Lets hope for an "Unleaky" New Year 2011!

 

2010 had been a terrific year! The concluding days were dominated by WikiLeaks exposures, which have come as a rude shock to many, big surprise to some, huge disappointment to a few and a great fun for others. 

The motive, effects and ramifications aside, WikiLeaks-type exposures perhaps represent the biggest information security threat to Government agencies and enterprises. 

Malicious insiders seem to be causing this harm by either misusing privileged access or giving credentials to too many un-vetted people who then route them to WikiLeaks or any other media outlet. Lack of well-defined access control policies and enforcement mechanism coupled with haphazard style of privileged password management potentially lie at the root of such security incidents.  

Now, the big question: How to combat insider threats and WikiLeaks-type security incidents? 

One of the effective ways to ensure internal controls and mitigate insider threats (and thereby combat WikiLeaks-type exposures) is to automate the entire life cycle of Privileged Access Management enforcing best practices. 

In the backdrop of the WikiLeaks exposures, ManageEngine Password Manager Pro has come up with a white paper " Preventing WikiLeaks-type Security Incidents " that analyzes the various dimensions of information security, the causes for tight security policies, the need for controlling privileged access and the strategies to mitigate the threats.

Take a look at the white paper  and share your feedback.

Bala

Petrol Price Hike & Corporate Canteens

The sharp increase in petrol prices announced by the oil marketing companies might have angered you. This will certainly have a great impact on inflation and very soon we may have to shell out much more for getting much less. Opposition will raise a hue and cry, but everything will fizzle out. Manmohan Singh, the greatest Prime Minister we have ever had will be meek spectator for the plunders of Kalmadi, Raja, Lalith Modi ...oh, the list is endless.

We are helpless and we must endure all these. I can offer some very good "food" for thought: (I got the following list as a mail forward, veracity not known. But, in all probability, this must be true).

Price List

• Tea Re. 1
• Soup Rs.5.50
• Dal - one katori Rs.1.50
• Veg thali (dal, subzi,4 chapatis, rice/pulao, curd and salad) Rs.12.50
• Non-veg thali Rs.22
• Curd rice Rs.11
• Veg pulao Rs.8
• Chicken biryani Rs.34
• Fish curry and rice Rs.13
• Rajma rice Rs.7
• Tomato rice Rs.7
• Fish fry Rs.17
• Chicken curry Rs.20.50
• Chicken masala Rs.24.50
• Butter chicken Rs.27
• Chapati Re.1 a piece
• One plate rice Rs.2
• Dosa Rs.4
• Kheer - one katori Rs.5.50
• Fruit cake Rs.9.50
• Fruit salad Rs.7

Where, you might wonder! The poorest of the poor in New Delhi are getting this. They are none other than our honourable MPs who got a hefty pay hike only a few months ago. Not just the parliament, many corporate canteens serve food at highly subsidized rates to the highly-paid employees. The babus and nethas know very well how to take care of themselves.

The face of the agricultural labourer at my native village readily comes to my mind. A cup of tea costs Rs 5 and that is a luxury for him. Oh God, my blood boils - I see Manmohan Singh, Sonia Gandhi & A Raja in all smiles on TV!!

2G Spectrum, A Raja and a few eminent men of Chennai

The whole country is on the boil. People were dumbstruck when the media explained how many zeroes were there for Rs 1.76 lakh crore. At this juncture, a couple of days back, I happened to view a program aired 'Live' by Kalaignar TV, DMK's mouthpiece.

A conglomerate of 'eminent persons' including Dravidar Kazhagam president K Veeramani, Blackshirt Suba Veerapandian, Media man AS Panneerselvan, father Jagath Gaspar, television anchor Ramesh Prabha and others were speaking in defence of A Raja, the epitome of corruption.

These people virtually gave a clean chit to Raja and went a step ahead describing him as an 'icon of efficiency and honesty!!!'. Stating that the English media was hunting Raja just because he was a dalit, these 'eminent people' said that the democracy itself was in big danger. They wanted immediate regulation on English news channels.

One is at a loss to understand why the media was hunting Raja alone while there were countless dalits who are in hot seats of power in the country. 

After each passing day, the magnitude of the 2G spectrum scam is becoming increasingly clear. But, these 'eminent people', who have risen to safeguard democracy, not only say that Raja is a honest politician, but also want the media to portray him so!  

However, I was not surprised to hear such a 'great' argument from these 'eminent men'. Most of them have already come in open support of 'great' personalities like sandalwood smuggler Veerappan, LTTE's Prabhakaran and other notorious elements. These people will talk about 'human rights' only in the context of these 'greats'. Their hearts bleed only when they think about the plight of Rajiv killers languishing in jails.

These 'eminent men' do not have any shame. They will defend Raja even if the court convicts him after a detailed enquiry.

YET ANOTHER CHILDREN'S DAY ....

