Monthly Archives: May 2017

  • 0

THE EMI LIFE by Mallikaa Chaaterjee

Category : Uncategorized

A guest post from a full time entrepreneur.

For non-Indian readers, EMI = Equal Monthly Installments.  EMI in another way can be to be “addition to easy credit” where the barrier of affordability is instantly bridged and instant consumption happens.

All EMIs are front-loaded with interest and is a legally enforced claim on the payer’s future earning (and labour) and the future may be 20-30 years for EMIs servicing larger borrowings. In ancient times, when average lifespan was smaller and 20-30 years and it was a time when slavery was rampant. So 20-30 years for a slave meant his whole life. If we are allowed to think so, paying EMI for 20-30 years, the situation is not fundamentally different. Things do change but…..

This promise on the part of the borrower is also based on the assumption : “past performance is indication of future performance.”

The story below narrates what happens when this assumption proves to be Utopian and not realistic.


THE EMI LIFE

One fine morning when I was sipping my hot cup of tea like any other day and was day dreaming of going to the Himalayas to beat the heat of summer, I got a call. My friend of past 18 years was calling me. Though it was my “me-time” and the time to avoid any calls but as it was one of my close friends and so I took the call and all I could hear was “sobs” and some swear words. It took me some time to calm him down and to console him by saying in next 30 minutes I would be there with him.

I drove to his flat which was in a high-rise complex. The flat was fully furnished with all modern amenities bought from all parts of the world. He was working with a TOP IT company of India and had spent most of his career abroad in different parts of world on various projects that the company had allocated him. He used to find projects by bidding to get into that team ( it is the rule of a company, while sitting in bench as reserve, it is employee’s duty to bid on various projects through company’s portal and if one can break through, I mean, if the order is acquired, then the employee will be made project lead or manager of that project and he/she will be sent to that location).

Almost all the people of our country study with this single dream in mind, “One day I shall join this XYZ or ABC company and will soon fly to the USA, the UK or Australia and my life will be set.”

Anyway, coming back to the present situation: I went up to the 9th floor where my friend stayed and knocked at the door. His 9 years old daughter opened the door and I was shocked – my friend, his wife were crying like baby rolling over the floor. I thought that some serious accident had happened. When I asked them, he showed me a letter; well it was a pink slip or in short it was a termination letter from the company. I became quiet while looking at the letter and allowed them cry for some time as it was needed and I went on thinking while seeing beautiful water land from their balcony.

How things change with time ! Every seed of destruction gives birth to a new creation and vice versa. It started with introducing computer in late 80s, when many people who were not ready for change lost their jobs but a huge number of jobs were created for younger generation and almost for 2 decades huge employment has taken place in these IT companies. Now after two decades we are standing in front of the same mirror but in a more horrific condition.

As for myself, I never chased white collar IT job. Instead I wanted to make difference in the society we are living in. So, I tried out something else. I never had credit card, I don’t buy anything in credit, my needs and wants are realistic. My friend who is crying today, bought a very high end car in just two years after joining an IT giant, but became prematurely bald, bought designer furniture but was diagnosed with high BP, bought two flats within 7 years and was diagnosed with diabetes, kidney problem, eye problem and was diagnosed to be suffering from mild depression. His attitude also indicated the same. He used to party every week-end, sometimes used to take me but my life style didn’t allow much of this and so I avoided it as much as I could. Long tours, short tours etc were very common to them but he used to look always lost. I wanted to ask him many times but didn’t “You have everything but where is that sparkle in your eyes when you were in college ?”

Today I came to know the reason; his life was going on EMI, house EMI, Cars EMI, all electronics gadgets EMI, Parties, outing, tours, travelling, and birth day parties – all were on EMIs. Now with pink slip he doesn’t know how to breathe because his breathing was on EMI !

It was a bubble that had been forming for two decades and that had to burst some day or the other, and it did. Today people who are so used to urbanization and high-end life style that they forget the thin line of difference between Reality and Utopia. It’s good that the bubble has burst, let the cry grow louder so that everybody can face the reality and take a route to live life fully without selling one’s very soul to EMI.

