In just over a week, Americans get to choose a new president and vice president. That makes us hiring managers. Those who have been nominated for president and vice president are applying for jobs. Very important jobs. So whether you've never been a manager before, or you're a manager by profession already, please remember:
You must not discriminate against a candidate based on:
- age
- disability
- gender
- ethnicity
You should evaluate a candidate based on:
- work history
- skills
- experience
- responsibilities
- performance
- accomplishments/awards
- professional associations
- military record
- volunteerism
- education
- accreditations/degrees
- licenses
- references/endorsements
Our candidates have serious decisions to make on our behalf. They must be excellent communicators, both at home and abroad; they must be able to manage a dauntingly large budget. They must be able to work well both independently and in team environments; there should be a natural progression of relevant jobs leading up to their application for this position. Candidates for this position should probably have at least 5 to 10 years of previous management experience or a masters degree in business administration, and the ability to obtain the required security clearance since this is a federal government job.
Do your homework carefully - get to know your candidates and their intentions, and then make your decision count by voting on November 4.
It's true. Not only can you monitor UNIX and Linux computers from System Center Operations Manager 2007 using Cross Platform Extensions, but you can now also use Interop Connectors to share information between Operations Manager and both IBM Tivoli Enterprise Console and HP OpenView for Windows and UNIX.
Yeah, I KNOW!
These new goodies are in public beta. If you use multiple enterprise management systems and/or need to monitor computers on multiple platforms, you must check out these links!
Making sure to miss no one in their effort to notify job seekers,
Monster has sent all their members the following email:
Dear
Valued Monster Customer,
Protecting the job seekers who use our website is a top priority, and
we value the trust you place in Monster. Regrettably, opportunistic
criminals are increasingly using the Internet for illegitimate
purposes. As is the case with many companies that maintain large
databases of information, Monster is from time to time subject to
attempts to illegally extract information from its database.
As you may be aware, the Monster resume database was recently the
target of malicious activity that involved the illegal downloading of
information such as names, addresses, phone numbers, and email
addresses for some of our job seekers with resumes posted on Monster
sites. Monster responded to this specific incident by conducting a
comprehensive review of internal processes and procedures, notified
those job seekers that their contact records had been downloaded
illegally, and shut down a rogue server that was hosting these records.
The Company has determined that this incident is not the first time
Monster's database has been the target of criminal activity. Due to the
significant amount of uncertainty in determining which individual job
seekers may have been impacted, Monster felt that it was in your best
interest to take the precautionary steps of reaching out to you and all
Monster job seekers regarding this issue. Monster believes illegally
downloaded contact information may be used to lure job seekers into
opening a "phishing" email that attempts to acquire financial
information or lure job seekers into fraudulent financial transactions.
This has been the case in similar attacks on other websites.
We want to inform you about preventive measures you can take to protect
yourself from online fraud. While no company can completely prevent
unauthorized access to data, we believe that by reaching out to job
seekers like you, the Company can help users better defend themselves
against those who have attacked Monster as well as other databases.
We are committed to maintaining an ongoing dialogue with all of our job
seekers about Internet security and the steps Monster is taking to
protect its job seekers. The Company has placed a security alert on
Monster sites offering information to educate you about online fraud.
This information can be found at http://help.monster.com/besafe/.
We have also included information on Internet safety and examples of
fraudulent "phishing" emails at the bottom of this letter.
Monster has launched a series of initiatives to enhance and to protect
the information you have entrusted to us. Some of these steps are being
immediately implemented, while others will be put into place as
appropriate.
We believe these actions are the responsible steps to protect the trust
you place in Monster. We are also working with Monster's hundreds of
thousands of employer customers to ensure a safe and effective online
job search. We will continue to share information with you about the
enhancements we are making as we serve as your online career resource
partner. We invite you
to keep reading to learn more about how to use the Internet safely.
