Archive | December 2007

Everything Gone Green

2008: The Year for Greener and Leaner IT
by: Jerry Liao

Gartner Inc. released a list of 10 strategic technologies for 2008 and Green IT topped the list that companies should consider in their planning processes. The other strategic technologies for 2008 include unified communications, business process modeling, metadata management, virtualization 2.0, mashup and composite applications, web platform and WOA, computing fabric, real world web and social software.

To help corporations and governments kick-off the new year right, information technology (IT) providers, like EDS through its EDS Fellows have highlighted eight ways CIOs can extend the life of existing facilities and reduce the environmental impact of computing in 2008.

The first option is to move from the “one application – one server” paradigm many organizations have fallen into. Server virtualization allows multiple applications to operate securely within the same physical server. Moving the current average server utilization from 15-20 percent to 80-90 percent allows fewer servers to do more work using the same energy profile.

The easiest power to save is the power that isn’t used. Servers and disk drives should be on only when they are needed, so sophisticated operating processes must be in place to bring servers back online whenever increased demands require them to do so.

The third option is to employ power saving techniques now familiar to most laptop users. When demand allows it, organizations can run their servers at reduced speed which lessens their consumption of energy. In addition, an enterprise should always choose a sever with the highest power supply efficiency available with the selected configuration.

The fourth option is to optimize applications being run in the data center. Bloated software, inefficient software, or even software that produces very little business value all need to be pruned, optimized and even discontinued to put a lesser load on servers.

The fifth option is more fundamental, but also very achievable. Data center managers can improve the efficiency of their facilities by rigorous maintenance to ensure all equipment is operating at the peak of efficiency as well as modifying layout and configuration of equipment to reduce cooling requirements. These and many more efficiency steps will increase overall data center efficiency and lower the carbon footprint.

The movement to newer, multi-core CPU designs will deliver significant efficiencies, because of their lower voltage requirements. Eight, 16, 24 and higher “processors on a chip”allow for fewer server blades in a rack driving up efficiencies and driving down electricity usage.

We have become so accustomed to “cheap computing” that we have become lax in our process of procuring, deploying and operating the infrastructure upon which so much of our modern society depends. However, when an enterprise looks at total cost of ownership and electricity costs exceed the purchase price of a server, the equation shifts in favor of higher efficiency and rigor which is good for the bottom line as well as for the environment.

It is important to look for innovative applications of IT that makes real impacts for an enterprise and its customers. For example, an enterprise can use Dimmable Addressable Lighting Interface (DALI) in electronic ballasts networked to sophisticated lighting control software that reduces electrical usage by up to 40 percent, or use programmable thermostats and schedules to standardize the temperature, pressure, humidity and set points for occupied and unoccupied periods in all buildings.

These technologies require integrated IT to function and provide a rapid return on investment. The world will see an explosion of IT being deployed as we move to a lower energy regime in new and existing buildings throughout society over the next several years. The business advantage of consuming less electricity reduces both the cost structure and carbon footprint of the enterprise, which is good for business and the planet.

The title of EDS Fellow is awarded to the company’s most innovative thought leaders in recognition of their exceptional achievements. Each Fellow has a proven track record of creating world-class solutions for clients. In addition to their academic achievements and invention history, the 24 Fellows average 25 years of industry experience and innovative technology implementations.

Mobile Power

ChargeIT – Power charger from anywhere
by: Jerry Liao

For all the mobile device owners out there, I am sure one way or the other you have experienced this: RUN OUT OF BATTERY POWER when you needed it most.

Yes, that’s the worst thing that could happen especially if you need to make an important call – be it personal or business, then your mobile device refuse to cooperate with you. All it can say is BATTERY LOW, or the beeping sound will keep on reminding you that you need to charge your device. Do you now remember?

If that happen, what do we do? We panic a bit then look for the nearest charging center if available. Sometimes I see people going to the phone manufacturer shops at the mall and will borrow chargers and ask if they’ll be allow them to charge at the center’s premises. Sometimes the shop will say yes but more often than not, they will not allow it because these shops sell the chargers.

There are charging stations at the mall nowadays wherein you pay a certain amount and you can charge your phones for a couple of minutes perhaps just to allow you to make that important call. Another solution is to borrow your friends phone, remove his/her SIM card and you insert yours.