Job cuts are natural phenomenon which had happened earlier, will continue to happen. One has to choose the right path, one has to have a right vision, the right motive to live life realistically. Grow from inside and not from outside.

Mallikaa Chaatterjee, Guest Writer for Wordsmith University Press (www.pentasect.com) , chattmallika@gmail.com

mallika.png


[A full time entrepreneur by choice with MCA degree to back my knowledge base and industry experience of 9 years to back my skill who gave birth to GOOD CAUSE TECHNOLOGIES; a 360 degree tech company catering across the globe. A full time mother and also a full time wife define me as a person and as a business woman too.]


Source: wordsmithofbengal.wordpress.com


  • 0

Resolution for WannaCry ransomware

Category : Uncategorized

What has happened?

UK hospitals, Telefonica, FedEx, and other businesses were hit by a massive ransomware attack on last Friday (12-05-2017). Around 75,000 computers in 99 countries were affected by malware known as “WannaCry”, which encrypts a computer and demands a $300 ransom before unlocking it. The malware was able to spread thanks to flaws in old versions of Windows that were originally used by the NSA to hack into PCs before being made public by the Shadow Brokers group last month.

Among those infected were more than a dozen hospitals in England, a telecom in Spain, FedEx’s offices in the United Kingdom, and apparently, the Russian Interior Ministry. Within half a day, there were instances detected on six continents.

Several firms in Europe were the first to report having their mission-critical Windows systems locked, showing a ransom note. This quickly developed into one of the most widespread ransomware outbreaks currently affecting a large number of organizations around the world. Some affected organizations had to take their IT infrastructure offline, with victims in the healthcare industry experiencing delayed operations and forced to turn away patients until processes could be re-established.

Brief on WannaCry ransomware

WannaCry/Wcry ransomware is a relatively new ransomware variant which has been popped up using the file hosting service Dropbox. This comes on the heels of a Torrent Locker variant that was using abused Dropbox accounts to spread its payload.

Wcry initially spreads via an email, a malicious website, or dropped by another malware. Once the malware gains access to a user’s system, it drops its prerequisite files and components, after which it prompts the user to download files from Dropbox URLs (Dropbox has already been notified of these links, which have since been removed). These files include the TOR Browser Bundle and the executable file “!WannaDecryptor!.exe”. If the user clicks on the executable file, Wcry will display the ransom note shown below:

Who are affected?

This variant of the WannaCry ransomware attacks older Windows-based systems, and is leaving a trail of significant damage in its wake. Europe has the highest detections for the WannaCry ransomware. The Middle East, Japan, and several countries in the Asia Pacific (APAC) region showing substantial infection rates as well.

WannaCry’s infections were seen affecting various enterprises, including those in healthcare, manufacturing, energy (oil and gas), technology, food and beverage, education, media and communications, and government. Due to the widespread nature of this campaign, it does not appear to be targeting specific victims or industries.

What does WannaCry ransomware do?

WannaCry ransomware targets and encrypts 176 file types. Some of the file types WannaCry targets are database, multimedia and archive files, as well as Office documents. In its ransom note, which supports 27 languages, it initially demands US$300 worth of Bitcoins from its victims—an amount that increases incrementally after a certain time limit. The victim is also given a seven-day limit before the affected files are deleted—a commonly used fear-mongering tactic.

WannaCry leverages CVE-2017-0144, a vulnerability in Server Message Block, to infect systems. The security flaw is attacked using an exploit leaked by the Shadow Brokers group—the “EternalBlue” exploit, in particular. Microsoft’s Security Response Center (MSRC) Team addressed the vulnerability via MS17-010 released March, 2017.

What makes WannaCry’s impact pervasive is its capability to propagate. Its worm-like behavior allows WannaCry to spread across networks, infecting connected systems without user interaction. All it takes is for one user on a network to be infected to put the whole network at risk. WannaCry’s propagation capability is reminiscent of ransomware families like SAMSAM, HDDCryptor, and several variants of Cerber—all of which can infect systems and servers connected to the network.

