My experience on my daily works... helping others ease each other

Thursday, December 30, 2010

Friday, December 10, 2010

eniaga - Good Initiative but Worst Implementation

Have you come across new government initiatives? eNiaga.

It seem that either the company providing that portal is just wanna get money and deliver a portal or don't care about money (which I guarantee the company gets lots of money) but just wanna deliver a portal to help government in their initiative. Either reason, they failed to deliver at least to minimum portal interface. When I take a look at this (on 11 December 2010), I'm little bit surprise with the interface, layout, friendliness, etc. It is none here. Check it out here http://eniaga.gov.my

What is the problem?
1. Compare with Amazon, Google Book, Lowyat Net, and other portal. All items are clearly categories and segmentize. Here, everything was shown flashing in and out.

2. When you click on the menu display on your left side, it shows another page which also did the same things. What if you wanna find clothes for man? How? Looking at the design, I bet you need to wait until the product shown on the screen and then click as soon as possible as it will change to other product in a few seconds.

3. How to use the system? You need to guess. No Fact or Help that you can select.

4. Over cluttered. The display shows too many and too fast and as I said earlier, no segmentation.

5. What's next? Is this first @ trial version of the portal? Not sure. But if I were one of the people involves, I will not even release this to market yet as I know what portal means and what business portal means and also what usability means. This don't fit in to any of those. It can only be used for showcase something, but not for usage or user. It might be use to win a tender but it shall not be use as a production release.
Share:

10 obscure Linux office applications to try

If you've ever checked out the list of applications available for the Linux operating system (OS), you know there are tons of them out there. The only problem is determining which ones are worth trying.
This is especially true of office applications. You could dig through those apps for hours just to come up with a handful of gems. So I thought I would do the grunt work for you and highlight 10 of the more obscure applications that actually have valid use in your workplace. These tools range in scope and purpose, but each one of them offers an obvious business value.

1: PDF Chain
PDF Chain
is a great graphical tool that allows you to merge, split, set background or watermark, and add attachments to PDF documents. It's a front end for pdftk and is written in gtkmm. You can merge up to 26 PDFs into one file. You can also rotate pages, set permissions for pages, and encrypt pages. If you work with PDF documents, PDF Chain is a must-have on the Linux platform.

2: gLabels
gLabels
is an incredibly flexible label and business card designer for the GNOME desktop. It will work with almost all inkjet or laser peel-off labels and business card sheets. Not only does gLabels allow you to design labels and cards with the same types of tools you would find in image editing software, it also offers a mail-merge feature that any business user will appreciate.

3: Kraft
Kraft
is a KDE business organizational tool that helps you create and manage business communications documents. Kraft really shines in the area of creating invoices, offers, etc. It also helps you manage customers, create text templates, perform calculations, manage materials, create PDFs, and much more.

4: MDB Viewer
MDB Viewer
can save you a ton of time, effort, and worry by allowing you to read data from a Microsoft Access database (MDB file). It serves as a user-friendly interface for MDB Tools. If MDB Viewer doesn't offer you enough, you can give Kexi a go. Kexi is a KDE-based data management app.

5: Okular
Okular
is the Linux answer to the Mac OS X Preview tool. Okular is a universal file viewer that can view PDF, images, Postscript, DjVu, CHM, and many other file formats. From Okular, you can print documents, extract text, view information, search documents, and much more. The developers are currently working on annotation of PDF documents, which will further enhance Okular's use.

6: GoldenDict
GoldenDict
is a dictionary manager that serves as a one-stop-shop for all your dictionary needs. It lets you manage dictionaries of all types, including Babylon, StartDict, Dictd, and ABBYY Lingvo. GoldenDict supports Wikipedia/Wictionary/Media-Wiki lookups and enables you to search for and listen to pronunciations from forvo.com. GoldenDict also allows you to search for words using a Hunspell-based morphology system for word stemming and spelling-based suggestions. If you use multiple dictionaries in your office, you need a dictionary manager like GoldenDict.

7: Simple Scan
Simple Scan is a scanning utility that ships with Ubuntu and really does live up to its name. Its user-friendly interface makes it easy for any user, at any level of competency, to create scans as either images or PDF files. Unfortunately, if your scanner isn't supported in Linux, Simple Scan will not work. Simple Scan was created by Canonical for Ubuntu but now is available for other distributions, such as Fedora.

8: RedNoteBook
RedNoteBook
is a great journaling application that allows you to create journal entries and then tag, spell check, format, add images/links/files, do a live search, use word clouds, export to various formats, and translate them into more than 20 languages. With RedNoteBook, you can create templates that will make your journaling even simpler. You can also make annotations and view statistics of your entries.

9: TOra
TOra
is an outstanding GUI that allows you to manage most of the common database formats (Oracle, MySQL, Postgresql). It has been built for Linux, Windows, and Mac and offers regular database queries and browsing. It includes a SQL worksheet with syntax highlighting, a PL/SQL debugger, and a full set of DBA tools. Although TOra isn't directed toward the average office user, anyone who needs to manage a database will appreciate it.

