952 as a reduction in the individuals perceptions that they are, personally, being noticed and evaluated for responsibility for actions performed (Dixon and Mahendra, 2012). This sense of anonymity was key to their theory that claimed that this reduced perception allowed an individual to stop seeing themselves as singular, but more immersed in the group, which then led to a group or crowd being able to be more uninhibited and impulsive than any one individual, a process they called deindividuation. This theory replaced Le Bons and was able to be formalised for the gathering of evidence by stating requirements for deindividuation to occur, measuring psychological changes in people in the deindividuated state and observing changes in behaviours. The association with loss of self can also be seen here, as the individual stops seeing themselves as singularly responsible, and part of something larger. Zimbardo (1969) put forward that the individual feels less morally culpable for any harm the group may cause. It is for this reason that each member of the group feels less responsible for the actions of the group as a whole that more violent and aggressive behaviour is sometimes exhibited (Dixon and Mahendra, 2012). Zimbardo found that participants in a scenario where some wore masks and cloaks to hide their appearance, gave higher electric shocks to other participants, than those with their appearances un-masked (Zimbardo, 1969). Robert Watson (1973) found that those involved in violent clashes with other groups, who had first altered their appearance with masks or paint, perpetrated more acts of heightened and prolonged violence than those that did not. Some research seeks to take measurements other than violence or aggression as a measure of the effects of anonymity. Participants in a darkened room took to feeling more intimate towards one another other as was evidenced by their conversation, touching and feelings of sexual arousal (Gergen, Gergen and Barton, 1973), over participants in a non-darkened condition. This experiment shows that aggression isnt the only possible outcome of anonymity, and may not be an inevitable one. The anonymity provided by the darkness allowed for curiosity to develop, producing the conversation of a more serious and intimate nature than the other condition produced, allowing for the possibility that its the context of the crowd plus anonymity, rather than anonymity on its own, that influences crowd behaviour (Dixon and Mahendra, 2012). When general social rules are not applicable, such as meeting strangers in the dark, curiosity rather than aggression was the response. This may still represent a loss of self, though not a negatively focused, aggressive or violent one. The loss of self in this example could be seen a s a dropping of usual personal inhibitions, then cued by the context of the crowd to pursue personal conversation rather than the violence seen in the previous examples. If violence is the measurement taken by the experiment, then that feature is present in the crowd context and taken up by deinvididuated participants, when this is not the case, participants are not naturally violent. When masked and told to administer electric shocks to participants, those dressed as Ku Klux Klan members did so with marginally more intensity than those in unmasked Ku Klux Klan costumes. Though, those dressed in nurses uniformed did so significantly less, when masked, compared to unmasked nurses, and both KKK groups (Johnson and Downing, 1979). This suggests, quite strongly that there is a loss of self that comes with anonymity, but that the contextual cues taken by participants , for example, from being dressed as part of a group whos associated qualities involved caring and compassion, are significantly important. If anonymity and a mask produced more violent behaviour in KKK costumes than unmasked, it does follow that there is to be an increase in caring and compassion from those dressed as nurses, in the masked versus the unmasked condition, because the participant relies on the qualities of the group they are associated with, and its these qualities that become exaggerated. T his may be a loss of self through anonymity, but in becoming part of the group, the groups social identity cues become guides for behaviour. An alternate view to the way deindividuation theory looks at crowd behaviour is to say rather than becoming part of a group mind, or losing ones rationality to the crowd through anonymity, crowds are made up of people with similar, if broader, social identities, and that these identities are exaggerated, or brought to the fore, by being a member of this group. Football matches are a good example. People who may have nothing else in common, but support the same football team, for example, may act in unison as a group when at a football game, as the contextual cues bring these in-group qualities to the fore. Anonymous in a crowd in a football stadium and identifying with the social context, rather than losing ones self, crowd members act according to their social identity. It is this social identity that provides guidelines for behaviour, rather than being the cause of breakdown of all social rules, leading to violent or aggressive behaviour (Dixon and Mahendra, 2012). Motivated by the context to act in ways approved by in-group values and to demonstrate in-group membership, behaviour