Technology – Page 28 – Frank Leonhardt's Blog

Sage data files

Sage Line 50 ACCDATA contains a load of files, and nowhere have I found any useful documentation as to what they are. Here’s a summary of what I think they are. They’re all data files unless otherwise stated. Most of the rest are indexes to the corresponding data files.

Anyone with more information is positively encouraged to leave a comment! Presumably Sage know, but they don’t seem that keen on publishing the information.

1..n.COA	Chart of Accounts
ACCESS.DTA	Access rights for users
ACCOUNT.DTA	Control Information (stuff across all accounts – VAT?
ACCRUAL.DTA	Accruals
ACCRUAL.DTA	Currency
ACCSTAT.DTA	Account Status
ASSETS.DTA	Fixed Asset
ASTCAT.DTA	Fixed Asset Categories file
ASTINDEX.DTA	Fixed Asset index file
BANK.DTA	Bank
BANKWWW.DTA	Bank WWW data
BILLS.DTA	Bills
BNKINDEX.DTA	Bank index file
CATEGORY.DTA	Category definitions
CONTACT.DTA	Contacts
CONTINDA.DTA	Contact Records index file
CONTINDD.DTA	Contact Date index file
COURWWW.DTA	Courier Resources
CREDWWW.DTA	Credit Resources
DEPARTM.DTA	Departments
FINRATES.DTA	Credit Charge
HEADERS.DTA	Transaction Headers file
INVINDEX.DTA	Invoice Record index file
INVITEM.DTA	Invoice Line Items file
INVOICE.DTA	Invoice Headers
MISCWWW.DTA	Miscellaneous Resources
NOMINAL.DTA	Nominal
NOMINDEX.DTA	Nominal Record index file
PREPAY.DTA	Prepayments
PUOINDEX.DTA	Purchase Order index file
PUOITEM.DTA	Purchase Order Line Items file
PUORDER.DTA	Purchase Order Headers
PURCHASE.DTA	Suppliers
PURINDEX.DTA	Suppliers record index file
QUEUE.DTA	List of users currently using
RECUR.DTA	Recurring Entries
REMIT.DTA	Remittance Line
REMITIDX.DTA	Remittance Line index file
SALES.DTA	Customers
SALINDEX.DTA	Customer Record index file
SAOINDEX.DTA	Sales Order index file
SAOITEM.DTA	Sales Order Line Items file
SAORDER.DTA	Sales Order Headers
SETUP.DTA	Setup information – manager passwords &c
SPLITS.DTA	Transaction Splits file
STKCAT.DTA	Stock Category
STKINDEX.DTA	Stock Record index file
STKTRANS.DTA	Stock Transactions file
STOCK.DTA	Stock
TODO.DTA	Task Manager
TODOIDX.DTA	Task Manager index file
USAGE.DTA	Transaction Usage’s file

26-June-101-February-12

Low Energy Lightbulbs are not that bright

Have you replaced a 60W traditional tungsten bulb with a 60W-equivalent low energy compact fluorescent and thought it’s not as bright as it was. You’re not imagining it. I’ve been doing some tests of my own, and they’re not equivalent.

Comparing light sources is a bit of art as well as science, and lacking other equipment, I decided to use a simple photographic exposure to give me some idea of the real-world performance. I pointed the meter at a wall, floor and table top. I didn’t point it at the light itself – that’s not what users of light bulbs care about.

The results were fairly consistent: Low energy light bulbs produce the same amount of light as a standard bulb of three to four times the rating. The older the fluorescent, the dimmer it was, reaching output of a third at a thousand hours use. Given that the lamps are rated at two to eight thousand hours, it’s reasonable to take the lower output figure as typical as this is how it will spend the majority of its working life.
This gives a more realistic equivalence table as:

CFL Wattage	Quoted GLS equivalent	Realistic GLS equivalent
8W	40W	25-30W
11W	60W	35-45W
14W	75W	40-55W
18W	100W	55-70W

Table showing true equivalence of Compact Fluorescent (CFL) vs. conventional light bulbs (GLS)

So what’s going on here? Is there a conspiracy amongst light-bulb manufacturers to tell fibs about their performance? Well, yes. It turns out that the figures they use are worked out by the Institute of Lighting Engineers, in a lab. They measured the light output of a frosted lamp and compared that to a CFL. The problem is that the frosting on frosted lamps blocks out quite a bit of light, which is why people generally use clear glass bulbs. But if you’re trying to make your product look good it pays to compare your best case with the completion’s worst case. So they have.