Sincerely,
Sal Iannuzzi
Chairman and CEO
Monster Worldwide HOW
TO BE A SAFE INTERNET USER
Every Internet site in the world is facing the growing issue of
fraudulent usage of information, and we want to work with users around
the world to stop this practice - please keep reading to learn more
about the warning signs and what you can do.
Spam email is such a common occurrence today; you may think you know
what to look for. But there are two types of email scams - what's known
as "phishing" and "spoofing" - that can be more difficult to identify.
Both practices concern fraudulent email where the 'from address' has
been forged to make it appear as if it came from somewhere, or someone,
other than the actual source. Below are the warning signs to look for:
What's
"phishing" all about – and how do I spot it?
Phishing emails are used to fraudulently obtain personal identification
and account information. They can also be used to lure the recipient
into downloading malicious software. The message will often suggest
there are issues with the recipient's account that requires immediate
attention. A link will also be provided to a spoof website where the
recipient will be asked to provide personal/account information or
download malicious software. Monster will
never ask you to download software in order to access your account or
use our services. How
is it different than "spoofing"?
Spoof emails often include a fraudulent offer of employment and/or the
invitation to serve as a go-between for payment processing or money
transfers. This scam is primarily directed at a general audience, but
it can also reach Monster members who have included contact information
on their resumes. Like with phishing emails, the sender's address is
often disguised. Examples
of fraudulent email:
These examples of fraudulent email show you what to watch out for
(click to see details):
Consumer
Advice: How to Avoid Phishing Scams
The number and sophistication of phishing scams sent out to consumers
is continuing to increase dramatically. While online banking and
e-commerce is very safe, as a general rule you should be careful about
giving out your personal financial information over the Internet. The
Anti-Phishing Working Group has compiled a list of recommendations that
you can use to avoid becoming a victim of these scams.
Be
suspicious of any email with requests for personal financial
information.
Phishers
typically include upsetting or exciting (but false) statements in their
emails to get people to react immediately.
They
typically ask for information such as usernames, passwords, credit card
numbers, social security numbers, date of birth, etc.
Don't
use the links in an email, instant message, or chat to get to any web
page if you suspect the message might not be authentic.
Instead,
call the company on the telephone, or log onto the website directly by
typing in the Web address in your browser.
You
should only communicate information such as credit card numbers or
account information via a secure website or the telephone.
Always
ensure that you're using a secure website when submitting credit card
or other sensitive information via your Web browser.
Although I was advised by Monster that the information obtained was
generally publicly available anyway, upon reflection I realized you would be hard-pressed to find my physical address or phone numbers on the
Web, and it may be a bit cavalier of an attitude toward others who have been equally as cautious. So
although it's no big deal to some, it might be a big deal for others. I'm just sayin'.
- A motherboard tattoo is a unique code that can be written in the basic input/output system (BIOS) of a computer to ensure that System Restore or diagnostic compact discs (CDs) will work only on the machine or line of machines with which the CDs are sold. The tattoo process ensures that recovery or diagnostic CDs cannot be illegally used with computers other than those for which they are intended to be used.
A tattoo consists of an erasable programmable read-only memory (EPROM) chip that contains information about the machine, such as the serial number and operating system data. This chip is unique to each machine. If the motherboard, or certain components on it, are replaced, the EPROM chip must be reprogrammed. The same is true if the original recovery or diagnostic CDs are lost. The technical support department of the computer vendor, or the technician who performed modifications or repairs, should be contacted for details about the reprogramming (re-tattooing) process.
If the above techno-babble didn't make sense to you... If you buy a computer that utilizes tattooing - and they don't have to - then if you want to upgrade your hard drive, say for all those downloaded tunes and cute kitten videos, you have to call the manufacturer - you'll have no choice. Anything you try to install will be ignored by the motherboard. The process of upgrading is also more complicated, having to deal with flashing the motherboard, dealing with DMI's, burning specialized ISO's to bootable CD's - all in addition to the normal steps for upgrading a typical HDD.