You can also bring your chargers with you just in case you run out of power and again ask any stores to allow you to plug your chargers. What if you have with you two or three devices? Will you bring all their chargers just in case?

The solution goes on and on and the desperation level keeps going higher depending on how important the call is. If it’s a business call and is worth a fortune, I won’t be surprise if you will go to the extent of buying a new phone.

Actually, you don’t have to do any of the things I mentioned if you have your mobile charger is with you. And when I say mobile charger, I am not referring to your mobile chargers. I am referring to this mobile charger called NANO by Etitech (distributed by Mannasoft Philippines).

The Etitech Nano Mobile Charger is the solution for your mobile devices power requirement. It will charge your mobile phones while you are on the move, especially when you needed it most. It’s a pocket-sized charger that can be used to charge multiple devices ( mobile phone, MP3 players, Portable electronic game, digital camera, etc) It’s easy to use just plug your devices into it wherever you are at your convenience.

I would say the Etitech Nano Mobile Charger is innovative because you can Use your mobile phone while charging on the go, you can charge a mobile phone up to 3 times and recharge for more than 400 times and 1200+times your phone. It is also convinient because it is lightweight and compact design, rubberized coating for handling and protection and can be charged from a USB port, fully charging in about 4 hours. It is also safe because the protection circuit prevents

over-voltage, under-voltage and short circuits, thus preventing damage to both NANO Mobile Charger and the device being charged, the output voltage is regulated automatically to ensure safe charging and there’s a red LED that blinks to indicate low battery and lights up continuously just before power cut off.

The Etitech Nano Mobile Chargers uses a Sony Lithium Polymer,

So how do we use it? Very simple:

Charging the Nano through notebook USB port:
1. Use provided USB cable, plug in mini USB.
2. Plug in mini USB into Nano.
3. Plug (full size) USB into notebook / adaptor.
4. Nano Charging indicator on (GREEN).
5. Full charge: GREEN indicator goes off.
6. Charge Nano when Low Batt indicator (RED) comes on.

You can charge it via USB, and you can also charge it via DC using the provided USB power plug.

Now to use the Nano to charge your mobile devices:
1. Use provided USB cable.
2. Plug (full size) USB into Nano.
3. Plug suitable connector into round female connector, than into mobile devices.
4. Mobile devices indicate “Charging” than “Full Charge” when charging completed.
5. Charge Nano when Low Batt indicator (RED) comes on.

The package comes with a Nano Mobile Charger (1pc), a USB cable (1pc), Connectors (6pcs – Nokia (2pcs), Sony-Ericsson (2pcs), Samsung (1pc), Motorola / mini-USB (1pc)) and AC Adaptor (1pc).

With the Etitech Nano Mobile Charger, you will have a portable emergency power everytime you need it. Losing power is a thing of the past.

The Nano Mobile Charger is distributed in the Philippines by Mannasoft.

Critical Thinking II

Oracle Philippines’ Pirating Policy
by: Jerrry Liao

Last October 8, 2007 (Monday), I wrote the article “Critical Thinking I” which is about Oracle hiring an employee of its partner Nexus Technologies, Inc. For those of you have not read that article, you can visit

December 14, 2007- After more than two months, Oracle Philippines finally gave their response to my article. As professionals in the media industry, we are printing in full the letter sent to Manila Bulletin by Mr. Francis Ong, managing director Oracle Philippines:

“There are several details contained in the article “Critical thinking Oracle Philippines’ pirating policy” in The Manila Bulletin, 8 October 2007 by Jerry Liao, that are in our opinion, inaccurate and misrepresents Oracle –

1. The interaction described in the article is inaccurate:

* The article states: “During this project, Oracle might have been impressed with the Nexus representative and hinted that they want to hire the Nexus representative. An offer sheet was made I believed. This came to the attention of Nexus, and like any other partner, Nexus informed Oracle about their objection. Guess what, Oracle proceeded with the hiring despite the objection from its partner. At present, the Nexus representative is now with Oracle. And with the hire, Nexus decided to discontinue its business relationship with Oracle Philippines.”