can sometimes be predicted more accurately because the individuals desire to remain as part of the in-group means they tend to adhere more to in-group behavioural norms. Adhering close to ones social identity, when in a social setting, does not necessarily represent a loss of self, as the qualitie s being displayed are part of the individual as a whole, it is simply the context they are in that bring them to the fore. When viewed from an outsiders point of view, crowd behaviour seems to include an inevitable loss of self, stemming from the individuals experience of anonymity that leads to aggression and violent tendencies in behaviour. When violence is not the measurement taken, other outcomes are shown that include intimacy and conversation. The view of social identity theory is that individuals in crowds do not necessarily experience a loss of self, rather it is that social identity informs behaviour and in-group values and behavioural norms are more likely to influence behaviour of the group than individual identity. References Dixon, J., and Mahendra, K. (2012) Crowds in Holloway, W., Lucey, H., Phoenix, A. and Lewis, G. (eds) Social Psychology Matters, Milton Keynes, The Open University. Festinger, L., Peptone, A. and Newcome, T. (1952) as cited in Dixon and Mahendra (2012) p6. Gergen, K., Gergen, M. and Barton, W. (1973) as cited in Dixon and Mahendra (2012) p10. Johnson, R. D. and Downing, L. L. (1979) as cited in Dixon and Mahendra (2012) p8. Le Bon, G. (1896), as cited in Dixon and Mahendra (2012) p5. Watson, R. I. (1973) as cited in Dixon and Mahendra (2012) p8. Zimbardo, P. G. (1969) as cited in Dixon and Mahendra (2012) p6-7.

Privatization of Public Utilities Essay

Privatization of Public Utilities Essay A National Government’s Decision to privatize It’s Public Utilities Introduction There has been a prevalent political agreement on improving-benefit effect of private governance in the last decades. More than $1 trillion revenues have been generated for the government on the sale of government-owned firms to private owners. Public executives nowadays evaluate privatization as a suitable tool to implement a rapid growth of promising product innovations, facilitate financial economy development and promote more efficient production technologies. However, substantial figures of firms across the world are still owned by government. (Aghion and Tirole, 1994; Ahmed and Ashutosh, 2008). Having mentioned the privatization benefits, why are there general impediments in the decision process from the government, prioritizing to privatize some firms over the others to private sectors? In answering this research question, certain firm’s political and financial-economy factors were investigated in the selection of companies for privatization. As supported by literature on private firm decision to go public, financial characteristics of firms that can probably influence the decision to privatize were recognized (Ansolabehere and James, 2007). Arguably, the sale of government owned firms can not only confide in financial-economy factors but also on political settlement and costs. However, Dixit and Londregan (1996) argued that privatization may be seen as a negative development by the public on the opinion of undemocratic shift of property owned by the government to private investors. This can result in the governing party losing its votes in such region. The position of political patronage in the decision to privatize was considered, such as; hiring decisions of government-owned firms can be influenced by politicians to favour supporters. Further to the evaluation of political and financial-economy effect on privatization, research was conducted on India Government. This country was used as a case study because it has a huge political competition among its political parties with multiparty democracy (Dinc and Gupta, 2011). This research contributes to the political and finance-economy literature by investigating privatization effects suggest that selection of companies for privatization are done randomly, but the result presented from Dinc and Gupta (2011) point out that privatization decision is probably endogenous to characteristics of the firm. The literature is structured as follows; Section one describes the political system in Indian along with its privatization. Section two, discusses the political and financial-economy factors that are possible to affect government decision to privatize its public utilities. While section three, presents the conclusion of this research. 1. Privatization and Indian Political System 1.1. Firms Owned by Government In Indian post-independence era, firms owned by government were justified by anxiety that projects that involve large investment and time-consuming gestation periods will not be awarded to private sectors. There was rapid nationalization of firms across all sectors between 1960 and 1991, which boost the formation of gross capital in firms owned by the Federal Government to 40% of the entire gross capital establishment in the market economy (Ministry of Finance, 1996). According to Ministry of Finance (2004), the wages of government companies’ workers are higher compare to private companies’ staff and overstaffed usually occur in government companies. For instance, federal government firms employed over 10% workers from various structured sector in 2003, and their wages were averagely double that of private sector (Panagariya, 2008). This huge difference in their wage recommends why government workers vigorously disagree with government decision to privatization. 