But all good conspiracies involve the government somewhere, and in this case the manufactures can justify their methods with support from the EU. The regulations allow the manufactures to do some pretty wild things. If you want to look at the basis, it can be found starting here:

For example, after a compact fluorescent has been turned on it only has to reach an unimpressive 60% of its output after a staggering one minute! I’ve got some lamps that are good starters, others are terrible – and the EU permits them to be sold without warning or differentiation. One good thing the EU is doing, however, is insisting that CFL manufacturers state the light output in lumens in the future, and more prominently than the power consumption in Watts. This takes effect in 2010. Apparently. Hmm. Not on the packages I can see; some don’t even mention it in the small print (notably Philips).

However, fluorescent lamps do save energy, even if it’s only 65% instead of the claimed 80%. All other things being equal, they’re worth it. Unfortunately the other things are not equal, because you have the lifetime of the unit to consider.

A standard fluorescent tube (around since the 1930’s) is pretty efficient, especially with modern electronics driving it (ballast and starter). When the tube fails the electronics are retained, as they’re built in to the fitting. The Compact Florescent Lamps (CFL) that replace conventional bulbs have the electronics built in to the base so they can be used in existing fittings where a conventional bulb is expected. This means the electronics are discarded when the tube fails. The disposable electronics are made as cheaply as possible, so it may fail before the tube.

Proponents of CFLs says that it is still worth it, because the CFLs last so much longer than standard bulbs. I’m not convinced. A conventional bulb is made of glass, steel, cooper and tungsten and should be easy enough to recycle – unlike complex electronics.

The story gets worse when you consider what goes in to the fluorescent tubes – mercury vapour, antinomy, rare-earth elements and all sorts of nasty looking stuff in the various phosphor coatings. It’s true that the amount of mercury in a single tube is relatively small, and doesn’t create much of a risk in a domestic environment even if the tube cracks, but what about a large pile of broken tubes in a recycling centre?

So, CFLs are under-specified and polluting and wasteful to manufacture, but they do save energy. It’d be better to change light fittings to use proper fluorescent tubes, however. They work better than CFLs, with less waste. I don’t see it happening though. At the moment descrete tubes actually cost more because they fit relatively few fittings. People are very protective of their fittings. The snag is that with CFLs you need at least 50% more bulb sockets to get enough light out of them.

Standard bulbs produce less light than they could because a lot of the energy is turned into heat (more so than with a CFL). However, this heat could be useful – if your light bulbs aren’t heating the room you’d need something else. This is particularly true of passageways and so on, where there may be no other heating and a little warmth is needed to keep the damp away. The CFL camp rubbishes this idea, pointing out that in summer you don’t need heat. Actually, in summer, you don’t need much artificial light either, so they’d be off anyway. Take a look at document “BNXS05 The Heat Replacement Effect” found starting here for an interesting study into the matter – it’s from the government’s own researchers.
But still, CFLs save energy.

Personally, however, I look forward to the day when they’re all replaced by LED technology. These should last ten times longer (100,000 hours), be more efficient still, and contains no mercury anyway , nor even any glass to break. The snag is that they run on a low voltage and the world is wired up for mains-voltage light fittings. I envisage whole light fittings, possibly with built-in transformers, pre-wired with fixed LEDs which will last for 50 years – after which you’d probably change the whole fitting anyway.

Ah yes, I hear the moaners starting, but I want to keep my existing light fitting. Okay, sit it the gloom under your compact fluorescents then.

30-April-102-November-23

How to improve Sage network performance

If you accept that Sage Line 50 is fundamentally flawed when working over a network you’re not left with many options other than waiting for Sage to fix it. All you can do is throw hardware at it. But what hardware actually works?

First the bad news – the difference in speed between a standard server and a turbo-nutter-bastard model isn’t actually that great. If you’re lucky, on a straight run you might get a four-times improvement from a user’s perspective. The reason for spending lots of money on a server has little to do with the speed a user’s sees; it’s much more to do with the number of concurrent users.

So, if you happen to have a really duff server and you throw lots of money at a new one you might see something that took a totally unacceptable 90 minutes now taking a totally unacceptable 20 minutes. If you spend a lot of money, and you’re lucky.

The fact is that on analysing the server side of this equation I’ve yet to see the server itself struggling with CPU time, or running out of memory or any anything else to suggest that it’s the problem. With the most problematic client they started with a Dual Core processor and 512Mb of RAM – a reasonable specification for a few years back. At no time did I see issues to do with the memory size and the processor utilisation was only a few percent on one of the cores.