* The facts are: The employee was not involved with Oracle in any capacity while at Nexus. As such, there was no meeting between Oracle and the Nexus employee as described in the article.
* Oracle did not headhunt or pirate the Nexus employee, as suggested. She was seeking a suitable opportunity and her CV, which was passed on to Oracle by a third-party, was unsolicited. She went through the standard Oracle selection process, along with other job applicants.

2. The article misrepresents Oracle:

* The article states: ‘Like any other company, Nexus invested a lot in developing their staff to become competent. Invested a lot of time, money, effort, trust and relationship.”
* “And you know what, Oracle was even disappointed with Nexus decision to terminate its business relationsip with them? What does Oracle expect? Nexus awarding Oracle a Plaque of Appreciation for Piracy? Can I have the Business Software Alliance check on this? Just kidding.”

* The facts are: Oracle continually invests in its relationships with partners to provide growth opportunities, education, technical services and go-to-market engagement. The investment is not only by the partner alone. Oracle had indicated that the ending of this partnership is disappointing in light of the investments made on both sides.

* The article states: “The secret perhaps is in the way Nexus motivates, encourage and support it’s employees – a trait that does not exist in Oracle am sure.”
* “One last thing, Oracle may have caught the buying habit because of their numerous acquisitions, and now they’re buying or pirating people. A classic display of arrogance and insensitivity. With Oracle’s action, Oracle may have increased their intellectual capital within the company. But I will now question their social capital and their cultural capital.”

* The facts are: Oracle hires best-fit candidates who want to join the company. We focus on the welfare and development of our employees and continually invest to provide a wide variety of technical, professional, and personal development opportunities.

We strongly object to your publication of the article. The article is disparaging of Oracle Philippines and Oracle companies globally, and the reputation of our companies, and as such has caused harm and damage. Oracle was not contacted before publication and offered an opportunity to respond to the allegations that are made in this article. At no time has Oracle acted contrary to law or our contractual relationships with Nexus or in contravention of normally accepted proper recruitment practices with a business partner.

Oracle requests a published apology and correction by the Manila Bulletin.

All our rights are hereby reserved.

Managing Director

As a columnist of Manila Bulletin TechNews, I would like to thank Oracle Philippines and Mr. Francis Ong for the clarification. This is one clear sign that there is democracy is this country and that Manila Bulletin as the nation’s leading newspaper adheres to fairness and balance reporting.

If you will noticed in my first article, I didn’t mention any names and I did not publish the emails because this is not about any personalities, this is about Business Ethics. The article is about respect and the correct way of valuing business partnerships.

Let me start by saying this: I may just be an ordinary columnist, nothing compared to Mr. Ong who is a managing director and Oracle – the world’s 2nd biggest software company in the world. But when it comes to reporting, we have ethics and rules to follow and like any other professional writers, we live by it. I presented the facts, I will let the readers decide.

I guess Oracle is putting its attention on the small black dot in the white shirt and failed to appreciate how white the shirt is. They read the article but failed to see the message. The point here is not about whether Oracle pirated the lady employee of Nexus Technologies or not. The issue here is why did Oracle hire the lady employee despite the objection made by Nexus which resulted to losing a partner.

Oracle is claiming that they were not contacted before publication and offered an opportunity to respond to the allegations that were made in the article. I would have called or emailed Oracle had they have a Marketing & Communications Manager, but they don’t have one, so I did the next best thing – call their PR company – ProSolutions Management Inc.

I called Oracle’s Philippine PR company specifically Miss Maui Terrado on October 4, 2007 (Thursday) informing her about the article that I am about to write that will be published October 8, 2007. I made the call during a meeting so I have people who will testify that I indeed made the call. I also told Ms. Terrado that I will wait for Oracle’s response and if in case Oracle won’t be able to submit their reply on time, we (Manila Bulletin) will be giving Oracle the same space we gave the article.

After the phone conversation, Ms. Terrado sent me a text message which reads: “Jerry, thanks 4 alerting me, Appreciate it.” The message was sent October 4, 2007 – 10:35am. I still have the message with me and I can show it to Oracle anytime.

The morning of October 8, I again called Ms. Terrado informing her that the story was already published and told her that we are still waiting for Oracle’s response and we will give Oracle the same space. Oracle was told that an article about the incident will be written (October 4), Oracle was also informed that the article was already published (October 8). Why deny it and why did it took Oracle more than two months to respond?