1.2. Political System India has a legislative system where representatives are directly elected from 543 single member constituencies dispersed across 35 states, while the national government was formed by alliance of parties or political party that wins most of the constituencies. About 450 political parties participated in five elections to the federal government, held since the commencement of privatization program in 1991. These elections are 1991, 1996, 1998, 1999 and 2004. It is important to recognize the establishment of alliance among national political parties, before the commencement of election so as to inflate their probability of acquiring the majority (Dinc and Gupta, 2011). The Congress Party initiated the economic reforms that won the 1991 elections with the support of its allies and remain in as the ruling party until the 1996 election. After 1996 election, there were successive short-lived governments that later collapsed as a result of support deficiency from affiliated members (Dinc and Gupta, 2011). 1.3. Privatization Process In 1991, Indian created sweeping economic reforms which comprises of privatization and deregulations, as a reaction to balance payment crisis. 50 companies out of 280 nonfinancial companies that are owned by the Federal Government were privatized between 1991 and 2006. The decision to privatized list of companies was takes at the Cabinet level where every government produce its own list. The Congress government commenced the privatization in 1991, and later continued in 1999 by the BJP administration after a brief interruption by the successive government (Dinc and Gupta, 2011). Comparatively, privatization is not famously practiced in India unlike United Kingdom (UK) where almost all government-owned firms are been privatized such as British Gas, Transport for London (TFL), British Airport Authority. Since Congress and BJP parties have engaged in privatization, neither any of them as an intellectual obligation to privatization, as both parties have campaigned against each other using anti-privatization rhetoric (Dinc and Gupta, 2011). For instance, the Congress government were attacked by the BJP conservatives on privatization plans (Reuters News, 1992; cited in Dinc and Gupta, 2011), and eventually collide with the labour unions to protest privatisation (Reuters News, 1993; cited in Dinc and Gupta, 2011). In 2004, the Congress Party also campaigned against the BJP’s reform agenda, based on the platform of limited privatization, the Congress party won the election (Dinc and Gupta, 2011). 2. The Role of Political and Financial-Economy Factors in Privatization Decision 2.1. Financial Factors: Firm Size and Profitably Adverse effect could exist in the quality of companies that decide to publicized, if the issuers have more information than the investors about the company’s value (Leland and Pyle, 1977). According to Chemmanur and Fulghieri (1999), they argued that there is probability for adverse selection cost to be greater for both smaller and younger companies. This is backed by the result of Pagano et al. (1998), who suggested that smaller companies are not likely to be privatised. In the context of privatization, the methods of sales in a cross-country sample of privatised companies were compared together by Megginson et al., (2004). From his analysis, he finds that compared to private capital markets, big companies have the possibility to be privatized over shares sales to the public. 2.2. Political Factors Theoretically, Persson and Guido (2002) suggested that is likely for the politicians to target public funds to important constituencies with swing voters to succeed in elections. Experimentally, Dahlberg and Johansson (2002) shows that allowance allocation in Sweden is intense in constituencies with more swing voters, and research shows that French companies that are politically associated create additional jobs in politically aggressive constituencies (Bertrand et al., 2007). Shleifer and Robert (1994) argued that interference in the operation of companies by politicians is a major cause of inefficiency in companies owned by the government. Conclusion Since most privatizing governments sell companies, owned by the government over time or not at all, we investigate if political and financial-economy factors as well as political objectives are likely to affect government decision to privatized its public utilities. Using Indian as an exemplification, government owned companies which comprises of companies that remain fully government owned and privatized companies were investigated. Although privatization advantages like efficiency developments are distributed across the community, the costs are probably to be distinctively intense among a small group. Therefore, the voter’s support could be declined for the governing party in constituencies where the company is located. Similarly, the public may have negative opinion on privatization as a diverging transfer to public utilities or assets to private investors. The adverse reaction on outcome of elections in that constituency will be increased if the ruling party encounter a close race with the other political