This is that time of the year again! We are celebrating yet another children's day (Nov 14). While the schools in cities and towns are busy organising various programmes, events and talent shows, there are thousands of schools in rural areas where the children are not even aware of any of these celebrations. Leave alone the celebrations- the quality of education out there is so bad. As I hail from rural background, I am very well aware of what is being taught in our villages. When I think about the poor quality of education in rural areas, my heart bleeds. Excerpts from an article I wrote in 2003 ... 

YET ANOTHER CHILDREN'S DAY ....

We dream of making India a developed Nation. To become a developed Nation, the 5,11,000 villages in India must attain rapid development.  This is possible only through education - good quality education. We talk of 'Sarva Siksha Abiyan', but fail to care about the quality. While the 'haves' are able to get high quality education, the have-nots in rural areas poorly fail to get even primary education, I mean proper primary education.

How bad is the quality of primary education in rural areas?

As part of the work of the social service organisation of my village in Nagapattinam district of Tamilnadu, we, a group of educated and employed youth spend our weekends teaching the poor students of the underprivileged sections of the society. All the students who attend our classes are studying in Government and Government-aided schools. Though I had fairly a good idea about the 'quality' of education imparted in the rural schools, I never even imagined that the quality would be so bad!

I was casually talking to a group of fifth standard students. I just asked that group to start writing the spelling for natural numbers from 1 to 50 - a question which we should be asking a pre-KG child in city areas. One smart boy in that group who normally shows very good grasping capacity answered : 'Sir, if you want us to write it in English, we know only upto 10. If it is in Tamil, well, we can go up to 50'. But, he was not able to write the numbers correctly in Tamil itself. There were lot of mistakes and still worse, after 21, he went to 24. This answer left me in a state of total shock. More than five years of schooling has not even taught him the numbers!

The above incident is a classic example of the 'quality' of education being imparted by our elementary schools in rural areas (rural areas all over the country, not just Tamilnadu). It may be noted that the schools I am talking about are the ones run by the Government and not the mushrooming Matriculation schools.  Students who attend these schools are the wards of the have-nots. 

The kids who do not have even a good shirt to wear, come to these schools with a worn-out book, and a slate. For most of the students, the noon-meal served in the school is the major attraction and a great hope. But the teachers serving there do not feel the sincerity of purpose.  Most of the teachers do not have the intention of lighting the education lamp in the lives of the poor students - the hallmark of the noble profession.

For those of you who have seen the urban children carrying a truck load of books in a huge bag on their backs, the details about the daily routine of these unfortunate children would be a substance of surprise. These children would not rush to their schools as their counterparts in Matric schools do. The school bell would ring sharply by 9 AM even in the absence of teachers, because ringing the bell is the responsibility of school boys themselves on turn basis. 

Many schools do not have adequate number of teachers and even the one or two available would not care to come on all days. On turn basis, they would be off from the school, but would sign the attendance register without fail on the days when they come. In the school, one or two teachers would be looking after all the five classes. 

He would simply write a few words on the black board on all the classes and would ask the students to copy the same in their slates. He would be sipping the tea brought from a nearby tea stall by a student and reading the news paper of the day and conversing with his colleague on varied matters.  Simply, they would do everything except teaching.  In most of the schools, the students would be asked to play during the noon session. By 4 PM, they will be packing up to their home. No lessons, no home work!

After passing five crucial years in useless elementary schools, these students enter the high school. As they do not have even basic knowledge of English, Science, Maths and even their mother tongue, most of the students are unable to cope with the lessons in the high schools. As a result, after pulling on for a few months or years, they ultimately drop out from the school. Thus a full stop is put to their education.

I myself is a product of an elementary school not much different from the one  I have been talking about, but I could land up in Engineering and subsequently a decent job in the software industry, solely due to the social and educational status of my parents. 

Just have a look at what many of my elementary schoolmates are doing now:  One Nagarathinam has become a 'Samosa' vendor in a local cinema theatre (following the tradition of his father's profession); Murugesan who studied upto 8th standard is now a construction labourer;  Sivakumar, is now a temple priest, and the list goes on.... All of them are from very poor families and still they remain so. Had they been imparted proper education, at least one among them might have become prosperous. Whenever I meet my unfortunate elementary school mates, I feel the pain in my heart.

I vividly remember two of my classmates - Mohan and Natarajan, who were very brilliant despite their family background. They were far ahead of all of us in General Knowledge - they used to regularly hear the radio news.  But, due to the lack of proper foundation at the elementary level, these two dropped out somewhere during the high school days. I do not know what they are doing now. 

It is reported that the effective student strength in Government-run elementary schools is rapidly decreasing. Only the very poor admit their wards in these schools. Of course, there are a few dedicated teachers here and there. But, the majority of the teachers are not like that. 

Private Matriculation schools train their students in extra-curricular activities like singing, dancing, painting etc., What the poor students of Government schools require is a reasonably good quality basic education. Our teachers are certainly qualified and capable of imparting it. A change in the mindset of the teachers can light the education lamp in the life of the underprivileged. It is time our Government takes action in this regard.