For the sake of discussion, let us say that Oracle was right, They didn’t pirate the lady employee of Nexus. May I just ask where is she working now? She is now working for Oracle Philippines. Even if she went through the normal hiring procedure, why did the hiring proceeded even an objection was already made? WHY?

The bottomline here is this, Oracle got the lady employee but losses a partner. If you my reader were in the shoes of Oracle, which one will you value more? The partner or the talent? And if you my readers were in my position, what will you get as a writer if you fabricate or lie about this story? I am just a writer but I value my reputation and integrity and I will not trade it for anything in this world.

Oracle is asking Manila Bulletin to publish an apology and correction. Apologies and corrections are made if a mistake was committed. We did not fabricate the story, We simply reported the truth and we’ve been professional in dealing with the incident. I think it is more proper and important for Oracle to issue an apology to their partner and do something to correct the mistake rather than asking Manila Bulletin to apologize because we exposed what happened.

Adopting Change

Telcos Switching Emphasis to New Business Models but Slow to Change
by: Jerry Liao

A new IBM survey of more than 250 global telecom executives shows how the industry is responding to the ongoing revolution in the communications and media sectors.

The survey, conducted by the Economist Intelligence Unit on behalf of IBM’s Institute for Business Value, found that 69 percent of telecommunications service providers expect business model transformation to be the primary source of value over the next five years compared to only 34 percent in the preceding five years. An overwhelming majority of executives (72 percent) expect collaboration with external partners will be critical as they structure these new business models.

Cost containment and efficiency have been the key watchwords in the industry for nearly a decade. The new opportunities around data, content, video, advertising and IT services are causing service providers to take a fresh look at business models to once again drive growth. This growth imperative is reinforced by the continued decline in voice revenues — although telecom executives do not anticipate the rate of decline to be as severe as once feared — and the rapid convergence of new media, online and telecommunications players.

Business Model Transformation Far from Reality for Service Providers
Contrasting telecom executives’ reported willingness to embrace business model change, the respondents continue to prioritize traditional sources of competitive advantage such as network coverage (52 percent of respondents) and customer reach (45 percent). A smaller percentage are prioritizing the capabilities required to deliver personalized, interactive services and offers to customers, such as device control/management (8 percent), ease of use (11 percent), customer service (16 percent), and customer knowledge (22 percent).

“Service providers demonstrated a new recognition that business model innovation is paramount, yet many of our survey respondents still pointed to traditional strengths as their differentiators,” said Noel Taylor, general manager and global communications sector leader, IBM Global Business Services. “Ease of use, customer knowledge and device management are all central to the delivery of new content and advertising-based services — and all potentially offer key sources of competitive advantage — but they are not yet key priorities for many service providers.”

Converged Content Services Are Growth Engines; Voice and Broadband Will Still Dominate Revenue Mix
Although broadband and voice services are expected to remain dominant in the short term, the survey showed telecom executives expect the mix of revenue sources to shift significantly over the next five years toward converged content services like television, video and the ability to manage these environments. 44 percent of global telecom executives are bullish about securing major-to-moderate revenues from video-related services, either in the form of subscription-based revenue or through advertising. Over half the executives (68 percent in Asia Pacific and 56 percent in North America) expect non-video content services like ring tones, text voting, or music downloads to make major-to-moderate revenue contributions.

The access service providers have to customers, through multiple devices and channels, and the extensive customer insights inherent in that relationship, appeal to advertisers’ demands for personalized marketing messages based on contextual factors such as location/presence, access speed and device capabilities.

“While many operators expect advertising to make a significant contribution to overall revenues, they have yet to find a systematic way to exploit this new market opportunity,” said Bill Battino, Communications Sector managing partner, IBM Global Business Services. “Many expect to partner with established on-line players such as Google, Yahoo! and AOL for advertising-based services but just how service providers will monetize customer information and access remains to be seen. Telecom operators have a fundamental choice to make –whether to create rich customer databases with advanced analytics to serve ads directly via mobile and broadband platforms or to work through ad agencies and online aggregators in a more passive fashion.”

