Anthony Ricigliano Business Blog

The Business threat from Spyware
Anyone who uses a modern computer today is aware of spyware. To most people, spyware is a petty annoyance generated by less-than-ethical advertisers, search engine designers, software distributors and hardware manufacturers. Spyware is used to track, record and report activities of interest to third parties, usually without the consent or knowledge of the persons being monitored. Casual home computer users rarely need to worry about spyware; however, in business applications, spyware can be used to devastating effect by the competition’s corporate spies and analysts.

Spyware Identification and Some Simple Solutions

Spyware is generally encountered in three major distinctive forms: Hardware, firmware and software. All three types have various characteristics which can make defeating spyware difficult.

Hardware Spyware

An example of hardware spyware is the unique identification number of an Intel Pentium or later class of CPU. This number can be used to specifically identify any CPU. When combined with appropriate software, this number can be directly linked to an IP address and the precise location – if not the exact user – can be determined. The solution for this problem is using computer motherboards with BIOS setting that are capable of disabling access to those numbers. The solution for hardware devices can be complex, as most firmware and hardware is designed not to be detected nor disabled.

Firmware Spyware

Firmware spyware is semi-permanent software running at the machine hardware level. The BIOS CMOS chip is where it usually resides. Most is relatively innocuous; however, someone with malicious intent can replace the BIOS with a custom-made copy which can contain code to enable access to the computer. The best defense is to use factory-authorized and distributed firmware.

Software Operating System Spyware

Software spyware can exist in either the operating system or in applications. An example of operating system spyware was the recent disclosure of an operating system file that was inaccessible to casual users that recorded the GPS locations of where the device was physically located through its existence. The Apple iPad tablet and other similar PDAs used similar technology. After the spyware was brought to the public’s attention, the manufacturer quickly released a patch to the operating system that disabled the file.

Applications Spyware

This is code embedded within a program which can track and report a user’s activity. Typically, a file is generated within the application’s limited access areas, however, cookies can also be generated such that when the device is online, the recorded data – often in an encrypted form to hide its nature – can be accessed with ease. In theory, the EULA is supposed to disclose any use of data derived from use of an application, however, the legal wording is tedious to follow and it is almost universally ignored by the user installing the application. There are a number of spyware scrubbers available for retail sale that can clean up residual traces of activity and help ensure some modicum of privacy. But, as with any other software backup system, it is only good when it is regularly and routinely run.

The Business Challenge

Awareness and education are the critical components of fighting spyware. It is insufficient to simply install a software application and rest assured in the knowledge that the computer is protected. It is not. It would do absolutely nothing to prevent a spy from installing a wireless hardware keystroke logger into a keyboard and downloading a complete log of all of the keyboard activity on demand and by remote control. Passwords, account numbers, sensitive corporate data all would be compromised. Physical security, situational awareness and constant vigilance are a business’s best and only adequate defense.

Spam, named after the canned meat that has been the butt of many jokes, is the mass sending of unsolicited emails. It clutters email inboxes, makes it hard to find legitimate communications, eats bandwidth, consumes mass amounts of storage, and irritates the computer user. If the computer user makes a mistake and opens the wrong email or clicks on the wrong link, their computer can quickly become infected with a virus or spyware. Spam is considered so detrimental to normal communications that the Federal Trade Commission (FTC) has passed the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act aimed at preventing spam.

Spam Statistics
The numbers related to spam are staggering. To illustrate how large this problem is, take a look at the following numbers:
• Globally, unsolicited spam emails account for 14.5 billion messages each day. This represents 45% of the total email volume.
• The largest volume of spam originates in the United States, with Korea following close behind.
• The top three spam categories are advertising at 36%, adult-related material accounts at 31.7%, and financial material at 26.5% of all spam emails.
• Although spam is annoying, only 2.5% of all spam is fraudulent. Identity theft, or phishing, makes up the majority of fraudulent emails.
• Annually, it is estimated that spam costs the business world over $71 billion each year in processing time and lost productivity. That number is expected to grow to $257 billion per year if spam is allowed to continue at its current growth rate.