Observations

The malware is using the MS17-010 exploit to distribute itself. This is a SMB vulnerability with remote code execution options – details: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx.

With MS17-010, the attacker can use just one exploit to get remote access with system privileges to copy payload to and transfer control to it later.

By remotely gaining control over victim PC with system privileges without any user action, the attacker can spray this malware in local network by having control over one system inside this network (get control over all system which is not fixed and affected by this vulnerability) and that one system will spread the ransomware in this case all over the Windows systems vulnerable and not patched to MS17-010.

Behavior:

By using command-line commands, the Volume Shadow copies and backups are removed:

Cmd /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet

File-size of the ransomware is 3.4 MB (3514368 bytes)

Authors called the ransomware “WANNACRY” – string hardcoded in samples.

Ransomware is writing itself into a random character folder in the ‘ProgramData folder with the file name of “tasksche.exe’ or in C:Windows folder with the file-name ‘mssecsvc.exe’ and ‘tasksche.exe’.

Examples:

C:ProgramDatalygekvkj256tasksche.exe

C:ProgramDatapepauehfflzjjtl340tasksche.exe

C:/ProgramData/utehtftufqpkr106/tasksche.exe

c:programdatayeznwdibwunjq522tasksche.exe

C:/ProgramData/uvlozcijuhd698/tasksche.exe

C:/ProgramData/pjnkzipwuf715/tasksche.exe

C:/ProgramData/qjrtialad472/tasksche.exe

c:programdatacpmliyxlejnh908tasksche.exe

Ransomware is granting full access to all files by using the command:

Icacls . /grant Everyone:F /T /C /Q

Using a batch script for operations: 176641494574290.bat 

What can we do?

WannaCry highlights the real-life impact of ransomware: crippled systems, disrupted operations, marred reputations, and the financial losses resulting from being unable to perform normal business functions—not to mention the cost of incident response and clean up.

Here are some of the solutions and best practices that organizations can adopt and implement to safeguard their systems from threats like WannaCry:

Patching

  • The ransomware exploits a vulnerability in SMB server. Patching is critical for defending against attacks that exploit security flaws. A patch for this issue is available for Windows systems, including those no longer supported by Microsoft. Here is the patch details from Microsoft.
  • Additional patches for older OS’es not already included in main MS17-010 bulletin above (http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598)
  • Upgrade from obsolete Windows versions to the latest one. In case there is a concern about commercials, you may easily migrate to linux environment.
  • In case there is old hardwares (which does not support latest windows version), then better to go for desktop virtualization (thin client/zero client) so that next operation/management strategies will be better.
  • The WannaCry ransomware appears to only attack unpatched computers running Windows 10. But this doesn’t mean those whose computers run on Apple or Linux code should feel smug. They, too, should regularly update with software patches as they’re issued.

Endpoint and Gateway Security

  • Ensure Desktop/Laptop/Mobile devices are protected with antivirus, personal firewall, antimalware etc. If possible, it is better to go for total protection from an OEM, which are already internationally bench-marked.
  • Deploying firewalls and intrusion detection / prevention systems can help reduce the spread of this threat. WannaCry reportedly also uses spam as entry point. Identifying red flags on socially engineered spam emails that contain system exploits helps. IT and system administrators should deploy security mechanisms that can protect endpoints from email-based malware
  • A security system and practice must be deployed for continuous monitoring and management for proactively action on potential attacks in the network.
  • WannaCry drops several malicious components in the system to conduct its encryption routine. Application control based on a whitelist can prevent unwanted and unknown applications from executing. Behavior monitoring can block unusual modifications to the system. Ransomware uses a number of techniques to infect a system; defenders should do the same to protect their systems

Regular Backup

  • Ransomware will target the files and software in your system. So it is best to keep them backed up regularly. The best way to protect them offline using external harddisk somewhere away from the reach of the internet.
  • Incase backup is taken on cloud; the backup mechanism should run on intervals. It should not be always connected.
  • Ransomware infects at the system level. Hence complete backup of your Windows OS will also be helpful