Customer Experience Emerging As Key Differentiator
As consumers increasingly demand convenience, control, flexibility and choice, creating a consistent ‘customer experience’ across devices and networks has become a top focus for telecommunications and media providers. Sixty percent of executives who cited revenue growth as important believe the growth can be influenced by improving the experience across all channels, including online and retail operations.

“Driving substantial revenues from new service is a vastly different challenge from delivering traditional telephony services. Consumers clearly expect flexibility and control over their end-to-end media experience across a myriad of applications, whether they’re at home, in the car or walking through the mall,” said Taylor. “To respond to consumer trends and improve loyalty, service providers will need to place greater emphasis on ease of use and simplicity despite the underlying complexity of the services and devices, and support it with outstanding customer service.”

Service Assurance Investment Lacking
Although the vast majority of respondents (89 percent) indicated that service quality is emerging as an important differentiator, less than one-third identified service quality management and assurance as an area of strong focus or investment. Indeed, nearly half of the executives polled reported their organizations had no end-to-end service assurance capability.

IBM contends that if telecom providers are to realize growth through converged telecom, IT and media services, senior executives will have to pay more attention to service quality demands. Customers expect the same carrier-grade service quality for new services as they get from providers today. This will require investment in significantly more complex, fully integrated and customer-oriented service management capabilities.

The Applicant

Incompetent Interviewing Skills Blamed for Poor Employee Performance
by: Jerry Liao

More often than not, when we talk about corporate assets, people will refer to physical assets like furniture, fixtures, equipment, cars and more. Rarely do you hear companies considering knowledge within the company an asset. To me, knowledge asset is one of the most valuable asset one company has. It is something that cannot be bought but can be developed.

The term “knowledge assets” refers to the accumulated intellectual resources of your organization. It is the knowledge possessed by your organization and its employees in the form of information, ideas, learning, understanding, memory, insights, cognitive and technical skills, and capabilities. Employees, software, patents, databases, documents, guides, policies and procedures, and technical drawings are repositories of an organization’s knowledge assets. Knowledge assets are held not only by an organization but reside within its customers, suppliers, and partners as well. Knowledge assets are the “know how” that your organization has available to use, to invest, and to grow. Building and managing its knowledge assets are key components for your organization to create value for its stakeholders and to help sustain competitive advantage.

But for a company to build a sound and valuable knowledge asset base, one should start on the right footing. Start right and your chances of success will be higher, start wrong and achieving success will be more difficult. You might be surprised but proper interviewing skills plays an important role in knowledge asset development.

A new survey of UK heads of HR shows that 74% believe people in their organizations use poor interviewing techniques, resulting in inadequate employee performance that affects the bottom line. The survey, conducted for A&DC, shows that bad interviewing techniques have major consequences on business results, including 35% of respondents stating it shows in poor employee performance and most notably, 24% judging that it affects the bottom line. A&DC has created CBI-Smart, an online tool that enables all interviewers, trained or not, to quickly, easily and inexpensively use competency based interview (CBI) techniques to more than double their chances of hiring the right people first time.

A&DC’s survey also shows the amount of time it takes for HR people to prepare fully for each interview; 70% of HR managers take at least 20 minutes, while 25% spend over 40 minutes creating a series of comprehensive questions.

A third of the respondents believe that the main barrier to making reliable and consistent selection decisions is simply down to poorly trained interviewers. Seventeen percent state that a lack of time is a barrier to making the right decisions every time. Only 16% of respondents thought that most (81% or more) of the people in their organization interviewed well, i.e. consistently and fairly.

Poor interviewing techniques have, according to the 106 respondents, major consequences on business results. Apart from poor employee performance and affecting the bottom line, the HR heads also believe it wastes time (9%), wastes cost (9%), creates disaffection amongst staff (7%) and leaves candidates with a bad impression of their organization (16%).

Rory Fidgeon, Senior Consultant Occupational Psychologist for A&DC, the creators of CBI-Smart, explains, “Interviewing well is a skill that is difficult to consistently get right across the entire organization, whether it’s large or small. The survey shows that few heads of HR see their people interviewing well, which backs up the stories we hear of so many interviewing with ‘gut feeling’ as their main guide. Using this type of judgement in interviews doesn’t work consistently. The results show huge scope to improve and simplify the interviewing process. Competency based interviews more than double the chances of hiring the right people, yet previously they have taken a great deal of time – often over an hour – for trained individuals to pose the right questions for each interview”.