New Generation of Email Risks
Spam isn’t just annoying, it brings many larger problems. Spam is one way that hackers can access your system. If they can convince an unsuspecting user to click on a link, they may be able to install malware on your system. Certain types of malware will provide the hacker with a backdoor into your network that they can use to access valuable information. Other types of malware will capture specific types of information and send it back to the hacker. Using these methods, your private company information or the private financial information of your customers can be easily compromised.

Another way that tricky spammers can impact your business operation is by impersonation. They will create emails that appear to be from your organization and send them to millions of email addresses hoping that someone will believe their masquerade. To take this fraudulent hoax a step further, they may even create a website that resembles the official landing page. In this way, they could trick your customers into revealing important financial information and compromise your reputation.

Your company’s reputation could also be damaged if spam gets past your defenses and infects your system with a virus. The virus could use your email system to send out malicious spam to people in your address book which could also infect their systems. They will blame the original creator of the virus, but they will also blame you and your lax security procedures.

In addition to compromised reputations, other impacts represent real dollar amounts. Anti-spam technology costs businesses of all sizes a substantial amount of money in software and hardware solutions. The lost productivity experienced as employees deal with spam email translates into a major payroll expense. Wasted storage and bandwidth combined with increased internet connection costs run the spam bill up even more.

Impact on Small and Mid-Sized Business
Small and mid-sized businesses are often impacted more severely than larger businesses. They often lack the resources to implement counter-measures to detect and quarantine spam which leaves them open to risks. In addition to the loss of productivity caused by spam, the threats listed above are a larger threat to smaller businesses. Just like larger companies have the resources to fight spam, they also have a larger budget to recover from any damage done to their reputation by compromised personal information. In contrast, small to mid-sized businesses face the potential to lose a large portion of their customer base due to problems caused by spam.

Detection Methods
As new security protocols are put into place to combat spam, creative spammers are working equally hard to find a new way around them. This trend of increasingly sophisticated security threats is causing electronic security professionals to rethink and bolster protective measures. While it is fairly easy for a human to determine if an email is spam, it’s not as easy for a program to do the same. If a legitimate email is identified as spam based on a security program’s inspection criteria, it is referred to as a false positive. While there is a certain amount of risk involved with missing important messages, most spam blockers rely on identifying spam by inspecting the contents of the email.

Additional methods are being developed. Some companies rely on DNS-based blacklists where a third-party service identifies spammers and maintains a list of sites that are known to send large amounts of spam. Another method quantifies the “alienness” of strings. It analyzes the incoming email and identifies it as spam if it has a substring that has a high degree of alienness when compared to the rest of the message. Security software developers continue to try to stay ahead of the spammers and hackers, and new detection methods can be expected in the future.

Amthony Ricigliano

Author Anthony Ricigliano: If the time has come to raise funding to expand your business, you’re likely to be presenting your business to a variety of investors. Assuming that you are past the “friends and family” funding stage, you could end up presenting to investors referred to you by your friends and family or to angel investing syndicates. First of all, your company either has a product/service or has something in the concept phase. Either way, there are points to be made and mistakes to avoid. One of the biggest mistakes business owners make is over-emphasizing how great an idea their product/service is. Don’t get me wrong, differentiating yourself from the competition is important. The problem here is, quite frankly, your idea is probably being pursued by other companies right now. If it’s a really great idea, there will more people chasing it in a few weeks or months.

Here’s another crack in the “My idea is so great that we’ll take over the world” pitch. Getting a patent for it may or may not protect you. If a patent isn’t allowed or doesn’t protect you for some other reason, that’s one thing. If it does, you may be taking on a problem that kills your company anyway; a long drawn-out court battle.

Don’t toss up your hands and walk away yet. There is a way to differentiate your business, impress investors, and realize your business’ potential; focus on execution. A detailed roadmap of how you’re going to outwork and execute better than your competition is what is going to matter both to your potential investors and to your company.

It’s quite possible that the reason you started your business is that you see endless potential with opportunities dovetailing out to other endless opportunities. You see the market as broad and deep with revenues sitting out there for the taking. Here’s another mistake to avoid; spending more time on the huge potential that exists from these dovetailing markets as opposed to the opportunity that exists in the short term. It doesn’t matter if the first market opportunity is infinitesimal compared to the downstream markets, your potential investors are going to want to hear how your company is going to grow on a step by step basis.