I’d go as far as to say that the only reason for upgrading the server is to allow multiple users to access it on terminal server sessions, bypassing the network access to the Sage files completely. However, whilst this gives the fastest possible access to the data on the disk, it doesn’t overcome the architectural problems involved with sharing a disk file, so multiple users are going to have problems regardless. They’ll still clash, but when they’re not clashing it will be faster.

But, assuming want to run Line 50 multi-user the way it was intended, installing the software on the client PCs, you’re going to have to look away from the server itself to find a solution.

The next thing Sage will tell you is to upgrade to 1Gb Ethernet – it’s ten times faster than 100Mb, so you’ll get a 1000% performance boost. Yeah, right!

It’s true that the network file access is the bottleneck, but it’s not the raw speed that matters.

I’ll let you into a secret: not all network cards are the same.

They might communicate at a line speed of 100Mb, but this does not mean that the computer can process data at that speed, and it does not mean it will pass through the switch at that speed. This is even more true at 1Gb.

This week at Infosec I’ve been looking at some 10Gb network cards that really can do the job – communicate at full speed without dropping packets and pre-sort the data so a multi-CPU box could make sense of it. They cost $10,000 each. They’re probably worth it.

Have you any idea what kind of network card came built in to the motherboard of your cheap-and-cheerful Dell? I thought not! But I bet it wasn’t the high-end type though.

The next thing you’ve got to worry about is the cable. There’s no point looking at the wires themselves or what the LAN card says it’s doing. You’ll never know. Testing a cable has the right wires on the right pins is not going to tell you what it’s going to do when you put data down it at high speeds. Unless the cable’s perfect its going to pick up interference to some extent; most likely from the wire running right next to it. But you’ll never know how much this is affecting performance. The wonder of modern networking means that errors on the line are corrected automatically without worrying the user about it. If 50% of your data gets corrupted and needs re-transmission, by the time you’ve waited for the error to be detected, the replacement requested, the intervening data to be put on hold and so on your 100Mb line could easily be clogged with 90% junk – but the line speed will still be saying 100Mb with minimal utilisation.

Testing network cables properly requires some really expensive equipment, and the only way around it is to have the cabling installed by someone who really knows what they’re doing with high-frequency cable to reduce the likelihood of trouble. If you can, hire some proper test gear anyway. What you don’t want to do is let an electrician wire it up for you in a simplistic way. They all think they can, but believe me, they can’t.

Next down the line is the network switch and this could be the biggest problem you’ve got. Switches sold to small business are designed to be ignored, and people ignore them. “Plug and Play”.

You’d be forgiven for thinking that there wasn’t much to a switch, but in reality it’s got a critical job, which it may or may not do very well in all circumstances. When it receives a packet (sequence of data, a message from one PC to another) on one of its ports it has to decide which port to send it out of to reach its intended destination. If it receives multiple packets on multiple ports it has handle them all at once. Or one at a time. Or give up and ask most of the senders to try again later.

What your switch is doing is probably a mystery, as most small businesses use unmanaged “intelligent” switches. A managed switch, on the other hand, lets you connect to it using a web browser and actually see what’s going on. You can also configure it to give more priority to certain ports, protect the network from “packet storms” caused by accident or malicious software and generally debug poorly performing networks. This isn’t intended to be a tutorial on managed switches; just take it from me that in the right hands they can be used to help the situation a lot.

Unfortunately, managed switches cost a lot more than the standard variety. But they’re intended for the big boys to play with, and consequently they tend to switch more simultaneous packets and stand up to heavier loads.

Several weeks back I upgraded the site with the most problems from good quality standard switches to some nice expensive managed ones, and guess what? It’s made a big difference. My idea was partly to use the switch to snoop on the traffic and figure out what was going on, but as a bonus it appears to have improved performance, and most importantly, reliability considerably too.

If you’re going to try this, connect the server directly to the switch at 1Gb. It doesn’t appear to make a great deal of difference whether the client PCs are 100Mb or 1Gb, possibly due to the cheapo network interfaces they have, but if you have multiple clients connected to the switch at 100Mb they can all simultaneously access the server down the 1Gb pipe at full speed (to them).

This is a long way from a solution, and it’s hardly been conclusively tested, but the extra reliability and resilience of the network has, at least allow a Sage system to run without crashing and corrupting data all the time.

If you’re using reasonably okay workstations and a file server, my advice (at present) is to look at the switch first, before spending money on anything else.