Connectivity

  • Ransomware attacks are all through the internet. Hence it is essential to have a control on the path between your computer and the Internet.
  • WannaCry encrypts files stored on local systems and network shares. Implementing data categorization helps mitigate any damage incurred from a breach or attack by protecting critical data in case they are exposed
  • Network segmentation can also help prevent the spread of this threat internally. Good network design can help contain the spread of this infection and reduce its impact on organizations.
  • Whenever connectivity is not needed, the path should be closed or connectivity should be disconnected.
  • When you’re using public WiFi networks, make sure you tell your system that you’re on a public network (many will ask if it’s a public or home computer.) That tells your operating system that it’s functioning in a potentially threat-filled environment and it will close off some of its more vulnerable software ports to the outside.

Proactive Measures instead of Reactive

This is not end of it. Rather more destructive versions will be popping up soon. Hence remediation of present threat will not give us a resolution. Security is a journey, not a resolutions. Hence below measures should give us some breathing space:

  1. Network and Application Audit on regular intervals (vulnerability Assessment and penetration testing)
  2. 3rd Party Risk Assessment and Business Continuity Planning
  3. Information Security Process Adherence as per international bench-marking , certification, compliance and regular governance.
  4. Remediation as per GAP Analysis continuous basis
  5. Deployment of tools and technologies for proactive measures.
  6. Close harmony between people-process and tools.


Source: sushobhanm.wordpress.com


  • 0

1997 – 2017 : An Indian IT industry veteran’s nostalgia

Category : Uncategorized

Wordcon –  Platform for Indian Freelancers received this work from a veteran who chose not to be identified. ]


“In 1997, I was in Bangalore – a freshly minted B.Tech. At that time, the word was “software”. Later, it became IT. I started as a coder, then I became a TL, then Manager. Baas. Everybody (almost) went to the industry to become a Manager. There was no coding except writing text codes like ASAP, EOB, SOB, SLA, TAT and so on.

I was fortunate to have been a multiple-time return passenger of the picture of the Bangalore-Frankfurt-San Francisco  shuttle below in these twenty years.

Shuttle

Bangalore – Frankfurt – San Francisco shuttle (Courtesy –  vadakkus.com as advised by author)

I also became what a colleague of mine told: “3 BHK, Wagon R, 2 private school kids, 2 credit cards” man in Bangalore. By 2015,  I had had many health problems and did not find much interest in my work. I used to drag myself to office, navigating traffic and pollution – air and public transit- both third class to deliver mandated first class work, simply for paying my EMIs. The motivation was very low.

In the winter of 2016, I was “guillotined”. I was an aristocrat (high cost and long tenure) to the company and the judgment was swift and sure. Almost instantaneous with not minutes for self-defense.

LIFE-OF-AN-INDIAN-SOFTWARE-PROFESSIONAL.jpg

Image Courtesy – http://vadakkus.com (as advised by author)

Presently, I and my wife run a catering service and although our net worth is much lower now; our life worth appears to be higher. Strange.

The picture below is a hilarious remembrance and joke on something which none as ever seen and will ever see – General Public – a pure abstraction and this is the safest target of all jokes.

Hence, when I was a regular passenger of the shuttle I mentioned earlier, “general public” (perhaps) used to think what our life was (glamour and Photoshop added)

This is a catharsis for me – a veteran, in the corporate graveyard, who can neither fight with robots, artificial intelligence, cutting-edge codes and immigration law, geo-political reconfiguration of the world.

I remain – a survivor in the smoke and mirror show called our world”


Source: wordsmithofbengal.wordpress.com


  • 0

Retrospection of Present Recruitment Problems – PART I

Category : Uncategorized

Off late, we are observing humongous problems in recruitment. Getting resources, make them work, retain them, get them motivated. Let it be start-up, larger organization, situations are same everywhere. In this blog I will try to search answers and retrospect the root cause. All cannot be written in single blog. Hence, I will try to document it through few episodes.