Next, presenting your business as having no competition may sound great but a space with no competition really isn’t a space at all. An investor hearing that there’s no competition should immediately wonder if a market exists and, if it does, ask why no one is addressing it. Having the answer to a question that isn’t being asked is a sure way to lose an investor and a lot of time waiting for that market to develop, if it ever does. A great example of this type of situation is Corning’s “Gorilla Glass” which was patented in 1962 and sat on the shelf for almost half a century before markets developed in high tech and high definition televisions. Corning could afford the wait but that luxury isn’t available to startups. Competition in a space confirms that there is a market, now it’s up to you to out-execute the other players that are already out there.

By Anthony Ricigliano

Author Anthony Ricigliano: It’s not over yet in housing as the recent July sales reports of new and resale homes hit lows not seen for three years. The July numbers were off by twenty percent from the previous month in Southern California with other reports showing similar declines as new and re-sale home sales fell sharply across the country for the month of July. The supply of houses currently for sale would take over ten months to sell at current demand levels with indications that the time frame could extend to a year in the near future. The high for this metric was 11.2 months in February of 2008.

Keep in mind that these are numbers supplied by the National Association of Realtors (NAR) which has developed a reputation for finding the silver lining behind every cloud in the real estate market for years. Other industry watchers numbers show a picture of housing which is even bleaker.  Housing economist Thomas Lawler’s preliminary estimate for existing home sales in July is 3.95 million. If that’s the case the number would mark the lowest number of sales since 1996. Going further his estimate for the supply of houses currently on the market in July would calculate out to 12.3 months of supply.

Historically, normal housing markets which are health have less than 6 months of supply according to studies by Case-Shiller. Once the supply number goes over six months, prices soften and start to fall. These metrics for the supply of housing don’t include an aspect that didn’t factor in much or was completely non-existent; shadow inventory.

Shadow inventory is made up of homes which have been foreclosed but aren’t currently listed for sale by their respective REO departments. Shadow inventory homes typically kept off of the market when an area has been hit with a high foreclosure rate. The logic here is that putting more homes up for sale, in addition to a boatload already out there, is just going to scare potential buyers and depress prices further. Shadow inventory numbers are part of the total of homes in a lender’s REO department and getting precise numbers is difficult. One estimate number which was put forward by well respected Amherst Securities analyst Laurie Goodman in congressional testimony in December 2009 came in at 7.2 million.

If that number is close to reality, the actual supply would take a lot longer to liquidate. That’s a big chunk of homes to get through, made even tougher by a soft jobs picture and lending standards which either exclude buyers completely or relegate them to the very low end of the market.
Keep in mind that this inventory buildup occurred as sales were pushed forward by the homebuyers’ tax credit, which is now expired. What it all means is that the housing recovery has a way to go which could include another bout of lower prices. The one piece of advice I can offer is any statistics coming out of the NAR should be taken with a grain of salt.
By Anthony Ricigliano

If you have been pitched on variable annuities by your broker, financial advisor, or life insurance agent, you’ve already heard everything that is good about them. The sales pitch normally includes benefits such as tax deferral, income for life, and downside protection from market fluctuations. It all sounds well and good until the details on how the annuity is actually going to work are explained.

The Bad:

* One of the foundations of a variable annuity pitch is “You’ll have a lifetime stream of money.” This is called annuitizing the policy and once elected, starts paying you money at a regular interval whether it’s monthly, quarterly, etc.  The decision to annuitize is most often irreversible, mean that you can’t elect to take payments for a while and then cash out the rest of your policy. In reality, once you annuitize your policy, you no longer own the money that was in your variable annuity, you only own the privilege of receiving your scheduled payments. The really bad part of this aspect of the plan is that your annuity payments will be structured based on actuarial tables which will determine the amount of the checks coming out of the policy. Annuitize at an early age and your payments will be much lower than if you start taking payments at a later date. If the actuarial number determines a 5 percent payout on the amount of the policy, you’ll be receiving your own money back for the first twenty years of the annuitization. It’s only after that time that you’ll start receiving funds beyond the value of your policy.