James Foster, Marketing Manager of A&DC, sums up: “Recruiting the wrong person is expensive – research shows that the total cost of replacing a member of staff averages in excess of £8,000.

Other findings are:

– 74% of people within business use poor interviewing techniques.
– 35% of poor interviewing techniques result in poor performance in employees.
– 24% believe it affects bottom line.
– 33% of interviewers are poorly trained.
– 25% of interviewers spend more than 40 minutes preparing for an interview.

So there you go, the secret is out, you want to have the right team – Ask the right questions.

Changing Fortunes

BT Group Buys Singapore IT firm Frontline for US$139 Million
by: Jerry Liao

BT and Frontline Technologies Corporation Limited (Frontline) announced that they have entered into an agreement for BT to acquire the entire issued share capital of Frontline (the “Acquisition”) for approximately S$202 million or US$139 million. Frontline provides IT consulting, infrastructure services, systems integration and IT outsourcing to local, regional and multinational customers. The company, which is listed on the main board of the Singapore Exchange, has operations in China, Hong Kong, India, Indonesia, Malaysia, Singapore, the Philippines, Taiwan and Thailand.

The Acquisition will be effected by way of a scheme of arrangement under the Singapore Companies Act and in accordance with the Singapore Code on Take-overs and Mergers (the “Share Scheme”). On completion of the Share Scheme, all issued Frontline shares will be transferred to BT for cash consideration of S$0.245 for each Frontline share (the “Scheme Price”). The Scheme Price represents a 33.9% premium to 1-month average share price. At the close of business on the day preceding the date Frontline’s shares were suspended from trading, Frontline’s market capitalisation was S$157 million. The completion of the Share Scheme is subject to the fulfilment of certain conditions precedent, including the approval of Frontline shareholders and the confirmation of the High Court of Singapore.

François Barrault, CEO BT Global Services, said: “This Acquisition will create one of the leading providers of networked IT solutions that will be able to offer a broader portfolio of solutions to local, regional and global customers. Frontline will bring to BT major new contracts in Asia and BT will be in a position to offer Frontline customers the full suite of BT products and services. Through this acquisition we reinforce our ability to provide high quality services to our customers wherever they do business. Frontline brings to BT approximately 5,000 highly skilled and professional people whose reputation for delivering complex solutions and network management services fits perfectly with BT’s strategy. We believe our combined reach and skills will create an unbeatable team in Asia Pacific as we seek to respond better to our customers’ challenges and opportunities.”

Frontline’s Executive Chairman and Founder, Steve Ting said “Since founding Frontline in 1993, we have strengthened our footprint throughout Asia Pacific and we are extremely proud of the company that we have created. Becoming part of BT can only accelerate our future growth and help to create a unique portfolio offering that will benefit our existing and future customers, firmly establishing us as one of the leaders in our space. This proposed transaction is great news for our customers, shareholders and employees.”

What’s so significant about this acquisition that I am giving it this much space? First, a couple of years back, Frontline had acquired control of Sun Microsystem Philippines. Second, the Philippine operation of BT is headed by Mr. Nilo Cruz. Cruz is the former Managing Director of HP Philippines.

Why do you think BT is buying Frontline? As BT had said, they want to expand their reach in Asia. So you can say that BT wants to increase the company’s customer base and secure a place in the growing business in Asia. Why did Frontline agreed to be acquired? First thing I can think of is “MONEY” of course. US$139 million is still US$139 million. A strong backing from BT and to complete their offering portfolio could be some of the reasons for the sellout. I am not sure how Frontline is performing as a company but according to reports – Frontline’s net income for the six months ended Sept. 30 rose 31 percent to S$4.6 million, while sales climbed 18 percent to S$110.6 million.

By now, I am sure parties involved are already saying that nothing will change. Everything will be the same, business as usual. We all know that this is not true. They simply want to soften the impact of whatever changes that will be implemented. Changes will come definitely – gradually perhaps.

So what would be the effect of this acquisition in the local scene? I can only speculate. There are a lot of possibilities. Prior to the BT acquisition, SunPhil is run by Frontline and Ms. Cynthia Mamon, President of IT Holdings Inc. (ITH). Now that BT acquired Frontline, I believe someone should go. I don’t think Frontline, ITH and BT will work together and run SunPhil.