Then there’s the nuclear option, which actually works. Don’t bother trying to run the reports in Sage itself. Instead dump the data to a proper database and use Crystal Reports (or the generator of your choice) to produce them. I know someone who was tearing their hair out because a Sage report took three hours to run; the same report took less than five minutes using Crustal Reports. The strategy is to dump the data overnight and knock yourself out running reports the following day. Okay, the data may be a day old but if it’s taking most of the day to run the report on the last data, what have you really lost?

I’d be really interested to hear how other people get on.

27-April-1014-February-13

BlueWatchDog Review

This is an almost brilliant idea. The BlueWatchDog is a thick credit-card sized device that picks up the signal from your paired Bluetooth ‘phone, and if it gets separated from it, sounds an alarm. Great if you’re the type to leave your Blackberry behind or you iPhone is pinched from you handbag. At just £40 it could save you a lot of hassle.

I said it was “almost” brilliant. The snag is that it requires an application running on the mobile device. It’d have been better if it could pair with anything Bluetooth, at least as an option. The application can be used to set the range before the alarm is set off but this is functionally you could live without. As it stands it works with Android, RIM and Apple mobiles. Apple, incidentally, didn’t like the idea of them giving the App away but the company have struck a deal to make this possible.

I managed to speak with the inventor and suggested a version that would work with any Bluetooth unit – possibly by treating it an audio device. Watch this space (and I hope he sends me a sample!)

www.mindyourit.co.uk
0800 999 2177

27-April-1014-February-13

Encrypted USB Flash Drives Review

This year Infosec was awash with encrypted USB flash drives. This makes sense; lost USB drives are a major security problem. In fact flash drives are a major security problem, full stop.

Nearly all the flash drives I looked at had one major weakness – they’re tied to the Windows operating system (or Macintosh, and possibly Linux) in order to get data on and off. They have a special application to get the password from the user and supply it to the drive.

This may be considered a weakness, with a common criticism being that key loggers can capture the password before it can get to the drive. I’m actually not too worried about this because if the host has a key logger running then malware can just as easily access the drive itself, however the drive received its password in the first place.

However, having a Windows application required for access to the data is no good if you’re not always running Windows, and flash drives can be read from anything from a car radio to a photocopier. Even if you are reading it on a PC, the operating system of your choice will be upgraded in due course, but the application needed to access your data may not be.

After a bit of searching did find three genuinely OS-independent devices; the LOK-IT, the hiden Crypto Adapter and the Data Locker

Data Locker

This is a USB 2.0 hard disk, available in capacities ranging from 320Gb to 1TB. It’s a nice bit of kit, with a rubber bump-shell and a touch sensitive LCD panel for entering the codes to unlock it. Data is encrypted using hardware to AES CBC 128-bit or 256-bit depending on the model, and once the password has been entered the host system sees it as a standard drive. There are lots of nice features, like a randomized keypad so wear on particular keys doesn’t give the game away.

As it contains a 2.5″ drive it’s bulky compared to a flash drive, but it’s a huge capacity. If you really need to carry around such a large amount of secure data it’s a good choice. But at £400+VAT you’d be better off with something smaller if you don’t.

The Data Locker is made by Origin Storage in Basingstoke. They’ve been around since 2001 supplying OEM storage products, and aquired Amacom in 2006 – the brand used for Data Locker.

www.datalockerdrive.eu
No standard rate telephone number available.

hiddn Crypto Adapter

This doesn’t actually store anything – it’s a USB to USB adapter with encryption. Basically you plug one end into the host machine and plug your standard USB flash drive, or USB HDD if you prefer, into the top. Then you load your encryption key using a smart-card in the slot below, enter your PIN and away you go. It doesn’t matter what the host or USB storage device actually is; the host sees a standard USB drive.

The unit is mouse-sized and works well on a desktop, but is a bit bulky to carry around on portable equipment. It’s also pricey, at £290+VAT.

This system actually makes a lot of sense as with two units permanently attached to desktop machines in different locations as you can use cheap, standard flash drives to transport the data – even post them – without the risk of data leakage if they’re lost in transit. Using the optional key management software it’s possible to duplicate the keys on the smart cards so encryption works at both ends

The Norwegian makers, hdd, have a range of other encryption products which are worth a look, using the same smart cards to hold keys. I shall be watching them with interest

www.hiddn.no
+47 38 10 44 80

LOK-IT

This USB flash drive is probably the solution for the rest of us. It’s simple. It’s a flash drive with a small keypad allowing you to enter a PIN to activate it. Powered by an internal battery, you’ve got 30 seconds after entering the password to plug it in, at which point it looks like any other USB drive to the host system. Activation status is indicated by either a red or green LED, and once the drive is pulled from the host it immediately returns to its encrypted state.