No respect to work:

We have a gardener at home who comes in morning and feeds water to plants in the garden every day with a monthly contract. He takes weekly off on Friday.  One of the week recently, he took a leave on Thursday for a medical checkup of his wife and was reluctant to adjust it with his weekly off on Friday (which was just the next day). But he continued to be absconding on the following Saturday and Sunday as well. Suddenly he appeared on Sunday afternoon to inform that tomm onwards he would continue as usual in the morning. The answer as justification of his absence during Saturday took my blood off. He said he did not turn up for the reason that he was not feeling to work on a Bengali new year’s day ( yes, the Saturday 15th April, 2017 was the kick off of Bengali new year 1424) in order to prevent  his hard work during every day of the proceedings days of the year.

2nd incident was also took place today. Two aspiring drivers came to meet me today as was searching for a new regular driver. He expressed all his expectations like he needs INR 12K as monthly salary on 12hrs working for 6 days a week, more than 12hrs, per hrs overtime charge INR 40, in case some Sunday he needs to work, he will work on extra money as per prevailing Driver Center charges, He will be charging for Rs.3 per km for outstation travel where lodging/boarding etc will be extra on actual. His bonus will be one month’s salary during Puja. In final notes he concluded that the driving job is very tedious job where he has been on the field, staying all the day with the cab, very tiring for out stations, as he has to drive so long. What he tried to mean was even after so many troubles he was favoring myself by charging so little, rather he had accepted the hardworking, suffering for me only to help me.

There are enough examples like this and I can write several books now on similar real life examples ( I am actually  documenting this in “Fools’ Walk” series of books along with my coauthor Pritam).

Both the examples above clearly indicates the vision of a job aspirant or an employee/worker towards a job which feeds him/her money for the survival. Unless you love it, think it is priority, feels from the heart it is important for your family, the result can never be best. The outcome will be percentage output; there will be always distance/unhappy feeling with the employer and in effect most of the times wicket falls.

lollipop Generation

The headline is being qued from one the senior fellow Entrepreneur. This is more applicable for the present generation youth. In present era, there is one or two kids in a nuclear family. Parents have always been protective, possessive and primitive. The social economic standing enforces for best schooling, branded cloth, gadgets, gaming console, and loads of extracurricular activities to have a bight future for the kids. But the too protective pampered environment makes them relaxed, less hard-working, less competent to handle real life situations, inclined towards struggle free life.

There were situations where people declined to visit Arunachal ( north-eastern state of india) since their parents did not approve them going that far and in a disturbed terrain like this ( I really do not know why and how Arunachal  becomes a disturbed terrain). Even there have been instances where people preferred to resign instead of opting an out location travel to Baharampur (in the district of Murshidabad, West Bengal.).

You might have seen latest “Parle” advertisements where teacher called mother to complain about the child behavior in class. The mother was questioned incase if she was about the same and surprisingly she countered that even sir is unaware about the biscuits for parents and kid are manufactured by same biscuit company. Useless advertisement, but reveals true retrospection of the society where teacher can be further questioned in front of the student. That is reason even a teacher slaps a student in class for wrong behaviour,  the same may lead to a police case, media story and personal life threat for the teacher outside school territory.

This philosophy getting started from grassroots stage, will surely impact future professional  life as well.

Entrepreneurship :

Now a days buzz of Entrepreneurship is flowing almost everywhere. All colleges, universities, associations, government, even corporations are floating schemes, facilities,  mentoring, funding, incubation to manufacture entrepreneurs to have self-sufficient independent youth to stand on their feet without any job. But unfortunately that does not happen.  Entrepreneurship does not only about just popping out an idea, but to execute the idea, build teams, sell the product/services to customers and earn money, manage funds, handle statutory, legal etc. More precisely entrepreneurship is not about riding on someone else’s money without any struggle, hard work. Rather the reverse rosy picture is being hallucinated that entrepreneurship is about free-flowing life where you can earn a lot of glories, lime light, fame, name etc without much of struggle.  And most of the people finally fail, but the mindset gets injected of a free-flowing, non-obligatory, hassle free, non-accountable lifestyle and in effect the youth do not get comfort to a job where they are answerable or bound by Kra/appraisal system.