I bet using the tattoo technology described above would work well as a data mining tool. You visit a website, that website server runs software to scan all incoming webpage requests for the requester's machine information, including the chip information, your operating system, IP address and a ton of other identifiable information. Why not program in a backdoor as well - say for "technical support" purposes. Do you see how this gets more creepy by the minute?
I had to share this video of Microsoft Surface...the technology is cool and it's worth watching the video all the way through. But what I really want to know is, who wrote that intro song?
Job boards run a pretty straightforward system: employers, recruiters and sponsors pay them to list open positions, seek qualified candidates and advertise, keeping the services to job seekers free - a sensible thing to do considering they’re out of work.
This being the case, and considering the amount of personal user identification stored in their systems, you’d think the job boards would make it their first priority to ensure that the protection of this data is uncompromised. Instead of putting revenue in its pocket, the company should be investing in making its products and services the absolute best in class. Security should be at the top of their list.
Job board phishers always join posed as employers or recruiters. Some post jobs, some don’t. What usually happens is the phishers search the broadest range of candidates he/she can find for a given job title and then do a couple of things:
Send emails through the job board system to candidates who’ve elected to make their contact info private but match the search.
Collect candidate contact information from the job board (from users who’ve elected to leave their contact info visible to employers) and then send external email via a “bulk mail” system.
A variety of options are then available to the wily phisherman, for example:
The email offers a position or asks about contacting them for an interview, redirecting the job seeker to an online application form. Often this is done to collect data to rent and/or sell. A look at the privacy policies of these sites usually confirms exactly that. This is phishing, and can lead to identity theft.
The position offered may say that money transfers are involved and have job seekers fill out numerous contractual forms, in most cases providing their personal/business bank account or PayPal account information. This is a money scam.
I’ve received other “job offers” where the responsibilities are said to entail parcel shipping. I am just starting to look into these, but I strongly suspect these too are money scams merely masquerading as jobs.
All of the emails offer positions with common job titles; many of them appear “canned” - that is, like form letters. But some of them appear to have been machine-translated or were written by individuals whose native language is clearly not English. Some of the “contracts” read like the candidate is making a pact with terrorists.
Using publicly available online resources, such as the Better Business Bureau and WHOIS, we usually find a trail of changing company names and addresses for these phishing companies. More often than not, they can be sourced to individuals in countries outside of the United States.
If the job boards do have risk management solutions in place, it’s clear that they are not effectively managing the abuse of their system. Despite their efforts to offer a layer of privacy by allowing users to make their contact info private, the job boards are still almost exclusively responsible for all the companies investigated on this website who were proven, by public record, to be scams.
Six months of research in “Sneaky Things” proves that CareerBuilder leads the pack, with about 80% of the job scams originating from their site; Monster falls into second place, responsible for about 15%; it’s hard to say where the remaining 5% of job scams come from, but it’s highly likely that the sources are job boards.
I only have profiles set up with CareerBuilder and Monster, but that doesn’t mean the other job boards are safe from phishers. Other sources like Craig’s list have been cited as also being perpetuators of the problem.
So what does all this mean? Our current climate is one filled with identity theft, scams and outright illegal activity. According to the FBI and Secret Service, the US has no jurisdiction to stop scammers operating from other countries, and there seems to be no organized body with enough jurisdiction to prevent the other countries from shutting them down. The US government believes that “poorer” countries look the other way and welcome the positive effect to their own economies.
We’re really only left with a couple of options: we can go after the companies hosting the scammer websites and have them shut down, but the sites are often hosted outside the US as well, and let’s face it, they could easily keep on going. The other option is to hold the job boards liable, regardless of whether or not they agree.
I maintain that they are liable. What do you think?
Sometimes, when the music is just right and the moon is shining bright, I get a little weird. I like to think of it as a kind of creative rapture.
I’m not going to claim any prowess as a poet, but I do enjoy writing in verse from time to time (see: A Special Poem?). I don’t expect any applause or critical acclaim; I just wanted to share. Every single word here was chosen for a reason.
So put on some Mars Volta or Dream Theater (embedded videos are below the poem), sit back, and enjoy the ride!