There are two versions available, one with a five-key PIN pad, and one with the full ten digits. Both have on-the-fly 256-bit AES encryption hardware. Apparently the ten-key version is more popular, but I liked the five-key because it had a draw-back USB cover you can’t lose.

If you enter the PIN incorrectly ten times the units wipe all their data and reset. This could be annoying, but it prevents access if they fall in to the wrong hands.

My only concern about these units is the robustness of the keypad, which is also a tad difficult to operate. It feels flimsy but may be okay. But with the 4Gb version costing just US$60 they’re a very cost-effective and practical solution. No UK distributor is available at the time of writing.

www.lok-it.net
++1 954-889-3535

10-April-10

Digital Economy Bill stitch-up

With any luck, this is the last piece of duff legislation in a long line of duff legislation passed by this partially inept government. It has been rushed through, with more haste than normal. To their eternal discredit the leaders of the Conservative and Liberal parties are complicit in allowing it through.

The only good news is that the tax on landlines has been dropped. This was to “pay for the next generation of Internet provision”, but with no explanation as to why taxpayers were supposed to pay for the infrastructure needed to make the larger ISPs still richer. If there’s a demand for it, the infrastructure will appear anyway because there’s money to be made.

The bad news is that the remainder of the bill is also a joke. It’s to do with protecting the rights of copyright holders (i.e. the music and media companies) by forcing ISPs to police what they’re downloading.

There’s some justice in this, on a theoretical level. ISPs are quite happy to make money from the ‘killer app’ that is media piracy, so they deserve the hassle of trying to clean it up. The problem is, as I need hardly tell you, that it’s unworkable.

The daft idea is to track pirates by their IP addresses. As anyone with an interest in cybercrime will tell you, this just doesn’t work. The criminals obscure their IP addresses, usually by hijacking the IP address belonging to an innocent third party. Under the Digital Economy Bill, it’s the innocent third party that’ll suffer.

There’s also the problem of identifying pirated content. Take it from me, this can’t be done, and the heuristics currently used to detect activity likely to be related to piracy (e.g. P2P protocols) can be rendered obsolete at any time.

Even if you could detect illicit traffic, you can’t possibly pin it down to an individual. Take one trivial example – “mobile broadband”. You can get this by walking into the mobile ‘phone shop of your choice, slapping some cash on the counter and walking out with a cellular modem with an Internet connection that’s completely untraceable. It even gets a different IP address from the service provider each time you turn it on. Are these to be banned? I don’t see it happening.

Pirates could also use one of the many free wireless hotspots found on any high street or hotel. Are these going to be closed down because pirates use them?

So, we have a bill that won’t solve the problem it sets out to tackle but will, instead, result in hassle for the law-abiding innocent computer users who have their IP addresses, and providers of publicly accessible Wifi networks.

You don’t have to be in favour of piracy to regard this latest piece of government nonsense as a very bad thing indeed.

10-March-1016-July-10

Microsoft Office Genuine Disadvantage

In April 2008 Microsoft released a ‘needed’ update for Microsoft Office 2003 (and, I believe, XP and 2007). The only purpose appears to be to check if the software installed no your machine is “genuine”, at least as far as Microsoft is concerned.

In typical Microsoft style, it didn’t always work. I’ve noticed it popping up nag screens on machines I know where running genuine software, as supplied by major OEMs. Microsoft famously had the same problem with Windows XP Genuine Advantage, resulting in a certain major mail-order PC supplier’s machines having problems. Microsoft’s servers have also suffered faults, disallowing thousands of copies of their software for no reason whatsoever.

Latterly I’ve come across several machines running Office 2003 having problems. This used to be a worrying nag screen, but in the last couple of weeks I’ve heard about genuine software being deactivated in early April. Whether this comes about remains to be seen!

I’m not clear as to why this is happening. Is it a bad de-install of Office 2007 causing the problem? It seems to affect Vista machines which were pre-loaded with Office 2007 and moved on to site licensed versions of 2003 (because everyone hates 2007). It may also be interference caused by malware modifying Office 2003.

One worrying prospect is that Microsoft is unable to manage licenses for this old product and has simply messed up.