That is also applicable for experienced ones. People are losing jobs every now and then. Few people are leaving jobs for bosses, salaries, exploitation by employers, adjustment with the culture, locational problems, office timings, salary disbursements delays and so many other things.  But the very interesting things most of them, first leave jobs and then search for options (those who had not lost job). Then after some time when they fail to get any suitable jobs, these people jumps into business in a “Me Too” model. Finally, most of them either fail or spoil the market by low pricing, desperation of orders, quoting without understanding and so on.

Finally, market dynamics gradually get evolved and in effect expectations from the aspiring job seekers change, which does not fit in to industry needs. In effect, the gap gets prolonged between employer and employee expectations.  And yes, end result yields retrenchment, resignation, leaving absconding etc disrupts business dynamics.

Choosing Job Options

In seven years of my business,  I did not find much of people interested in field jobs be it technical or sales. Everyone expressed inability of hard work in hot humid sunny days, rainy season, out location travel etc.

In a campus interview, we had selected 7 diploma engineers, 3 in technical and 4 in sales. All of them joined and that time we had tried to implement full HR process. Initial 15 days were full in-house training, before they will be placed for production. But after induction process of 15 days, Once the field visits started, 4 Sales guy disappeared by 7 days.  Out of 3 service guys 2 also vanished in 15 days for the reason of out-location travel (someone had to catch morning 6.30am train for a 4 hours journey on a site survey).

I have plenty full of incidents to explain the situation.  During interview for experienced ones, I found the latest trend to leave jobs first and then search for jobs. In effect almost any aspiring job seekers having 3 to 6 months break in career graph.

One of my friends referred me to Prakash two months back. Prakash’s mother works as a cook in my friend’s home. Prakash born and brought up in Bihar, but stays now in kolkata.  He comes with a very needy family background.  During face-to-face discussions, I liked him and decided to offer him the job. I continued discussion with him about his notice period in the present job (he was working in a domestic call canter for last 8months). Interestingly it was revealed that he could join immediately as his notice period was about to be over by next couple of days. I was wondering why he left a job without getting a suitable change. However, he kept me further surprised by the fact that he was rather having a job in his bucket and he was about to join there by coming week. My curiosity took an interrogative tone “Why you are further evaluating a job with us then?”. He said he did not find the culture, atmosphere of that organization very fitting for him, rather the organization was seemed to him as very fishy (that he discovered from few of his friends who were already working there).  “But why you resigned from your present job with this dilemma?” my curiosity continued. His answer was mind-boggling “Sir, I worked for so many days, thought of taking a break!”. My reply was instantaneous” What? You are working here only for 8 months, before that you took a 4 months break for your ear operation, Why you need a break again?”. He answered, “Sir, actually next month is my birthday. Thought of having party and other enjoyment in this month and then again search for a suitable job again”. I was speechless and please note neither a single line of discussion is cultivated nor a single iteration in the dialogue.

This section, I will finish with one more story, very latest (garden fresh).

After so many issues with work force, thought of discarding B Tech, diploma, MBA kind of resources and pursued a campus in government youth training where they teach very basics of computers for the people who could not succeed much in terms in their traditional career. Anyway after one such campus interview, selected one candidate for sales. He was good in communication, body language, attitude and approach. He had not problem in field visits. After selection in campus, we asked him to office next day for the final discussion. We further discussed about job scope, opportunities and off course explanations on field visits. But he was extremely positive and excited to join from the very next day. More interestingly, he posted a Facebook update post leaving office about excitement of getting a first job. But unfortunately he did neither join not intimated next day. Once we investigated through the Institute, we have been apprised that his parents did not approve a job for him where he had to spent time in field jobs in hot humid summer.

THIS IS NOT THE END OF IT, SO MANY OTHER FACTORS. WILL WRITE IN THE NEXT DAY.

(To be continued…..)

 


Source: sushobhanm.wordpress.com