* Tax deferral comes with a price. If you want access to your funds prior to age 59 and a half, you’ll pay taxes and penalties of 10% of the amount withdrawn. At the higher tax brackets these costs could cut your withdrawal in half.

* If you’re a buy and hold investor, you’ll lose out on capital gains treatment because gains are taxed as ordinary income when they’re withdrawn from a variable annuity.

The Ugly (It Gets Worse)

* If the bad stuff isn’t enough, it gets worse with surrender charges. Once you made your initial investment, you’ll be locked for eight to ten years of surrender charges if you decide that you either need your money or that your variable annuity isn’t such a great investment. Combine surrender charges with early withdrawal penalties and taxes and you could lose more than half of your money.

* You’ll also see a big chunk of change go toward the sales commission. Commissions can top 5% and range up to 8% for some annuities.

* All the bells and whistles that provide benefits in an annuity come with fees, expenses and other charges. These come directly out of any returns that may be earned in the policy. Over the years these charges can add up to a significant amount of money.

Insurance companies love selling variable annuities because they bring in loads of cash in the form of fees and expenses while locking investors in for years. The next time you’re hearing a presentation which highlights the good, remember the bad and ugly aspects of these annuities as well.

Author Anthony Ricigliano

It’s hard to imagine which statistics U.S. Treasury Secretary Timothy Geithner was looking at when he wrote an article for the New York Times called “Welcome to the Recovery”. The article pointed to improvements in the U.S. economy was making while ignoring a host of statistics which show a struggling economy at present with some huge challenges ahead.

While the government has tried to spur consumer spending with programs like “cash for clunkers” and the first time homebuyers’ tax credit, the end result is that the programs have run their course without much effect leaving more debt on the books. With consumer spending making up two-thirds of the U.S. GDP, a real recovery will not occur until consumer spending comes back.

Unfortunately, for consumer spending to rebound the weakening jobs picture will have to improve first. This is just one of the massive challenges facing the economy as jobs continue to be lost either due to domestic economics or the transfer of jobs to countries with workers who will take one-tenth the pay of their U.S. counterparts. The U.S. economy lost 131,000 more jobs during the month of July and by some estimates has lost over ten million jobs since 2007. Workers who have lost their jobs are also having a difficult time finding new work as evidenced by the record set in average time needed to find a job, which at present has reached 35.2 weeks.

The stress of the worsening unemployment picture is also being reflected by the struggles at the consumer level. More Americans are now receiving food stamps than ever before with May’s number coming in at over 40 million. The May number was the 18th month in a row that a new record has been set for Americans on food stamps.

Distress is also being seen mortgage and debt payments. A new record was set in the first quarter as more than 10% of all U.S. homeowners with a mortgage had missed at least one mortgage payment. Additionally, the total number of loans that were delinquent by at least three months increased in the first quarter for the 16th consecutive quarter.

In trying to restart the economy with debt, the government will have racked up a total national debt which will top $13.6 trillion this year, according to the most recent U.S. Treasury Department report to Congress. The debt, and interest owed on it, will limit future government stimulus efforts. The interest payments alone on the debt are now estimated to top $700 billion dollars, approximately 17.5% of the total government budget for the country.
With these kinds of statistics staring him in the face, one wonders what kind of recovery Mr. Geithner has envisioned. Financially hobbled consumers, a bleak employment picture, and a government so deep in debt that future stimulus options may not even be feasible make his New York Times article look like nothing more than happy talk. With the future of millions of Americans at stake, we don’t need “spin”. We need some reality-based action in a hurry.

News By Anthony Ricigliano

By Anthony Ricigliano: Consumer protection laws, as laid out by the Credit CARD Act, have forced credit card issuers to get both creative and aggressive in order to make up for charges and fees they’ll no longer be able to collect from card holders. The laws for credit cards, part of consumer-protection legislation signed into law by Congress in spring of 2009. The laws targeted abusive practices which had become business as usual for credit card issuers, such as raising interest rates without warning and misleading interest rate disclaimers which amounted to bait and switch tactics. Issuers have estimated the legislated changes in how and why they can charge customers will eliminate an estimated $390 million in credit card revenue.