SOME MEASURES TO IMPROVE QUALITY

1. Establishing one model school in each district headquarters. The model school should reallly be a model school in all respects. The school should offer eduaction of the quality of Delhi Public School. Every year, 100 poor children should be admitted to the school irrespective of caste or religion. Economic status should alone be the entry criteria. The children should get everything in that school itself. If 500 such schools are established in 500 district headquarters, every year 50,000 poor children will get high quality education.
   
2. In other rural schools, each class should have a dedicated teacher. The system of two teachers  (Or aasiriyar palli in Tamil) for five classes should be immediately done away with.
   
3. Primary School teachers should be imparted training once in two years on the latest trends in teaching.
   
4. 'Play school' type of schools should be encouraged in rural areas.
   
5. Private Corporate giants should be persuaded to establish model schools in rural areas. Income Tax concession may be given in such cases.
   
6. The students should study their Mother Tongue as a subject, social science subject in their mother tongue and Science and Maths in English Medium. They should also be encouraged to learn new languages. Lack of proficiency in English is the major handicap of rural students.

---------------

As I mentioned at the beginning, I wrote this article in 2003.  Seven years later, I do not find much difference in rural areas. The situation has worsened - even the poorest of the poor want to admit their wards in private schools.

Liberal funding through Sarva Shiksha Abhiyan, Activity Based Learning etc have created some positive impacts here and there - not everywhere.  We have a dynamic School Education Minister in Tamil Nadu  - Mr. Thangam Thennarasu.  This man has taken some sincere  efforts to improve the quality of education in rural areas, but we can't say it has brought the desired effect everywhere.  

The present Deputy Chief Minister MK Stalin's initiative during his tenure as Chennai Mayor has helped improve the quality of Corporation schools in Chennai significantly. The present Mayor of Chennai Mr. Subramanian has taken the initiative of  establishing the 'Chennai School' chain. These are definitely laudable steps.

Union HRD Minister Kapil Sibal seems to be a man of action.  He can do wonders if he is given a free hand.

All these leaders should focus their attention on the elementary education in  rural areas. Only when such a step is taken, it will be a true tribute to Pandit Nehru. Children's day is an occasion to initiate that!

Bala

Mobile phones and my journey in a train!

Long time back, I wrote this article for 'Youth Express', a supplement to the New Indian Express. When I wrote this article, mobile phones were just becoming popular in India, but they were not all pervasive as they are today. Today, in this facebook age, this story is much more pertinent!!

Mobile phones and my train journey! 

Before getting into My Diary, the contents, a quick question: Are you a Mobile Phone User?


I know this question is absurd. Mobile phones have become a part and parcel in the life of urban 'elite'. The answer for this question is obvious : A resounding "YES". So, putting this question to the urban elite like you, is certainly absurd. But, I am firing this absurd question only with a purpose!!


Let me ask a sensible question now : Do you disturb others with your Mobile?? I am afraid, the answer for this question too might be "YES". Knowingly or unknowingly, we do disturb others through our Mobile.


A month back, I boarded a train at Chidambaram bound for Chennai. It was a day-time train fondly called as the 'Day Express'. The total journey time was 6 hours. Not having the mind to kill the day in travelling, I had decided that I would spend the time reading a book on Yogic Wisdom to Life Management by Swami Sugabodhanandha (yes, the author of the famous tamil book 'Manase Relax Please').


The train started and I opened the book. There were around 30-40 people in the open compartment. I had just started reading... completed not even a single page. One of my co-passengers picked up his Mobile and called someone dear to him. The conversation started... The person was blessed with a baritone voice. He started with "hmm, train Chidambaram thandidichu..." He discussed a lot of subjects, including enquiries about the day's menu at the other end "Enna Sambaar Innikku??", about someone who suffered a minor illness a long time back - "Raju Kaalla rendu masathukku munnadi adi pattudhe, ippa thevalayaa?" or enquiries about family members "onga son Americala vera job mariyaachaa?" the celebration of some or other religious festival. He went on speaking in the loudest possible voice, perhaps assuming that the person on the other end could not hear him properly if he spoke in normal voice! My mind preferred hearing his conversation than reading the excellent book on hand!


After nearly half-an-hour, his mobile conversation ended. I started reading the book. But, that experiment was short lived. In my opposite row, a very good looking girl was sitting. Her mobile started ringing. Her conversation lasted for nearly an hour, interspersed with giggles, whispers and  episodic screams. Though she did not speak in a louder voice as the previous caller did, I could still make out what she spoke! My eyes were on the book, but my mind was centered on her conversation (by the bye, she is a doctor-in-the making doing IIIrd year MBBS in KMC. Info source courtesy : Her mobile talk with someone on that day!).


This way, I successfully completed my six hour journey without reading even a single page (but heard the one-sided conversation of several people and thereby gauged their moods). You might think, the mistake lies on my part - overhearing the conversation of others. But, as human nature goes, we tend to do that only.