ITH already got their money from Frontline, Frontline now is getting their money from BT. It’s BTs turn now to make money, and you can be sure they will do everything to make money. They will do everything to cut their cost, so BT may give up its Regus office and move to SunPhil office. A review of the current manpower in SunPhil will definitely be made. Performers will stay, non-performers will go. This will happen from the highest post to the lowest post. This is the painful reality of acquisitions and mergers.

Let me make a bold prediction here: BT will ask Mamon to stay and run SunPhil since she knows the in and out of the business. Cruz will supervise the operation of SunPhil since Cruz still has his primary role to play – run BT. Frontline will be asked to leave the Philippine operation. That’s PowerShift at work for you.

As they always say, there is nothing permanent in this world – only permanent interest.

More Work Ahead

F-Secure reports amount of malware grew by 100% during 2007
by: Jerry Liao

In its 2007 data security summary, F-Secure reports of a steep increase in the amount of new malware detected during 2007. In fact the amount of cumulative malware detections doubled during the year, reaching the amount of half a million. This indicates that network criminals are producing new malware variants in bulk.

“We’ve never seen as many samples arrive to our labs”, says Mikko Hypponen, Chief Research Officer at F-Secure Corporation. “We would be unable to handle such huge samples loads if we would not have built a high degree of automation into our malware analysis systems over the past years”, he continues.

While no truly new malware technologies were seen the existing ones were refined and adapted for much greater effectiveness. Social engineering remains a key method for propagating malware, and more productive malware development tools and kits are increasingly used by the criminals.

One example of a refined technology was the “Storm Worm” botnet. The successful social engineering methods the Storm gang used during the first half of 2007 were further developed in the second half of the year. Also the technical setup of the Storm botnet is unique: in addition to using a novel peer-to-peer setup to avoid one vulnerable central point of control, the botnet also has a capability of using DDoS-attacks to retaliate against anti-virus researchers investigating the botnet. Such aggressive behavior from the botnet makes it necessary for researchers to use caution in their work, especially as the potential computing power of the Storm botnet is quite significant.

Understandably financial transactions remain a favorite target for network crime. The amount of phishing sites continues to increase, but as bank customers have become more aware of this threat the criminals have started employing more sophisticated techniques. One example of this is banking trojans that use methods such as injecting themselves directly into the browser application (Man-in-the-Browser attacks).

Other increasing data security phenomena during 2007 included parasitic behavior, like the Zlob DNSChanger, and increasing security exploit activity for Apple products, including both Mac’s, iTunes and the iPhone. Also the vulnerability of large databases containing personal data has become an issue with several major leaks reported during the year including tens of millions of e.g. credit card numbers or bank account information. Such leaks enable so called “spear phishing” attacks with very well targeted information. The increased popularity of social networking services carries similar risks.

On the mobile security front Symbian S60 as the most popular smartphone platform has done a good job of curbing malware with its 3rd edition software. Nevertheless, we continue to see spy-tools for the Symbian S60 3rd edition platform. Despite the fairly tightly controlled Symbian signing process for applications, spy-tools are able to get through the process by being submitted as e.g. “back-up” software. Also the increasing popularity of “unlocking” the security controls of both iPhone and Symbian phones is introducing increased risks for the unlocked phones.

F-Secure predicts the increase in malware volume will continue in 2008. The criminals are successfully creating a network-based underground ecosystem, trading both malware development tools, skills, capabilities and resources ever more effectively. At the same time the reach of the law enforcement agencies remain limited in the global network domain. 2008 will be a challenge of endurance.

The Sum of All Security Fears

Cyber Espionage – A Growing Threat to National Security
by: Jerry Liao

Time and again, our nationality security was threatened by incidents that are highly questionable. Let us start with the Glorietta explosion – was it a bomb or was it a gas leak that causes the explosion? How about the bomb that rocked the Philippine Congress, how did that escaped the authorities? And the very recent incident, the checking in of Senator Antonio Trillanes IV and General Danilo Lim inside Manila Peninsula Hotel in Makati, why was he allowed to get out of the court during his trial? All incidents pertaining to Security lapses.