Since the very first day I started my site I used Sitemeter.com to look at my visit statistics, but after joining Technorati and FeedBurner to get the word out about job scams I found their stats somewhat lacking.
After some research I made a switch to Statcounter.com. It only logs the last 100 visitors (which you can pay to increase), but I don’t care about that. What I like is being able to see so many more options for reading the data. I’m a stat FREAK, and I like to compare search engine referrals, learn which keywords were successful, and see my site hits sliced and diced in so many ways.
Today I read a great article (see: source) about how Statcounter.com turned down an advertiser who wanted to include spyware cookies on member sites, and were given a firm NO in response.
I don’t know if Sitemeter was doing that, but I do think their stats are kind of lame compared to the info I get at Statcounter. On top of that, I have the added bonus of knowing there won’t be any back-door money-making going on at the expense of me or my site visitors.
Thanks, Statcounter.com!
–TM
PS - Thanks to all the bogus job offers, my site is now getting anywhere from 1000-1500 hits per day. I have 3 new questionable opportunities joining the list soon and expect the visits to my little blog will climb some more. I promise to hurry up with those posts - gotta keep getting the word out!
I’ve been a busy grrl, getting my work machine ready to give to my colleague, which means backing up all my data and transferring back to my own machine. I ran into some issues with my personal machine and had to do a system recovery. I’ve had to copy huge (one of them is 20GB) backup files between machines so I don’t lose any of my data. I need to get it done for this week, so it’s had to take priority over researching or posting job scam reports.
Once I’m done rescuing my files and switching machines, I’m planning a major overhaul to the look and functionality of my site. It’ll be a big job, but I hope to unveil it in early May. I’ve got a new look too, so I’ll be sure to post a new photo.
April will be a busy month for me, but I’ll do my best to keep researching the suspected job scammers and promise to post any new information I find. In the meantime, if anyone else has the bandwidth, please become a member and report your findings. If my posts brought you here, then yours can bring others here too!
I was going to make my first post here on Tabatha’s site an introduction of myself but I’ve just come across an unbelievable post about death threats against Kathy Sierra. While I do not know Kathy, she is an outstanding advocate for “making users passionate about their lives and tools”. She is a driving force behind the “Head First” series of books about web technology. She is clearly an expert and is normally and widely recognized as such in the technology world meritocracy. Instead I’m saddened to see her threatened, sexually objectified, and her considerable abilities disrespected. These threats have hurt not only her but the entire web community because they are preventing her from getting her message across.
Beyond Kathy, such incidents hurt our ability to get women to join the technology field. I haven’t exactly been on the ramparts recruiting women to the cause but I do respect the women in the industry that I know. Women like Pia Waugh, Tille Garrels, and yes Tabatha, are all top notch technically and damn fine people. It would be a shame to lose people like them through ignorance and hatred. Even worse would be losing the next generations that we are trying to bring on board with efforts like LinuxChix, Debian Women, and others. Please, go to Kathy’s site and show your support. Read her articles and see what we all will be missing if we let bad actors drive her away.
I’ve been scouring the Web looking for anything about the job scams we’ve been coming across (*cough* since December *cough*).
Surprisingly little is being said about this, apart from savvy bloggers such as ourselves. How sad is that? I guess this latest challenge, faced by thousands of people in the US searching the job boards for employment, just isn’t really news.
If I proposed a solution, it would have to be as simple as: pay attention! If the reporters on the news weren’t so busy regurgitating the same 5 stories every day and stepped out of their little bubbles, maybe they’d notice there are other things going on in this country.
Like the Wonderbra, computer repair technicians should be able to support you reliably, be composed of quality components (people) and be priced reasonably.
Today, computer support professionals aren’t any of those things, and I should know - I am one. (a computer repair technician, not a Wonderbra). Reliable help is more of a inside joke than a reality, the quality of technician ranges anywhere from uber-guru to Mr. Breakit and the prices are not only high, but there are no standards - customers don’t even know how much tech support SHOULD cost.