There can be no denying the fact that the invention of mobile phone is a boon, helping us communicate with anyone, anytime, anywhere. But, should this not be put to judicious use in such a way that it does not disturb others? Certainly, Mobile phone was not invented for enquiring "innikku enna saambaar" from a public place, in a loud voice.


From your landline phone, you may talk with anyone leisurely on a loud noise in your house. But, the same need not be done on Mobile. Whenever, you need to make a call or you receive a call in mobile at a public place, make sure there is enough distance to keep the content private. You may even move to a corner and talk in a husing voice.  Be considerate to the people standing or sitting near you. Moreover, by making others listen your conversation, you are giving out details about you. And next time you find yourself in a public place, watch the reaction of non-mobile users to those who speak loudly in their Mobile phones...


The popularity of mobile phones has created a 'mania' that people tend to take out their mobile the moment they settle themselves on the seats in buses or trains and start making unnecessary calls. Do not fall under that category. Use your mobile phone as judiciously and quietly as you can. Mobile technology would really prove to be a boon.


Shall I ask the same two questions now - Are you....??

-----------------
Bala

P.S: I intend to post the excerpts from my columns in Youth Express in the forthcoming posts ..

SaaS model help desk software market hots up

The entire IT market is exited about cloud computing. Industry analysts have predicted that the spending on the services based on cloud computing will grow over $ 40 billion in about two years from now.

Evidently, cloud computing is witnessing an era of rapid growth. SaaS-based applications crowd the market day in and day out.

Among the various sections of the IT market, the Help Desk software market is very mature and very crowded. Almost all popular service desk vendors are turning towards the cloud. Just about six months ago, there were only very few credible players in the SaaS model of Help Desk. Today, there are quite a lot of offerings in this space.


The latest entrant into this on-demand model of Service Desk software is ManageEngine, makers of a globally renowned suite of cost effective network, systems, applications and security management software solutions. ManageEngine has released ServiceDesk Plus On-Demand, a SaaS-based, ITIL-compliant help desk and asset management application for businesses of all sizes.

ManageEngine is not a new name in the help desk space.  Its on-premise help desk software - the ServiceDesk Plus is quite a familiar brand globally. ServiceDesk Plus On-Demand is the cloud version of ManageEngine's flagship product and the trusted on-premise Service Desk software, the ServiceDesk Plus.

ServiceDesk Plus On-Demand has remained in Beta for over six months and it is Generally Available now.

More info: http://www.marketwire.com/press-release/ManageEngine-Delivers-Hosted-ITIL-Ready-Help-Desk-Asset-Management-Suite-SaaS-Model-1345488.htm

http://ondemand.manageengine.com/service-desk/index.html

Abuse of Access Privileges and Guessable Credentials - Top Cause for Payment Card Breaches

PCI and RISK Intelligence teams of Verizon have recently published a report titled "Verizon 2010 Payment Card Industry Compliance Report'. The report is the result of detailed analysis of nearly 200 PCI assessments done by Verizon Qualified Security Assessors (QSAs) during 2008 and 2009. The sample for the analysis included a mix of organizations of various types.

The report lists out top threat actions based on 2008-2009 payment card breaches investigated by Verizon IR team. Of the ten threat actions, exploitation of default or guessable credentials and abuse of system access/privileges are found to be the cause for 38 % of the breaches.

Time and again, we have been highlighting in this column two very important facts:

1. the security threats caused by the insiders of the enterprises - either disgruntled staff or greedy techies or sacked employees
2. stolen identities, default credentials, guessable passwords could be serving as the ‘hacking channel’ for many cyber-crimes 

The Verizon study once again lends credence to the belief that Improper management of the administrative passwords and lack of effective internal controls often remain at the root of a good number of security threats.

What is the way out?

One of the effective ways to achieve internal controls is to deploy a Privileged Password Management Solution that could replace manual processes and help achieve highest level of security for the data.

Though the reality is that it is not possible to prevent/avoid all security incidents, the ones hat happen due to lack of effective internal controls are indeed preventable.

Password Manager Pro, a trusted solution precisely helps achieve this. A secure vault for storing and managing shared administrative passwords and digital identities, Password Manager Pro helps eliminate password fatigue and security lapses, achieve preventive and detective security controls, meet security audits and improve IT productivity.

With insider threats looming large, taking preventive action is the need of the hour. Use Password Manager Pro and Stay Secure!

Complete details of the Verizon 2010 Payment Card Industry Compliance Report:

http://www.verizonbusiness.com/resources/reports/rp_2010-payment-card-industry-compliance-report_en_xg.pdf

Bala

UPSC Prelims 2011: The New Syllabus & CSAT

Media reports today are abuzz about the new syllabus for Civil Services Aptitude Test (CSAT), 2011.

The proposed changes sound very good in both ensuring fair competition and selecting the best candidates.

According to the reports, CSAT will have two compulsory papers each of 200 marks and two hours time duration.