10: KeePassX
KeePassX
is a must-have for anyone who has to remember a lot of passwords or other forms of secure data. With this tool, you can save user names, passwords, URLs, sign-on information, attachments, and comments in a single, protected database. This database of sensitive information is then encrypted with either AES or Twofish, using a 256-bit key. KeePassX has a user-friendly interface that any level of user will find easy to use.

Do you have a favorite? As you can see, Linux (and open source) offers a wide assortment of office applications. I have tried to give the largest cross-section of types so that you will be tempted to take a deeper look into what's available.

Jack Wallen was a key player in the introduction of Linux to the original Techrepublic. Beginning with Red Hat 4.2 and a mighty soap box, Jack had found his escape from Windows. It was around Red Hat 6.0 that Jack landed in the hallowed halls of Techrepublic.

From ZDNet Asia Website
Share:

Google Chrome Notebook - Is it safe?

I received a video from a friend of my via facebook. It was about Google Chrome Notebook. Here is the video



What I would like to discuss here is the security concern when using this. No doubt that this will save us a lot especially there will no worries of losing unfinished work when your machine crash and no worries of carrying extra hard-disk for storing your data and no worries of where to get your data when you are on vacation. The only things you need to ensure is to have very good internet connection (stability and high bandwidth) which here in Malaysia it is still far from achieving it (I'll discuss this in other issues).

What concern me as one of people involves in information security is security issues related to using Chrome Notebook. What about our privacy and data protection. How safe are we? How trusted are we on Google which will not leak our data to others? How safe is Google and how strong Google protecting our data from being hack/exploit/access by unwanted user? Will Google be able to handle tons of data? How good and reliable is the Chrome Notebook?

This are few basic questions circling my thought when I first saw this video. When Facebook came into the pictures, there are security concern and there are still as Facebook never block other people from copying pictures they found in the facebook. What do you think about Chrome? Will Chrome have the ability to prevent others from cut-n-paste your documents into theirs?

This are basic security that Chrome MUST address first or at least those people that have intention to use Chrome notebook to think about it and reconsider before making such decision. It is Mobility, Flexibility, Cost Saving, and Availability versus Privacy, Trust, and Data Protection.
Share:

Wednesday, December 8, 2010

Steganography - What you need to know

Steganography

by CyberSecurity Malaysia on Wednesday, December 8, 2010 at 3:36pm
Q: How to detect steganography image?

A: Steganography images cannot be seen with the human eyes, only a piece of software was able to detect it. The difference between the images is not noticeable to the human eye what so ever. Two files look almost identical apart from the fact that one is larger than the other, it is most probable your suspect file has hidden information inside of it.

Q: How to embed data/message in image?

A: The most common technique that has been used is LSB (Least Significant Bit). When files are created there are usually some bytes in the file that aren't really needed, or at least aren't that important. These areas of the file can be replaced with the information that is to be hidden, with out significantly altering the file or damaging it. This allows a person to hide information in the file and make sure that no human could detect the change in the file. The LSB method works best in Picture files that have a high resolution and use many different colors, and with Audio files that have many different sounds and that are of a high bit rate. The LSB method usually does not increase the file size, but depending on the size of the information that is to be hidden inside the file, the file can become noticeably distorted.

This site shows how exactly message bits embedded to the picture using the LSB. http://www.guillermito2.net/stegano/camouflage/index.html


Q: What is raw image steganalysis?

A: There are 3 techniques in Raw Image Steganalysis (http://airccse.org/journal/nsa/1010s4.pdf) :-

A1: The Raw image steganalysis technique is primarily used for BMP images that are characterized by a lossless LSB plane. LSB embedding on such images causes the flipping of the two grayscale values. The embedding of the hidden message is more likely to result in averaging the frequency of occurrence of the pixels with the two gray-scale values. For example, if a raw image has 20 pixels with one gray-scale value and 40 pixels with the other gray-scale value, then after LSB embedding, the count of the pixels with each of the two gray-scale values is expected to be around 30. It is based on the assumption that the message length should be comparable to the pixel count in the cover image (for longer messages) or the location of the hidden message should be known (for smaller messages).

A2: Another steganalysis algorithm for grayscale images. This algorithm assumes an image to be made up of horizontally adjacent pixels and classifies the set of all such pixel pairs (a, b) into four subsets depending on whether a and b are odd or even and whether a < b, a > b or a = b. The pixel values get modified when message embedding is done in the LSB plane, thereby leading to membership modifications across these four subsets. A statistical analysis on the changes in the membership of the pixels in the stego image leads to the detection of the length of the hidden message.