The scramble is on as credit card issuers seek to recover lost revenues from a shrinking base of users. The shrinking base is a result of consumers switching over to debit cards as a way to avoid interest rate charges as well as to self impose a budget that doesn’t include debt. With a doors closing on many types of fees, issuers are coming up with new ways to generate revenues from their card holders. Some of these tactics are:

• Annual fees which are either being charged for the first time or are being hiked sharply.

• Raising interest rates even for card holders with no infractions.

• Increasing fees on late payments and overdrafts.

• Shortened billing cycles which require faster payment. Shorter cycles also mean that there are more chances during the year for a client to make a late payment.

• Charging inactivity fees or charging for not meeting minimum charge amounts.

• Higher fees for using the card outside of the country.

It’s likely that more charges will follow, so pay attention to notices that come from your credit card company as well as your monthly statement. If you get hit by a charge or get a notice that your rates are headed higher, call the credit card company immediately and fight it. Issuers will waive charges on first infractions and sometimes the second ones as well.

On another note, be aware that your debit card can be considered a checking account, even if you don’t write a single check. Free checking accounts are quickly becoming a thing of the past as more banks charge monthly account fees, fees for paper statements, and fees on overdrafts.  Overdraft fees are a killer especially when a bank charges overdraft fees on every charge of the day even though the account wasn’t overdrawn until the last charge. Under this circumstance, over drawing your account by 50 cents can result in fees of over $150 if you had other charges during the same day. The lesson here is to pay attention to your account balance and the fees which hit your account. Left unattended these fees can add up quickly and cause problems beyond just the fees themselves.

Author Anthony Ricigliano

GEMRDXJBVRGK  technorati.com

By Anthony Ricigliano: Many small businesses get to the point where going outside their four walls to have someone else tell their story sounds like it might make sense. In many cases it does, and in some it probably doesn’t. The key here is in knowing the difference. This is the first issue to sort out in terms of deciding whether you should hire an outside public relations firm or not. Let’s start out by eliminating a couple of business types which either won’t benefit by hiring outside PR or which could get their story out in a more efficient manner.

* Businesses with a local or regional target market – A PR firm might help here but there are a number of other ways to highlight your company. Local search is becoming so specialized at search engines like Google that you can probably engage a firm to search engine optimize your business at a fraction of the cost of a PR firm.

* Businesses with a highly technical product or service that a PR company simply isn’t going to get. PR from a firm that has no idea what you do is probably going to do more harm than good.

* Companies which have just gone public and are listed on the pink sheets or the bulletin board. Brokers can’t recommend your stock, trade mags aren’t going to be happy with ”buy our stock” solicitations, and going direct to the public can be prohibitively expensive.

The types of companies which can benefit are those with national markets, branding objectives, and the ability to stick with a marketing strategy for the long term. Once the decision has been made to hire a PR firm, there are several actions you can take to maximize the relationship. These include:

* Making sure that the company understands your products and/or services.

* Defining your target market and your marketing strategy so that the firm understands what your objectives are.

* Do not let the PR company take you in a direction you don’t want to go.

* Controlling your company’s message. It’s amazing how often a line like “Trust us, we’re professionals” neuters a business owner to a point where the PR firm starts defining the company from the inside out.

* Demand measurable results. Hiring a PR firm is about getting a return on your investment. Make sure you’re getting results.

Most relationships fail with PR companies due to poor planning and insufficient communication. Don’t expect miracles from your PR company. In fact, they’re really going to be only as good as the direction and guidance you give them as they roll out your campaign. Plan on participating in the process and you’ll stand a much better chance at having a successful relationship with your PR firm.

Advice By Anthony Ricigliano

Read Technology News By Anthony Ricigliano: The people at Google, who have always bent over backward to avoid the “evil” tag applied to Microsoft, have apparently decided that a little evil is ok if it means control of the internet. As announced with Verizon, the policy framework they are proposing would be the first giant step toward the corporate takeover of the internet and the end of “Net Neutrality”.