Basically, installing anything that might decide you’re running a pirated software and shut you down is a fundamentally bad plan, and best avoided. If you decline these “needed” updates it will prevent you from installing new features (other than critical security fixes) but you can carry on as normal. The risk outweighs the benefits.

Microsoft’s trend has been to restrict the installation of its software for many years, which is a disaster if it doesn’t work. It’s yet another reason for people to switch to the open source alternatives, such as OpenOffice. The cost of the licenses from Microsoft doesn’t bother me; it’s the risk of the self-destruct code they’re building in. If you’re a large corporation you can probably drag Microsoft in and tell them to fix it pronto, and pay compensation. It’s the small guy’s who’ll suffer.

5-March-1015-February-11

Sage 2011? Line 50 with a proper database

Today I ran in to my “old friends” Sage at a computer show; they didn’t recognise me and tried to interest me in Sage Accounting for my business. I was wearing a suit, I suppose. As you can imagine, it didn’t take long for them to catch on, after which I turned the subject to the subject of Line 50 using a proper database.

You might have got the impression I really don’t like Sage. That’s not strictly true; the issue is that I really don’t like the idea of Line 50 being sold to SMEs planning to use it for anything non-trivial. Interestingly, the people from Sage agree – at least in private. The database driven version to cure the problemhas been promised for four years, so they’re obviously aware of the issue!

So when’s it coming? Apparently in Sage 2011, due out in August 2010. “Really?” I said. “Yes, definitely. At least that’s the plan”, they said.

I pushed a bit further – would it be using mySQL as promised or would they wimp-out and use the lightweight Microsoft server. I didn’t get an answer, which confirms my fears, but even a Microsoft SQL server is better that the current arrangement.

I tried to discuss the performance issues for people upgrading to Line 50 Version 2010 with them, but I got the impression they were a bit jaded on the subject, and did a very poor job of feigning surprise.

6-February-108-September-15

It is safe to allow your kids to use Fronter?

Fronter is Pearson’s commercial LMS; basically Moodle, but you pay lots of money for it. It quite possibly does more, but I’m not in a position to pay for a copy to find out. However, this isn’t a review of Fronter. In fact it applies to the concept of an LMS rather than Fronter, as an instance of an LMS.

An LMS (or LCMS) is a CMS that has been developed, or optimised for learning (hence the acronym). It’s currently being pushed in to primary schools for use by children as young as six, and it’s security is far from certain.

An LMS is also known as Virtual Learning Environments (VLE) in marketing-speak. Ask any academic computer scientist and they’ll tell you Moodle is the one to go for these days. WebCT in the past; but the open source nature and sheer power of Moodle makes it king of the castle – and it’s free. So why does half the world use Blackboard (they purchased WebCT in 2005)? My best guess is that most schools don’t have the technical ability to support anything in-house, and by outsourcing you get a commercial product, sold with smiles and soothing words. It’s just not realistic to expect many primary or secondary education institutions to have the knowledge to manage its own IT – the 20% of the world using Moodle are the clued-up tertiary sector. And the folks able to use Moodle are the same folks that are likely to understand the security implications. Primary schools are unlikely to have security skills in-house, and it’d be surprising to find that level of knowledge in a secondary (high) school either, so in order to use an LMS it has to be outsourced and made simpler.

Enter Pearson with Fronter. Pearson is a large media conglomerate with an education division, best known for brands such as Prentice Hall, Longman, Addison-Wesley. Ah, THAT Pearson. So you can see they’ve got a good ‘in’ to schools, and they appear to be pushing Fronter hard in to the primary sector. It’s being used for children as young as six, and this raises significant questions when it comes to security. Would you let your child use Facebook? Of course not; so why is Fronter, with its social media features any better?

Leaving aside whether it’s appropriate to introduce very young children to any form of social networking, a close look at the security aspects of any LMS is vital. Latterly I’ve been looking at Fronter, and this is used for examples in this article, but the comments apply to any LMS – they can all be configured in a dangerous way.

Fronter is obviously keen to allay concerns, and has just hired Logica (completed March 2010) to get it through ISO 27001. Fronter will doubtless wave this badge around saying “Okay – we’re now safe and secure to international standards”. This will be true, to at extent, but ISO-27001 is so vague it can mean anything. Like ISO-9000, it basically means it can be audited within the parameters set, and potential stakeholders can review the documentation and see if it meets their requirements. Even when these parameters are available, I doubt I’d be allowed to review it (Fronter – are you listening?)