 

Paper I is much like the present day General Studies except the General Science portion: It will include:

• history of India and Indian National Movement, 
• Current Events of National and International importance, 
• Indian and World geography-physical, social, economic geography of India and the world. 
• Indian Polity and governance, Political System, Constitution, Panchayati Raj, 
• Rights Issues, Public Policy, Economic & Social Development, 
• Poverty, Sustainable Development, Demographics, Inclusion, 
• Bio-diversity & Climate change, Social Sector Initiatives etc 
• and general issues on Environmental Ecology, which do not require subject specialization

Paper II will include subjects like: 

• General Science, 
• General Mental Ability, 
• Logical Reasoning & Analytical Ability, 
• Interpersonal Skills including Communication Skills, 
• Decision Making & Problem Solving, Basic Numeracy (numbers & their relations, orders of magnitude etc, class X standard). 
• English Language Comprehension Skills (class X level), 
• Data Interpretation (charts, tables, graphs, data sufficiency etc, class X level) 

So, the preliminary examination is all set to be replaced by CSAT. This new change seeks to ensure fairness in competition as all the candidates will have to take two compulsory papers - optionals have been done away with.

I know thousands of students whose prospects at the prelims were marred due to the inherent subjectivity of the optional subjects. On the other hand, just by choosing a popular optional, many have hit the jackpot. And no one could predict the trend,  as it differed year after year.

Clearing the civil services exam, particularly the prelims, depended a lot on luck. CSAT is a welcome change in this direction.

And, CSAT now seeks to test the numerical aptitude, English language skills, knowledge on social issues etc. These new areas will help select the best out of the lot.

CSAT might encounter opposition from politicians, but if it gets implemented, that will be good for the Nation!

Bala 

Rajinikanth daughter's wedding - The most popular search in google, USA!

I was just browsing through Google Trends to find information on what people are searching most in the google.

Google Trends lists down 20 most popular search phrases on any particular day. For Sep 3, 2010, our people in USA have searched the google for the wedding photo of Soundarya, Rajinikanth's daughter.

In fact, this search find place twice in the top 20 list!!

Aiyar's Nomination to Rajya Sabha - a welcome move

The news that Mani Shankar Aiyar, the intellectual-politician has been nominated to the Rajya Sabha, made me ecstatic.

I hail from Porayar in Mayiladuthurai constituency from where Aiyar was elected to the Lok Sabha during 1991, 99 and 2004. In the 1998 elections, when Aiyar contested as an independent following difference of opinion with the then Congress president Sitaram Kesari, I was one among the hundreds of youths who rallied behind him. Though he lost the elections, he had garnered over 77,000 votes on his own.

My father, being a senior Journalist, had very close interactions with Aiyar.

I can definitely say that Aiyar was certainly the best MP we have ever seen. He nurtured the constituency very well since 1991, the year of his political debut. Even his opponents admit that he has resorted to honest politics all along.

The specialty of Aiyar was that he moved very close to common men. Even when he served as Union Panchayati Raj Minister, anyone could approach him anytime. Not only that, people could easily confront him.

I remember an incident, when my father once publicly questioned him what steps he had taken to remove the anomalies in telephone rentals in our area. My father's questions were harsh, but Aiyar tackled them nonchalantly. Even after that incident, Aiyar never bore any grudge against my father. He gave him interviews as usual, came to our house during his election campaign and treated him with all kindness.

His Services to Mayiladuthurai through the MPLADS scheme - road laying, contribution for hospital and school buildings, community halls, bus shelters, crematorium sheds and his industrialisation efforts, service to the tsunami survivors and Kumbakonam fire victims, rural development through the Rural Business Hub scheme were also simply great.

It is quite unfortunate that he lost the elections (2009) at a time when the Congress party has emerged much stronger. Though he has lost the elections, he has won hearts.

Aiyar was adjudged one among the best performing ministers in the previous UPA Government. He has indisputably been an outstanding parliamentarian.

Moreover, he never feared to speak his mind. He had great plans for the 'Aam Aadhmi' and was certainly a humane Minister.

Aiyar's works during the past five years as Union Minister in charge of Petroleum, Panchayati Raj, Sports and Youth Affairs and North Eastern States Development have been phenomenal.

Recognising his past services, Prime Minister Dr Singh should re-induct him to the cabinet allocating the same Panchayati Raj and DoNER ministries, in National Interest.

Women Reservation Bill - A Retrograde Step

Until the 'black Tuesday' (Mar 9), I was thinking that Women's reservation bill was something which would never come into reality. Alas, it has been passed in the upper house with a thumping majority.

Not even a single political party in the country is truly interested in bringing this legislation. They are paying lip-service only aiming at garnering votes. The political parties are trying to paint a picture as if the position of women will dramatically improve through this legislation.

What will be the outcome of this bill?

There will be 180+ women MPs and roughly 1500+ women MLAs in the country. I wonder what sort of change this legislation could bring to the womenfolk. Can 180 women MPs and 1500 women MLAs make the lives of women a heaven on earth?