Let’s backtrack a little and talk about real Net Neutrality. What this means is that internet service providers, like Verizon, must guarantee that all web sites and internet technologies are treated equally, whether it’s CNN or a grandmother who wants to blog about knitting. Neutrality allows for anyone to distribute information and media content, whether it’s a video of cats doing tricks or a personal account at the scene of a disaster. This neutrality enables anyone with a website the ability to find an audience and has served as the main reason for the explosion of internet users around the world.

The proposal put forth by Google and Verizon essentially tries to reverse the openness of the internet back to a model where ISP’s like AT&T, Verizon, and Comcast as well as companies like Google can decide on a pecking order of who can distribute information and how it’s done. The size of the stakes is huge as in the very near future all video, radio, phone and other services will soon be delivered through an internet connection.

Starting with wireless networks, the Google and Verizon policy statement allows ISP’s to do anything they want from blocking websites to making distributors pay to have their sites available for viewing. Wired networks get the lip service of non-discrimination but the standards are so weak that websites can be blocked as well. The proposal would split the internet into two classes with the upper class mandating paid access for content and applications while the secondary level would remain for everyone else.

ISP’s would also regulate which applications would be prioritized instead of allowing internet users to decide for themselves. If Verizon has a crummy application that is competing against one with all the bells and whistles, this model could effectively enable Verizon to crush small competitors offering higher quality apps. This is not far removed from the big three auto makers crushing small competitors in their early days.

The pact also does its best to eliminate regulation by turning the FCC into a quasi-complaints department while true monitoring would be relegated to a committee either controlled or made up of people from the industry. Self regulation, in the form of “We are professionals and we know what we’re doing” delivered the BP disaster to the Gulf. Google and Verizon are taking the same type position regarding the regulation of their proposed version of the internet.

By Anthony Ricigliano

News and Advice By Anthony Ricigliano: With so much going on around it, the Fed appears to have forgotten one of its two mandates; the forgotten one being to promote full employment. The last time anybody there looked, the unemployment rate was and still is 9.5%. This number is very likely to head higher in the second half of the year. The economy lost another 130,000 jobs last month and estimates for the GDP range from a slip back into negative territory to around 1% to the positive over the next four quarters.

With these circumstances the Fed, if they were following their mandate, would be taking aggressive steps to bring the economy back to full employment. With inflation numbers hovering around one percent, there are no worries that prices are going to run away anytime soon. In fact, inflation numbers in the 3 to 4% area would probably go a long way toward getting companies to begin hiring again due to a sharp decrease in real interest rates.

The issue keeping the Fed from pursuing its employment mandate is that those levels of inflation would be very unpopular with Wall Street. Superseding the needs of Americans who are out of work, 3 to 4% inflation would be devastating to Wall Street by hammering the massive amounts of mortgage debt on which they’re currently sitting. So who is the Fed listening to?

The fact is that Ben Bernanke’s Fed has had Wall Street’s back all along, going back to the beginning of the banking crisis when, by their own doing, Wall Street’s banks teetered on the edge of bankruptcy. That time Bernanke conned Congress into passing the Troubled Asset Relief Program (TARP) by saying that the commercial paper market was in jeopardy of freezing up, with a near term result of denying access to short-term credit necessary to operate through the meltdown. What he didn’t mention was that the Fed could have opened its own lending facility for that purpose. Coincidentally, he announced the establishment of a lending facility to buy commercial paper the weekend after Congress approved TARP.

That the Fed had a direct responsibility for inflating the housing bubble goes without saying. Even as signs of overheating were becoming obvious, Alan Greenspan himself was talking up adjustable rate mortgages as a means buy a home. These were the same types of mortgages that started the housing debacle but the Fed stuck to its guns as long as possible.

What the country needs at this point is a truly independent Fed that is not beholden to Wall Street and remembers its mandate of promoting full employment for the citizens of this country. We don’t have that now and it’s hard to imagine getting something like that anytime soon. One thing is for certain, with the Fed behind it, Wall Street knows it can mess up big and the Fed will be there with a shovel to clean it up.

Author Anthony Ricigliano