Don’t get me wrong here. I’m not knocking ISO-27001 any more than I’d knock ISO-9000. At least not per se. It’s a framework, and as such, can be used to promote good or to conceal evil. Neither do I question Fronter’s commitment to keep intruders out of its system, if for no other reason than because any breach would have a disastrous effect on its business. I’m as confident as I can be that they’re taking the matter very seriously indeed, as do any other serious LMS developers.

But the developers can’t make an LMS safe. It’s infrastructure might be secure, but its users are always going to be the weak link. Schools really don’t know about who has access to their LMS, or don’t care because it’s too difficult a problem to find out.

When your child reads something posted by another Fronter user, who actually wrote it? Much is made of ensuring that everyone in contact with children has a CRB check, but a Fronter account for a child is given out to its parents with no checks made on them whatsoever.

Have you ever wondered what the likelihood of a randomly selected parent failing a CRB check might be? Well I reckon it’s about 1 in 5; in other words not much better than 50:50 that one adult in the house has a criminal record of some sort. (Figures aren’t compiled; I have extrapolated this from an answer in Hansard 25 Apr 2008 : Column 2328W). Worrying? So How many are likely to be on the “Sex Offenders Register”? Currently the English notification system lists 48,000 adults. It’s widely realised that most don’t appear on this because they haven’t been caught, and dodgy teenagers don’t figure in the stats at all, but certainly exist. Projecting this to working age parents (or guardians) you end up with an average of about three sex offenders being parents at a school of 1000 pupils. In other words, you can say pretty safely that there are probably registered sex offenders able to control accounts on most Infant and Junior schools using an LMS.

This leaves schools with a bit of a dilemma. If parents realised that they children were using a social media site shared by CRB failures and sex offenders they’d insist the plug was pulled. But at the very least, schools need to ask for informed consent from the parents before exposing their children to this risk – or turn off the ability to communicate in the LMS software (the safe option) and simply use it for staff to pupil communication. What schools often claim is that their staff monitor all content and messages. This will be done with the best of intentions, but will it be kept up long-term and how effective will it be on a large volume of traffic? If you’ve ever moderated a forum, you’ll understand the difficulty. However, teachers are smart people and usually have a sixth sense about where to watch for trouble.

Monitoring is undoubtedly good thing compared to a free-for-all, but does fail to address the fact that multiple channels are often used for nefarious purposes. A message posted on the LMS might seem innocuous in itself, but could easily be key part of an external conversation. Anyone who thinks children don’t routinely use code words adults won’t understand simply doesn’t know children.

So far I have considered login details falling in to the lap of undesirable elements via children in the household. But supposing an unconnected local paedophile wished to target a LMS directly. Is this possible? Of course, and here’s a scenario to make the point.

A fair number of schools now use outsourced emailing systems such as ParentMail, inTouch and CallParents to contact parents, and may simply use the mechanism to distribute attached files rather than proper text messages in the email body. Parents tend to trust emails from these services as they believe they know the sender (i.e. the their child’s school), and are conditioned into opening file attachments. It’s trivially easy to forge a ParentMail email, sending any file attachment the attacker pleases. Stealing login-in credentials in such circumstances would be almost child’s play, but if a key logger was too much trouble then a phishing email should work just as well. Assuming some effort is being made to target a child, an email to the parents saying “Please click here to log in to Fronter”, using context information from the school’s web site and parent details from Facebook is trivially easy. I haven’t heard of this happening, but I can’t believe it hasn’t.

Assuming the LMS developer has any sense of responsibility or desire to stay in business, it’s pretty clear that the security measures against infiltration of a LMS such as Fronter depend on policy rather than technology. If children are allowed to exchange messages with each other the only thing that will stop an infiltrator will be the vigilance of the monitoring staff. Supervision whilst using the system, whilst at home and at school, is just common sense. But there are still technical issues to address.

Some LMS require certain insecure features to be enabled on web browsers, such as Java. For security reasons, many people have risky technologies disabled. You certainly wouldn’t allow them in a secure commercial environment, so why take the risk at home? And worse, how much more of a risk is it if you allow a naïve child to use client-side code? Yet this is exactly what schools using an LMS are asking parents to do – drop the security on their home computers to allow access to attractive interactive features. There’s probably little risk that the LMS will contain compromised code unless pupils are allowed to develop their own content, but it’s not impossible especially using a targeted attack.