In the online world, security has been a problem and will become a much bigger problem. Attacks are happening without the knowledge of the victim and attacks are now profit oriented – it’s now all about money. Here’s another problem everyone of us should prepare for, especially our government – CYBER ESPIONAGE.

McAfee, Inc. announced findings from its annual cyber security study in which experts warned that the rise in international cyber spying will pose the single biggest security threat in 2008. Other major trends include an increasing threat to online services such as banking, and the emergence of a complex and sophisticated market for malware.

The annual McAfee Virtual Criminology Report examines emerging global cyber security trends, with input from NATO, the FBI, SOCA and experts from leading groups and universities. The report finds the following conclusions:

– Governments and allied groups are using the Internet for cyber spying and cyber attacks.

– Targets include critical national infrastructure network systems such as electricity, air traffic control, financial markets and government computer networks.

– 120 countries are now using the Internet for Web espionage operations.

– Many cyber attacks originate from China, and the Chinese government has publicly stated that it is pursuing activities in cyber espionage.

– Cyber assaults have become more sophisticated in their nature, designed to specifically slip under the radar of government cyber defenses.

– Attacks have progressed from initial curiosity probes to well-funded and well-organized operations for political, military, economic and technical espionage.

“Cybercrime is now a global issue,” said Jeff Green, senior vice president of McAfee Avert Labs and product development. “It has evolved significantly and is no longer just a threat to industry and individuals but increasingly to national security. We’re seeing emerging threats from increasingly sophisticated groups attacking organizations around the world. Technology is only part of the solution, and over the next five years we will start to see international governments take action.”

Aside from cyber espionage, sophisticated threats to personal data and online services are also increasing. The report indicated the following:

– Genetically modified ‘super’ threats: There is a new level of complexity in malware not seen before. These ‘super-strength’ threats are more resilient,

are modified over and over again like recombinant DNA, and contain highly sophisticated functionality such as encryption draw. Nuwar (‘Storm Worm’) was the first example, and experts say there will be more examples in 2008.

– New technology, new threats — vishing and phreaking: A new target for cybercriminals is Voice over IP (Internet Protocol) software. There have been several high-profile ‘vishing’ (phishing via VoIP) attacks and ‘phreaking’ (hacking into telephone networks to make long distance phone calls). In Japan, 50 percent of all data breaches have been via peer-to-peer software. Cybercriminals will look for ways to exploit the popularity of applications on social networking sites such as MySpace and Facebook.

– A run on banks: Experts believe a sustained cyber attack on banks could severely damage public trust in online banking and put the brakes on e-commerce. Critics believe the efforts to address online banking security will not be effective enough or fast enough.

A complex and sophisticated market for the tools of cybercrime

– Cybercriminals offer customer service: This underground economy already includes specialized auction sites, product advertising and even support services, but now competition is so fierce that ‘customer service’ has become a specific selling point.

– Laws of supply and demand apply: The cost of renting a platform for spamming has dropped, and criminals can now buy custom-written Trojans built to steal credit card data.

– ‘White market’ fueling thriving black market: The ‘white market’ that exists to buy and sell software flaws (back-door vulnerabilities with no available patch to fix them) is fueling a virtual arms trade in potentially significant security threats. Software flaws can fetch big money — up to $75,000, and experts believe that while this white market exists there is an increasing danger of flaws falling into the hands of cybercriminals.

Let this report be a warning and a challenge at the same time to our government and to all of us cyber citizens. Fighting cyber criminals is a lot more difficult than fighting real world criminals. You may stop a rebellion by bringing in Armored Personnel Carrier (APC) inside a hotel, but how do you stop a group or a country stealing information from another country? Worst, we may not even know who our enemies are.

Perhaps some of you might say this is one advantage the Philippine has since we are not that wired yet. Well it’s a chicken and an egg thing. Do we remain unwired and be left behind by other countries or do we wire ourselves and be exposed to cyber espionage? I rather go with the later since all we have to do is to be prepared. The dangers were already identified, we were already informed.

I just hope that if and when the said report happen, we will have our defense rightly in place. As I always say, the solution is we fight technology with technology, knowledge with knowledge. The question is do we have the right technology and do we have the right knowledge?