A3: This is a steganalysis technique that studies color bitmap images for LSB embedding and it provides high detection rates for shorter hidden messages. This technique makes use of the property that the number of unique colors for a high quality bitmap image is half the number of pixels in the image. The new color palette that is obtained after LSB embedding is characterized by a higher number of close color pairs (i.e., pixel pairs that have a maximum difference of one count in either of the color planes). We say that two colors (R1, G1, B1) and (R2, G2, B2) are close if |R1-R2| <= 1 and |G1-G2| <= 1 and |B1-B2| <= 1. Let P be the ratio of the close color pairs to the total number of unique colors in the cover image, P’ be the ratio of close color pairs to the total number of unique colors in a stego image obtained by embedding a new message of particular length in a cover image and P’’ be the ratio of the close color pairs to the total number of unique colors when the cover image is further embedded in the stego image. If the hidden message is of considerable length, it has been observed that P’ > P and P’’ ~ P. For shorter messages, the values of P and P’ will be closer and detection may not be possible. Also, the above technique will not work if the cover image stored in lossless format has a higher number of unique colors (more than half the number of pixels).

Q:  Could you suggest some Steganography tools?

A: Here are some tools that you might want to try.
- http://www.snapfiles.com/php/download.php?id=101911
- http://www.mirrors.wiretapped.net/security/steganography/blindside/
- http://www.darkside.com.au/gifshuffle/
- http://www.wbailer.com/wbstego

Taken from CSM Facebook
Share:

Monday, December 6, 2010

Malaysia: IT Salary Benchmark 2010

ZDNet Asia conducted an online survey between October 2009 and November 2010, to gain insights into salary trends and the IT workforce in Asia.
The study polled a total of 14,998 respondents from various sectors including government, healthcare, IT, services, telecommunications, legal and finance, and across eight Asian economies: China, Hong Kong, India, Indonesia, Malaysia, the Philippines, Singapore and Thailand.
There were 1,136 respondents from Malaysia, holding full-time positions with job functions that cut across several areas such as systems development, project management and support.
In addition, 59 respondents from the economy were either contract or independent consultants, while another 11 held part-time positions, working fewer than 28 hours a week.
Respondents who had IT management responsibilities in the IT, Web and telco sector were the highest paid among their peers in Malaysia, pulling in an average salary of 98,627 ringgit a year.
In the following charts, MYR denotes the Malaysian ringgit. 

Average annual salary by IT skills and years of experience (MYR)
IT Skills
Years of Experience
Less than 5 years
5-10 years
More than 10 years
Application Development
39,157
66,979
102,291
Desktops/Software
36,582
57,185
90,285
Operating Systems
37,377
57,497
92,849
Servers/Networking
36,726
58,797
92,891
Web Development
35,151
63,213
-
Systems Administration
38,666
58,387
90,455
Database Management
37,810
59,198
96,226
IT Security
35,435
63,619
88,271
Enterprise Applications
-
66,755
100,710
IT Outsourcing
41,367
-
-
Consulting/Business Services
-
65,741
106,728
Infrastructure Management
-
-
98,734
Storage
35,573
-
-

Average annual salary by job function and years of experience (MYR)
Job Function
Years of Experience
Less than 5 years
5-10 years
More than 10 years
IT Management
31,072
71,866
105,789
Project Management
46,308
73,544
98,496
Systems Development
38,492
65,355
75,772
Communications
35,365
58,968
71,422
Support
30,732
39,770
56,856
Administration
42,403
56,237
75,922
Other IT Professionals
37,677
76,103
106,593
Overall
38,243
64,443
94,173

Average annual salary of Top 10 most popular IT skills (MYR)
Rank
% of Respondents
IT Skills
Average Annual Salary
#1
45.6
Application Development
69,602
#2
43.1
Servers/Networking
64,390
#3
43.1
Desktops/Software
62,841
#4
41.8
Operating Systems
64,407
#5
38
System Administration
64,826
#6
29.5
Web Development
63,802
#7
27
Database Management
65,252
#8
25.6
IT Security
65,842
#9
25.3
Enterprise Applications
73,874
#10
25
Infrastructure Management
79,794

Average annual salary by job function and industry (MYR)
Job Function
INDUSTRY
IT, Web & Telecom
Government, Education
& Health
Legal & Finance
Media, Marketing
& Sales
(non-IT)
Manufacturing, Services
& Others (non-IT)
Overall
IT Management
98,627
73,329
97,304
69,684
82,773
88,872
Project Management
77,102
67,633
81,543
56,600
72,870
75,757
Systems Development
52,833
40,099
60,092
49,500
53,827
52,891
Communications
53,046
51,400
52,800
72,000
42,580
51,615
Support
41,860
35,816
31,510
28,343
35,677
38,426
Administration
56,233
49,831
70,541
41,581
45,239
54,165
Other IT Professionals
77,294
72,000
-
50,667
62,000
74,620
Overall
65,140
55,728
71,199
54037
60,340
63,713

Taken from ZDNet Asia News
Share:

About Me

Somewhere, Selangor, Malaysia
An IT by profession, a beginner in photography

Blog Archive

Blogger templates