This legislation curtails the legitimate rights of menfolk to contest the elections. As rightly pointed out by the editorial of leading Tamil Daily Dinamani, there are many persons like Union Minister Kamalnath and Basudev Acharya of CPM who have been winning from their constituencies consecutively for the past 8 or 9 elections. They will lose their very right to contest as their constituencies are likely to be reserved for women.

Similarly, I know of a young DMK MLA - AMH Nazeem of Karaikal, a rare breed in politics, who has been winning from the same constituency for the past 6 times. He nurtures the constituency so well that people would like to elect him again and again. If the constituency is reserved for women, people will lose their right to elect a service-minded man.

We can accept the caste-based reservation to some extent as it seeks to make corrections for past discrimination. But, gender-based reservation is untenable.

This bill is definitely against the basic structure of Indian Constitution, which assures equality of opportunity for all and opposes gender-based discrimination. This bill should be challenged in the Supreme Court under the provisions of Judicial Review. This is totally unconstitutional and retrograde.

In Tamil Nadu, there is 33 per cent reservation for women even in Government appointments. I lost selection to the post of Deputy Collector in Group-I services exam due to this horizontal reservation for women. For a moment, imagine the pain it has caused to me. Losing selection to someone in the same category with less marks just because she was a woman!(I do not oppose the bill just because of the personal loss I suffered).

I am at a loss to understand what prevents women from achieving the pinnacle of success. Even without reservation scores of women like Indira Gandhi, Sonia, Mayawati, Jayalalitha, Brinda Karat, Shiela Dixit, Sushma Swaraj, Mamta, Jayanthi Natarajan, Kanimozhi, Prathiba Devi Singh Patel and others could shine. Why then reserve seats?

I would be very glad if the bill gets defeated in the Lok Sabha or if someone challenges it in the Supreme Court.

Embezzlement by Wipro Employee: Insider Threats & Strict Internal Controls to the Fore, Again!

If media reports on the alleged embezzlement by an employee at Wipro are to be believed, insider threat seems to be emerging the biggest challenge for the IT companies.

In the Wipro incident, it is alleged that the fraudster, a qualified chartered account who was employed with the company's 'controllership' division in the finance department managed to siphon off around $4 million from the company's bank account by accessing a colleague's password.

This report once again lends credence to the belief that a good proportion of the frauds and security incidents are being caused by the insiders of the enterprises - either disgruntled staff or greedy techies or sacked employees.

Lack of well-defined internal controls and access restrictions generally pave the way for security incidents. It is also increasingly becoming clear that stolen identities are serving as the ‘hacking channel’ for many cyber-crimes/frauds and improper management of the administrative passwords could potentially remain at the root of a good number of security threats.

How do we avoid cyber threats / frauds?

Not all security incidents could be prevented or avoided; But, the security incidents that happen due to lack of effective internal controls are indeed preventable. Enterprises should take preventive action to combat cyber-criminals and to ensure information security.

One of the effective ways to achieve internal controls is to deploy a Privileged Password Management software that could replace manual processes and help achieve highest level of security for the data.

Read this paper "Combating Cyber Security Threats" from ManageEngine Password Manager Pro for more details and share your feedback.

Bala

Critics - You DO NOT have the right to praise Sachin Tendulkar now!

As Sachin Tendulkar has become the first cricketer to score 200 runs in a one-dayer, as expected, print and electronic media in India are vying with each other in praising him. (Update: On his achievement of scoring 50 centuries, all the news papers are portraying him as God).

These psychopaths who advised Sachin to retire only a few months ago, are now calling him the GOD of Cricket!! Whenever he was out of form or lost consistency, the critics passed crude comments on his age. The same critics are now heaping praise.

Agreed, it is the job of a critic to 'critically analyze' the performance of a cricketer. But, quite often, the so-called critics passed unreasonable, unceremonious, unwarranted and unproductive comments.

I feel, all such people do not have any right to praise Tendulkar now. I am not able to accept the twin standards of these hypocrites.

Sachin belongs to the 'philosophical' class of AR Rahman, Nobel laureate Venkatraman Ramakrishnan, novelist RK Narayan and others who are totally devoid of egos and do not pay any heed to flattery.

Above all, after having accomplished a great deal, he remains totally calm. Accepts 'Himalayan' success with all humility. I am sure Sachin would take both bouquets and brickbats in the same manner.

Shameless 'critics' - change your attitude at least now. Engage yourselves in constructive criticism.

Hard Coded Credentials, a dangerous programming error

For applications and scripts in your infrastructure that communicate with other applications using a password, the normal practice is to hard-code the password in a configuration file or a script. To explain further, for Application-to-Application or Application-to-Database communication that happen without human intervention, normally organizations define the access permissions in one application (say Application 'A') and hard-code the passwords to access the Application 'A' in scripts or embed them in the calling application (say Application 'B') itself.