An LMS is an attractive vehicle for delivering malware for various reasons. In junior schools particularly, the inexperience of the pupils could allow things to be activated that adults would normally be suspicious of. Also, there’s a temptation for the institution to consider the LMS part of the Intranet and give it trusted status on local endpoints, meaning anything injected in to the LMS is likely to run with trusted privileges even when the Internet is locked down. This isn’t logical – if the endpoint is vulnerable to Internet-based web pages and LMS users can upload content, it’s not actually any more secure.

Many LMS allow file uploads for assignment submission, which provides a route to compromise the PCs used by the academic staff. Given that criminals will have access to some pupil’s login details by virtue of the fact they’re also parents, uploading a trojan to a staff computer is a real threat. For example, Fronter reassures users on its web site that uploads are scanned using Clam-AV. Commendable, but they are inadvertently giving the criminals the intelligence needed to bypass this specific scanner.

Another issue with file uploads concerns endpoint security software. If the endpoint has been secured, file transfers from the browser or elsewhere will be disabled. In order to use the LMS, this often has to be globally enabled. For example, using Ranger to block file upload/download dialogues with Fronter appears impossible because it uses the generic object selector. Ranger detects the window title and either blocks it or lets it through for every web site. Discrimination isn’t possible.

Whilst I’ve used Fronter in many of these examples because it is to hand, I am talking about general issues of security when allowing young children to use an LMS. The developers of such systems take good care to make sure the platform is inherently secure, but dangers remain from at least two sources. Firstly, there may be only a thin veneer of control over who has access to the system if pupils have access outside of school. Secondly, in order to run an LMS it is often necessary to disable endpoint security measures in such a way that it becomes venerable to threats from wider sources.

18-January-1018-January-10

Bugs in IE? Which browser should I use?

Internet Exploder has been hit by the cyber-criminals again. Yawn. Actually, this time it’s serious. It affects all versions of Internet Explorer since six, and it’s going to take Microsoft a while to fix it, and I suspect they won’t for earlier releases (anything less than version eight).

Continuing to use Internet Explorer in the mean time is risky, so using an alternative would be a good idea. But which one?

There are strong opinions as to which browser to use, more often related to the companies that produce them than to their technical merits. In the circumstances I thought a quick guide was in order.

Internet Explorer

Produced by Micro$oft and therefore beyond the pale. Actually, it’s pretty good although slow and cumbersome. It trails behind the others in innovative features. A lot of kid web designers specify that their sites are “optimised” for Internet Exploder, which is a reason to avoid such web sites – or use Internet Explorer. As it comes pre-installed with Windows, it’s the most common web browser out there and is therefore the one attacked most often by criminals. However, I’ve seen no evidence that it’s inherently less secure.

It’s Windows-only, and the current version requires XP SP2 or newer.

Download Internet Explorer if you must

Firefox

This one comes from the Mozilla foundation and is championed by the anti-Microsoft brigade. They claim that Internet Explorer is full of bugs, insecure and bad. Firefox is all of the above, but “good”. More bugs and security problems turn up in Firefox than IE, and it has very regular updates to fix them.

Firefox, like Internet Explorer is big and slow – and some of the versions will cause your PC to grind to a halt. The current release (3.5.7) seems okay, but the writers tend to break it too frequently for my liking.

However, Firefox is on the leading-edge of browser design and pushes forward with useful new features before Microsoft has thought of them. It’s also very good from a security perspective in dealing with encryption and suchlike, and is probably the professional browser of choice for this reason.

Firefox is also cross-platform – available for UNIX, Linux, Windows, Macintosh and so on.

Download Firefox

Google Chrome

This is a wonderful, small, efficient browser from Google. It follows the web standards very well, which means web pages produced to work around problems with Internet Explorer will not look the same on Chrome.

It has one big weakness: it will remember web site passwords, but not in a secure way. Therefore don’t use Chrome for logging in to anything secure. I do hope they’ll fix this soon, but it’s taken a long time.

Download Chrome

Opera

If you like Norway, you’ll love Opera. It’s available from Windows, Mac, Linux, Nintendo Wii and various handheld devices. Its users seem to like it, although it doesn’t have a significant desktop market share except on the Macintosh. I haven’t tried the latest version as I’m happy with Firefox and Chrome, but it’s worth a look if you’re not.

Download Opera

Safari

This is written by Apple and only runs on a Macintosh (or iPhone &c). I would mention the fact it’s proven pretty insecure, but that would upset Mac aficionados, who don’t take such criticisms seriously anyway.

Summary

They’re all insecure. Take your pick. Just avoid IE for a month or so, and be careful if you have to use an earlier version as they might not get around to fixing it.