I know at least one of you readers has been through the technical support nightmare, and not just the kind of low-level frustration you get at work, but the high-end panic that sets in when it’s YOUR stuff that’s in jeapordy.
You don’t know any computer-Nerds (thanks for the loser nickname, BTW) so you whip out Ye Olde YellowPages and let your fingers do the walking. You stop at, let’s say GeekSquad (I have no personal bad feelings towards BestBuy or the losers in the white shirts - except that they perpetuate the loser persona in the High Technology field) and so you make your appointment.
So the loser-mobile sits outside your house declaring to your neighbors that you can’t run your own computer while you pay the equivelant of $160/hr. for him or her to fix problems that most likely should never have occurred in the first place. You see, “you’ve been hit by, you’ve been struck by - a smooth criminal.”
The Nerd’s a criminal? Nope. BestBuy? Nope. The entire technology industry is collaborating to maximize their profits at your demise. You are kept in a constant loop of ‘dis-satisfaction’. That’s you the home user. You the business owner. You the cube-farm-worker and even You the trash-collector. If you use a computer in your life, you are a victim.
Here’s a nutshell version of what happens… I’ll use brand names to make it easy to follow, just remember that this is an example - ALL brands are doing the same thing. I’ll start with the hardware and software industries.
Let’s say IBM has a new PC (we’ll call it IBM1). The hardware in that PC needs software (like Windows) in order to perform it’s work (which we’ll call OS1) and you run out and buy one.
You get about 3 months use out of it when you are notified of an update for McAffee (pronounced MC-AFFY, not MACAFEE even when their President says it wrong). If you don’t perform the update, you will be at risk of infection or hacking or identity theft or dirty content or some other bad thing and it’s true. You will be at risk if you don’t keep your OS and Anti-Virus updated with patches and fixes on a daily basis. This is the equivelant of a drug dealer getting someone hooked through free introduction, except it’s more like your doctor getting you hooked on vaccines. So you fork out the $60-300 for your anti-virus software.
Of course, that’s not enough, you’ll need some anti-spyware and personal education in safe use practices - the list goes on. I start to imagine those poor folk who put tinfoil on their heads so the aliens can’t read their thoughts. Are the aliens even really there?
Yes, there are viruses and yes, you should protect yourself, but why is it this way in the first place? Because it’s designed that way. There is NO other expaination. There are holes in software code because they are put there on purpose, they are NOT mistakes. Programmers are INTIMATELY familiar with their own creations and they don’t miss much if anything.
So now, you live in a techno-world of fear and stress. Computers just aren’t perfect and we rely so much on them now. What should we do?
Back to our original scenario, now that you have your IBM1 and OS1 with all your additional and expensive add-ons and you’ve made through two years without any major losses or problems. Just little connectivity problems, or some weird error that only appears on start-up. No big deal a commercial on T.V. says it’s time to upgrade.
Yep, you upgrade when your told to. OS1 is releasing their newest version, more secure, less errors, more ‘intuitive’ and even has extra features for the handicapped. So you run out and buy it and slam that CD/DVD into the drive and start upgrading only to find that you need an additional 128mb of RAM in order to install it. So you run out and buy the RAM, slap it into your PC and continue the install. Now it requires a better graphics card so you go grab one of them and install it. Finally it’s upgraded and it works worse now than ever, everything familiar has been moved and/or renamed and you can’t install your accounting software because it’s not compatible.
What now? You just screwed everything up by following all the instructions exactly. Now you call me. The Computer Repair Techician.
Most PC repair costs at least $80/hr. and I have seen as high as $300/hr. in California. PC repair takes time. It’s not magic like on T.V. You don’t just show up and hold out a fancy device and then mash the keyboard for 5 seconds and announce ‘Fixed!’ Data recovery alone can take hours if possible at all and it is very likely that the service will cost you more for one visit than your PC cost when you bought it.