parties. Finally, the research suggests that selection of companies for privatization is not by chance. Accepting political contest as a tool for privatization decision, the sale of companies owned by the government was found as a facilitator to significance development in efficiency as well as profitability of these companies. References Aghion, P., Tirole, J., 1994. The management of innovation. Quarterly Journal of Economics 109, 1185–1209. Ahmed, S. and Ashutosh, V., 2008, Battles half won: The political economy of India’s growth and economic policy since independence, World Bank Working paper No. 15. Ansolabehere, S., and James S. J., 2007, Party control of state government and the distribution of public expenditures, Scandinavian Journal of Economics 108, 547– 569. BÂ ¨os, D., 1991. Privatization: A Theoretical Treatment. Oxford University Press, Oxford. Chemmanur, T. and Fulghieri, P., 1999, A theory of the going public decision, Review of Financial Studies 12, 249–279. Department of Disinvestment, 2007. Evolution of Disinvestment Policy in India . Government of India. Available at: http://www.divest.nic.in/evolutionp.htm.> Dinc, S. and Gupta, N., 2011. The Decision to Privatize: Finance and Politics. The Journal of Finance, LXVI(1), pp 241-269. Dixit, A. and Londregan, J,. 1996, The determinants of success of special interests in redistributive politics, Journal of Politics 58, 1132–1155. Gupta, Nandini, 2005, Partial privatization and firm performance, Journal of Finance 60, 987–1015. Leland, H. and David P., 1977, Informational asymmetries, financial structure, and financial intermediation, Journal of Finance 32, 371–387. Ministry of Finance, Government of India, 1996, Economic Survey of India (Government of India, New Delhi, India). Ministry of Finance, Government of India, 2004, Economic Survey of India (Government of India, New Delhi, India). Pagano, M., Fabio, P. and Luigi, Z., 1998, Why do companies go public? An empirical analysis, Journal of Finance 53, 27–64. Panagariya, A., 2008, India: An Emerging Giant (Oxford University Press, New York). Persson, T. and Guido T., 2002, Political Economics: Explaining Economic Policy (MIT Press, Cambridge). Persson, T. and Guido, T., 2002, Political Economics: Explaining Economic Policy (MIT Press, Cambridge). Shapiro, K. and Willig, R., 1990. Economic rationales for the scope of privatization. In: Suleiman, E.N.,Waterbury, J. (Eds.), The Political Economy of Public Sector Reform and Privatization. Westview Press, Boulder, CO. Shleifer, A. and Robert, V., 1994, Politicians and firms, Quarterly Journal of Economics. 109, 995–1025. A National Government’s Decision to Privatize its Public UtilitiesPage 1

The Working Poor in America Essay example -- Exploratory Essays Resear

The Working Poor in America The concept of the "working poor" has gained prominence in the post-welfare reform era. As welfare rolls shrunk, the focus shifted from the dependent poor to the working poor. It was obvious that without substantial outside support, even families with full-time low-wage workers were still earning less than the official poverty line. And while American society purports that anyone can prosper if they work hard enough, it became apparent that with inadequate opportunity or bad luck, a growing number of families could not attain the American dream, or even break the cycle of poverty. The new challenge for American social policy is to help the working poor lift themselves out of poverty. That's why progressives who supported ending welfare as we know it have set a new goal -- the government should "make work pay" so that no one who works full time is poor. After substantial decreases in the 1990s, poverty rates stopped their decline in 2000 and have actually started to again creep upward. The great conundrum of how one simultaneously alleviates the multiple causes of poverty has become a central obstacle to poverty reduction. Into this debate comes author David Shipler, a former New York Times Pulitzer Prize winner, with an aptly titled look at the state of poverty in America today, The Working Poor. Shipler's book is more anecdotal and descriptive than analytical and prescriptive. Yet it is a valuable portrait of poverty in America, just as Michael Harrington's landmark book, The Other America, was in 1962. While he does not offer many concrete solutions, Shipler provides readers with an intimate glimpse of the plight of the working poor, whose lives are in sharp contrast to the images of excess w... ... funding and direction, including those of local government and philanthropy, are critical to tailoring programs to the specific needs of local communities, and should be leveraged through federal funding. The final ingredient is responsibility, both personal and collective. Individuals must be empowered to improve their own lives, and the community must support the effort rather than look the other way, or looking past the working poor, who can so easily blend into the background. Shipler concludes the book with these thoughts: "Workers at the edge of poverty are essential to America's prosperity, but their well-being is not treated as an integral part of the whole. Instead, the forgotten wage a daily struggle to keep themselves from falling over the cliff. It is time to be ashamed." No, it is time to move past the ideology and make work pay for all Americans.