These hard-coded passwords pose a significant security threat as malicious users getting access to the script could easily decipher the password and unleash disaster.

Common Weakness Enumeration (CWE), a community developed dictionary of software weakness types has recently released the list of 'Top 25 Most Dangerous Programming Errors'. The list is the result of collaboration between the SANS Institute, MITRE, and many top software security experts in the US and Europe. It leverages experiences in the development of the SANS Top 20 attack vectors and MITRE's Common Weakness Enumeration (CWE).

MITRE maintains the CWE web site, with the support of the US Department of Homeland Security's National Cyber Security Division, presenting detailed descriptions of the top 25 programming errors along with authoritative guidance for mitigating and avoiding them.

Among the top 25 dangerous programming errors, use of hard-coded credentials is listed at No 11.

CWE explains :

Hard-coding a secret password or cryptograpic key into your program is bad manners, even though it makes it extremely convenient - for skilled reverse engineers. While it might shrink your testing and support budgets, it can reduce the security of your customers to dust. If the password is the same across all your software, then every customer becomes vulnerable if (rather, when) your password becomes known. Because it's hard-coded, it's usually a huge pain for sysadmins to fix. And you know how much they love inconvenience at 2 AM when their network's being hacked - about as much as you'll love responding to hordes of angry customers and reams of bad press if your little secret should get out. Most of the CWE Top 25 can be explained away as an honest mistake; for this issue, though, customers won't see it that way. Another way that hard-coded credentials arise is through unencrypted or obfuscated storage in a configuration file, registry key, or other location that is only intended to be accessible to an administrator. While this is much more polite than burying it in a binary program where it can't be modified, it becomes a Bad Idea to expose this file to outsiders through lax permissions or other means.

So, use of hard-coded credentials is a very, very bad programming practice. But, the question is, how to avoid this? What is the alternative?


The good news is that ManageEngine Password Manager Pro provides effective ways to eliminate the hard-coded passwords. If you have applications in your infrastructure that require connecting to other applications using a password, they can query PMP to retrieve the password. One application (say Application A) would contact the PMP for the password to access another application (say Application B). On getting the password, 'A' would contact 'B' and all these have to happen without human intervention.

This way, the application-to-application (A-to-A) passwords can also follow good password management practices like periodic rotation, without the trouble of manually making the updates at many places. Same procedure can be used for Application-to-Database password management (A-to-DB).

PMP provides Password Management APIs using which any enterprise application or command line script can programatically query PMP and retrieve passwords to connect with other applications or databases.

PMP provides two flavors of the API for this purpose:

* a comprehensive application API based on XML-RPC over HTTPS and
* a command line interface for scripts over secure shell (SSH)

Both the forms use PKI authentication for allowing access to the PMP application through the API. The XML-RPC API also comes with a Java Wrapper API to make it easy for integrating it with Java applications.

Visit www.passwordmanagerpro.com for more details.

Good to See Tamil Nadu Government Going Hi-Tech

When it comes to embracing the latest developments in technology, the Government - both Government of India and all other state Governments - had been very slow. The Governments of Western Countries are far far ahead of us in going hi-tech although many of the software used by them were created by brilliant Indian techies.

In a welcome change, Tamil Nadu Government seems to be making effective use of the technological advancements.

Deputy Chief Minister Mr MK Stalin seems to be the prime mover behind this. The Dy CM himself is an active blogger and takes quick action on the grievances aired by the citizens through comments on his website - http://www.mkstalin.net/

Almost, all the Government departments now have an active, informative websites.

To cap it all, today, I was very glad to find Chennai Corporation on Twitter - http://twitter.com/chennaicorp

However, when it comes to enabling online payments for various services, the Government departments are still lacking. Transport department seems to be the worst in this regard. Hope, the energetic Deputy CM, who has ushered in the hi-tech era in Governance, would bring in lot of welcome changes!

Dead surgeon’s heart is now beating in this patient’s body - Homage to Dr Krishna Gopal

Happened to read this moving story about Dr Krishna Gopal in Calcutta Telegraph. Dr Gopal, a famous cardiac surgeon at Madurai had a fatal fall at his house on Dec 26. When he was declared brain dead, his family decided to donate all his organs.

It is quite surprising why the Tamil media has not accorded due importance to this story!

May his soul rest in peace. Lets pray God to give mental strength to the bereaved family...

http://frontierlifeline.wordpress.com/2010/01/04/organ-donation/

Golden heart in mouth, race saves lives
G.C. SHEKHAR

Chennai, Jan. 1: Dr Krishna Gopal will live not only in the memories of the 400 patients on whom he performed heart surgery but also in the heart of one he could not operate on.

The dead surgeon’s heart is now beating in this patient’s body. Just as his kidneys have saved two more lives.

The transplants were made possible against a tight deadline through a feat of co-ordination — which almost mirrored Hollywood — between four hospitals in three cities and the police of Chennai and Madurai, who cleared the roads to city airports. The state medical authorities did their bit, speedily granting a crucial licence.

The organs were all transplanted last night, after Dr Gopal, 40, had died of head injuries caused by a fall from the terrace of his apartment in Madurai.

The chief cardiac surgeon at Madurai’s Vadamalayan Hospital was declared brain dead on Wednesday after being admitted to the same hospital on December 26. His wife Jeyapriya Gopal, a media co-ordinator with Chennai’s Frontier Lifeline Hospital, immediately decided to donate his organs.

“After keeping him alive through a ventilator for four days, the doctors said there was no brainstem activity. Since my husband had always talked about the merits of organ donation, I knew he would have wanted it this way,” Jeyapriya said.

“So we told the doctors the body should be prepared for harvesting the heart, liver and kidneys. For someone who has performed 400 heart surgeries with a high success rate, there could be no greater tribute than his own heart beating in another patient’s body.”

So a team of doctors flew in from Chennai’s Frontier Lifeline, where Dr Gopal had once worked before joining the Madurai hospital to serve the rural population.

However, Vadamalayan Hospital’s application for an organ transplant licence was still pending. The director of medical services solved the problem by granting it on Wednesday itself.

The Chennai doctors reached Madurai yesterday morning. They began removing the heart at 5.45pm and completed the job in less than an hour, in keeping with airline schedules — a harvested heart has to be transplanted within four hours.

The organ was put in a double-walled, sterile and cooled container — an 18-inch cube-sized box — and rushed to the airport, 12km away, in an ambulance. The police blocked traffic en route for 40 minutes.

At 7.20pm, Paramount Airlines’ Madurai-Chennai flight took off, with a doctor carrying the box as cabin baggage. The flight landed at 8.20, but the hospital was still a 14km drive away through one of Chennai’s busiest roads, bustling with New Year’s Eve traffic.

Chennai police, informed in advance, created a “green corridor”, allowing the ambulance to make it in 30 minutes. At Frontier Lifeline, surgeons had already opened up the patient’s chest and put the recipient (whose identity cannot be revealed) on a heart-lung machine. The transplant was able to meet the deadline.

Creating green traffic corridors for the sake of transplants is common in Chennai.

Dr Gopal’s liver and eyes were found unfit for transplant — they were probably damaged by the fall — but his kidneys were taken out.

Kidneys have a 12-hour transplant deadline. One was driven to another Madurai hospital, Meenakshi Memorial, which already had a functioning transplant unit. The other was put in the same kind of box as the heart and driven to Tirunelveli, where a patient was waiting. Aided by a police escort, the ambulance made the 160km distance in three hours and the organ was transplanted the same night.

In spite of her grief, Jeyapriya personally co-ordinated the entire operation. “Getting the organs transplanted successfully was the only objective at that time. Else, my husband’s gift would not have benefited anyone,” said the mother of a 12-year-old son and nine-year-old daughter.

Jesus and 10 Lepers - Learning not to expect gratitude!

During my boyhood days, I used to hear stories from my uncle - my father's elder brother. Most of the stories told by him were based on the Biblical stories for the children. The stories contain very good morals and in fact, most the good qualities I possess, were due to the influence of those stories.

And one such story provided me solace when a hurting incident took place at my native place Porayar in Nagapattinam district two days ago.

First, let me explain the story and then the incident:

During the times of Jesus Christ, leprosy was a terrible disease and lepers had to live outside the towns/villages. One day, Jesus was on his way to Jerusalem and 10 lepers came on his way. They prayed: "Jesus, have mercy on us!". When Jesus touched them one-by-one, all the 10 lepers were perfectly cured.

Once cured, only one out of the ten came back to Jesus to say "Thank You". Other nine had simply went away without even showing the bare minimum gratitute. They did not even thank Jesus. But, Jesus did not care about them as he did not expect others to remain thankful to him.

What does this story indicate? Nine out of 10 in the world are thankless and ungrateful. If we ever receive some help from others, we must be like the 10th leper who got back to thank Jesus. And if we help others, we must prepare ourselves not to expect gratitude.

Now, coming to the incident:

A man, friend of my uncle, was struggling to maintain his family with his meagre income. He often turned to my uncle for financial help. A few years ago, I happened to help him, which proved to be the turning point for his family. Now, they are well off and I am very happy that a positive change had happened to them.

Two days back, at my native place, when I was standing on the street showing stray cattle to my son, that man happened to pass through in a bicycle. He looked at me profoundly, but did not even utter a word or a smile. For a moment, my mind went back a few years. The very man was standing at my doorsteps seeking that help from me with all politeness and humility. Today, the same man does not even care to give a smile.

I felt terribly hurt. When I conveyed this to my uncle, he quietly asked: "Don't you remember the Jesus and 10 lepers story I told you years ago?. World is full of ungrateful people, but we should just ignore them. Learn not to expect gratitude".

That calmed my mind. I don't bear any grudge against that man. I will help him again, if he were to approach me for something; but, I will do that without expecting gratitude!