In this situation, and it happens alot, I am basically forced to make you spend even more money on upgrades to your accounting software in order to get your data re-imported and your work flowing again and perhaps even upgrading your PC to address the performance issues. But I know that this is just a temporary solution.
Now that’s me. I am not associated with any hardware or software manufacturers and have no interest in selling upgrades. My mission is to walk in and fix the problems fast, like the cable-guy or the plumber. 1-2 hours should do the trick in almost any situation. Add to this scenario that I have to deliver bad news almost every time. Even if I walk in and fix the problem in 5 minutes there’s the high price to be paid for my one hour minimum.
It’s all so unfair to start with. You wouldn’t put up with this kind of treatment if it was your furnace, would you?
=====
If you purchase a major appliance, let’s say a stove, or fridge or dishwasher, it usually comes with a warranty of at least 10 years. Little secret - those appliances are ALL computers. Oh yes they are! Digital display, programmable cooking times and temperatures, auto-clean and other features are the evidence.
Even my microwave knows when daylight savings kicks in and out. Your car is a mobile computer also, and if you sign up with On-Star, they can unlock your car for you via wireless radio signals and even send a tow-truck to your GPS location. For the most part, as far as I know, all that stuff works just great.
My Blackberry kicks ass too. The OS never crashes and unless I crush it in a car door, the phone hardware itself (PDA) is durable and reliable - and the battery lasts forever. Are we supposed to believe that they can’t take the same approach to laptops? I mean really, the battery in my phone is the size of 3 Jolly Ranchers and lasts for 4-5 days under light usage. My laptop will whine and shutdown angrily if I leave it on and unplugged for 20 minutes. It’s battery is the size of 6 jumbo chocolate bars (you know those extra big Snickers bars…) it’s gotta weigh at least 2lbs. vs. maybe an ounce in my phone.
My point is, finally, that they are perfectly capable of building a better, more reliable computer, they just don’t because if they worked right, you wouldn’t buy a new one in 2 years or less, you’d wait 15-20 years like with your furnace. So accept the fact that the manufacturers of PC’s and software are not keeping your best interests at heart. An example of this is when you get a new PC from the store and it comes loaded with software titles (which is supposed to be an incentive to buy..geez), these software titles are Bloatware.
They are mostly useless if not damaging to your system. Remember how your PC came with McAffee (remember how to say it) and SpyDoctor or SpyGoof or Spy-B-Gone and their super-awesome (sic) HP/Compaq/Dell/IBM System Manager software that supposedly helps to keep your PC protected. I have even seen new systems that come with TWO anti-virus packages. *** YOU CANNOT HAVE TWO ANTI-VIRUS PROGRAMS INSTALLED ON THE SAME MACHINE THEY WILL FIGHT EACH OTHER *** That’s so basic that it HAS to be on purpose.
Okay, enough bitching. Here’s the solution.
You’re screwed. Deal with it. Okay - there’s a couple of things you can do to make your system last as long as possible and to avoid pitfalls like infection.
Keep it simple and be dedicated. I’ll explain.
The machines that last forever and hardly crash and never need updates… You’ve seen those super-dusty machines still running Windows 98 and printing to a dot-matrix paper slammer. Why is it that some machines can perform like that? Because they’re dedicated, both the PC AND the user (singular).
The machine that lasts for years and years is the one that has a dedicated job. One user, one purpose, a minimal amount of software installed and backups sent somewhere, ANYWHERE outside of the PC itself. Like backing up your work to CD or even floppy. If you have a PC that is for work, keep it that way.
Your work computer should have ONLY the software needed to perform work, that means no downloading music and cute video clips of kittens falling off the couch. That means no instant messaging (unless it’s used in your work duties only), no fun at all on this machine. It’s for work and your data has great value to you. A cargo-van is not a sports car and the same goes for PC’s. Keep your system as naked as possible regarding software installs, just the OS, office applications, anti-virus and firewall. If you are on a network, get it encrypted. Now. Less parts means less probobility of failures.
- A motherboard tattoo is a unique code that can be written in the basic input/output system (
