Occasionally, I find a simple solution to a complex problem that works better than expected. Office of Foreign Assets Control (OFAC) compliance can be difficult. OFAC is the treasury department responsible for, among other things, enforcing the PATRIOT ACT and Terrorism Sanction Regulations regarding blocking financial transactions with suspected terrorists. Basically, OFAC requires you to compare your client list regularly to the published terrorist watch lists. If you find a match, you are required to stop doing business, freeze the money, and contact the Feds.
The hard part of OFAC compliance is matching your clients to the watch list. OFAC publishes a list onÂ a regular basis, but the list is not exactly user friendly. Complicating matters is the fact that the list contains lots of Mohammeds, Usamas, and John Smiths. Most names on the list also have dozens of aliases. Obviously, not everyone named Mohammed doing business with you is a terrorist, so how do you distinguish the good from the bad? (read more…)
Writing a blog is hard work! Having spent the past four months working on this site, and scanning the blogosphere looking for useful articles, I’m convinced that most bloggers do not get enough credit for the incredible information they provide. One of the stated goals for edgeblog is to provide useful, original content as a way of giving something back to the Internet community, rather than just linking to content found elsewhere. Creating new content every week is a tough job, but we welcome the challenge.
With that said, I want to actively promote the concept of e-Tipping. e-Tipping is a way to pay the blogger back for the hard work they have put into their blog, similar to leaving a tip at a restaurant. There are several ways to leave an “e-Tip”:
Click the ads!!! – Most blogs these days have ads. If you like the article you just read, visit the site’s sponsors. The blogger will make, on average, about $.05 per click…not much of a tip, but it adds up when a lot of people are reading your blog. UPDATE 06/01/2007: It is against Google’s terms and conditions to directly ask people to click your ad links. I respect Google and their terms, and would not want to circumvent their business model. Most Google ads are contextually related to the blog article. So, if you find an article valuable, take the time to look at the ads. If you are interested in any of the products, by all means click the ad, but please do not click ads soley for the purpose of driving up click revenue for the blogger.
Donate – Many blogs offer paypal links. If you find the articles especially useful, make a small cash donation. This is often the best way to support a blogger if you want him to provide you with specific additional information.
Leave a Comment – Blogging can be a lonely business. Comments show you care. They also make articles seem more relevant to the next reader.
Digg/Slashdot/Link the article – Bloggers want traffic. The more the better. Also, Google ads pay for page views, as well as clicks. Help the blogger promote their site, and they will continue to create great content.
Read the rest of the blog – Chances are you found the blog from a link aggregator. If you find the article useful, click out to the parent site, and scan some of the other articles. You’ll probably find other articles of interest, worthy of your time and e-Tips. (read more…)
Amazon is running a special on the Cingular Blackjack for $49.99 after rebates! CLICK HERE. The special is obviously only good for a limited time, and requires activation, but this is an incredible deal on arguably the best Windows Smartphone available today. I posted my original review of this phone 3 weeks ago: http://www.edgeblog.net/2006/cingular-blackjack-vs-smt5600/
Since then, I have not had a single problem with the phone. After three weeks of solid testing, I can say without a doubt this is the best PDA and best phone I have ever used. The buttons are well spaced and intuitive. The only complaint I have is that 3rd party software is still limited for the phone. Handango lists about 155 titles for the phone, but many of those are duplicates, or are not terribly useful on this platform. So far, the most useful program I have found is TaskList by AvinaSoft. This is a simple but effect task manager that syncs wirelessly with Outlook tasks using wireless Activesync.
If you need an easy to use smartphone with super-fast Internet access and seemless Exchange synchronization, this is the phone for you.
The problem with all these articles is that they don’t provide links to the actual rules published by the court. Since I have no life, I searched the Supreme Court’s website for the published rules. The new rules (http://www.supremecourtus.gov/orders/courtorders/frcv06p.pdf) were released by the Supremes last April. Based on my reading, there is both good and bad news in the rules with regards to e-discovery.
(Legal Disclaimer: I am not a lawyer; Do not rely upon my opinions; When in doubt hire a real lawyer and make sure he’s a good one; I am not responsible if you rely upon my analysis.) (read more…)
Losing an administrator is always a painful process. Even the best administrators usually forget to document something. The worst admins document nothing, create up multiple backdoor accounts, and install services to run under their own credentials. It is important to immediately check your servers when an admin leaves for several reasons: Disgruntled admins may leave backdoors in your system that they will later use to attack you; Disabling the admin’s account may cause services to stop running; Scripts may be scheduled to run that will grant the admin access weeks or months later.
Fortunately, it is possible to perform a rapid clean up if you follow a simple process, and use tools to help. This process is specific to the platform the administrator supported. The process for cleaning up after a Windows administrator is as follows:
Create a list of all servers in your environment. If you aren’t sure, check DNS and Active Directory
Search Active Directory for all users with privileged (admin) group memberships
Search every server for services that run under domain or local accounts instead of LocalSystem or NT
Search every server for scheduled tasks that run under domain or local accounts
Change the password on every privileged user account. Assume that the old admin could have had access to every account at some point.
Change the password on every service and scheduled task to match the new passwords in step 5.
Change any service or scheduled task that runs under the old admin’s account to run under a new service account
Review any scheduled tasks that are scripts, to make sure you know what they do. A clever admin could bury a script to recreate his admin account inside of another script.
Disable the old admin account
There are many good commercial tools available for searching servers for service accounts and scheduled task accounts, but I’m a big believer in using simple scripts where possible to get the job done. If you want a commercial product to help, check out: