358 Lotus blogs updated hourly. Who will post next? Home | Downloads | Events | Pods | Blogs | Search | myPL | About 
 
Latest 7 Posts
Get Access -- Voice of the Partner is Live
Wed, Dec 17th 2014 278
IBM Mobile Connect POODLE Fix
Mon, Nov 3rd 2014 258
IBM Protector for Mail Security POODLE Fix
Wed, Oct 22nd 2014 278
Silent No More: IBM Makes Security Announcements on SHA-2, TLS, POODLE
Tue, Oct 21st 2014 359
New SSL3 Exploit: The POODLE Is Here and Lifting Its Leg
Wed, Oct 15th 2014 2214
Linux Bash Bug - Shellshock - FINAL FIX RELEASED: Get Patched (AIX, Mac Too)
Mon, Sep 29th 2014 230
Linux Bash Bug - Shellshock - is Real: Get Patched (Mac Too)
Thu, Sep 25th 2014 259
Top 10
New SSL3 Exploit: The POODLE Is Here and Lifting Its Leg
Wed, Oct 15th 2014 2214
Managing VMware Tools on Linux, Part II: Fixing "An error occurred while mounting" During Boot-up
Sun, Jul 14th 2013 389
Silent No More: IBM Makes Security Announcements on SHA-2, TLS, POODLE
Tue, Oct 21st 2014 359
IBM Protector for Mail Security POODLE Fix
Wed, Oct 22nd 2014 278
Get Access -- Voice of the Partner is Live
Wed, Dec 17th 2014 278
Linux Bash Bug - Shellshock - is Real: Get Patched (Mac Too)
Thu, Sep 25th 2014 259
IBM Mobile Connect POODLE Fix
Mon, Nov 3rd 2014 258
"IBM iNotes on Firefox 26 is Inoperable" -- FIXED
Thu, Dec 26th 2013 233
Linux Bash Bug - Shellshock - FINAL FIX RELEASED: Get Patched (AIX, Mac Too)
Mon, Sep 29th 2014 230
Skype 4.3 on Linux Crashing? Here’s a Fix.
Tue, Aug 5th 2014 224


LotusLearns -- The Good, The Bad, and Yes, It’s Ugly (Underneath)
Bill Malchisky    

Plenty of members in the blogger community are discussing this important topic. I am all for aggregating content to make people find information easier for how they use the web. The issue is that most of the blogger content is protected by copyright. That is sacred. Being a published author, this topic is sensitive for me. Very early in my consulting career, I was on a project where a consultant working for a competing firm and from a country that had few protections for the written word, borrowed the training material from a Lotus class paid for by the customer. He then went around to all of the other customers asking who wanted a copy. I declined. He then asked my trainer who was a CLI. She gave him an attitude adjustment and went to the client. Being a man of integrity, the client immediately saw the issue and fixed the problem. The point is that we take our protections of published work seriously here. For someone to disrespect the author's wishes for how their information is to be disseminated is shameful.

Another aspect is of the marketing on the site. Do the vendors know that the content on the site is being provided in a manner that is questionable in character? I would guess, and this is conjecture on my part, but most are probably sold on the concept sans seeing the site. If there were involved early on, then most definitely, in my opinion. Curious how the sponsors would respond if they knew there name was appearing adjacent to potentially illegally published content. If the business owner has integrity, I would think the advertising revenue stream would dry-up quickly. But that is a guess on my part, knowing nothing about LotusLearns particular arrangements therein.

If the CEO of LotusLearns chooses to publish the works from blog sites, then that is fine, so long as she provides attribution. If the author published the information as copyleft, then there is no issue. In grade school, most domestic children were taught that if you use another resource other than your own in your report, research, review, or other writing, you must provide a bibliography, reference page, or footnote section to properly cite your sources. It is sad to contemplate that school children have more sense of responsibility than some adults. To take --- without permission --- what is not one's and publish as one's own is dishonorable, illegal, and equates to cheating, in my opinion (I state this as such as I am not an attorney, nor do I disseminate legal opinions--just my perspective).

Would it really be that much harder for LotusLearns to append either as a prefix or suffix, a proper cite reference for her content?
If you consider all of the community heat that site is going to take with its approach, plus all the time the LotusLearns CEO will spend defending its actions, it would be a better use of her and everyone else's time if she would just put the URL, source article name, and blog title for each post. That builds goodwill, earns respect and would make a potentially useful site an asset in our community.

---------------------
http://www.BillMal.com/billmal/billmal.nsf/dx/04202012110012PMWMA5JQ.htm
Apr 20, 2012
32 hits



Recent Blog Posts
278


Get Access -- Voice of the Partner is Live
Wed, Dec 17th 2014 5:10a   Bill Malchisky Jr.
It is with great pleasure that I announce Voice of the Partner is in production! This tool provides IBM Collaboration Solutions business partners a new feedback continuity site to interface directly with IBM. As alluded to within my beta launch blog post, the past three months proved quite busy, culminating in this promised mid-December launch. Please understand this is a volunteer effort for me and the scope of BPs in good standing is massive. Thus, I am breaking the overall group down into [read] Keywords: administration collaboration connections ibm sametime community development interface skype twitter
258


IBM Mobile Connect POODLE Fix
Mon, Nov 3rd 2014 5:16a   Bill Malchisky Jr.
IBM just announced a couple of Technotes dealing with IBM Mobile Connect and POODLE. As this product is quite secure by design and a product that I enjoy as customers have a great track record with it in the field, the option to use TLS 1.0 - 1.2 is supported. The new SSL v3 security changes are implemented under APAR IV66131 -- available for IMC 6.1.5 and 6.1.5.1. Thus, if you have not upgraded IMC in the past ten days, then read below and plan your upgrade as appropriate. Here Are The Tec [read] Keywords: connections ibm mobile properties security
278


IBM Protector for Mail Security POODLE Fix
Wed, Oct 22nd 2014 2:20p   Bill Malchisky Jr.
A day after providing two Technotes on SHA-2, TLS, and POODLE for Domino, IBM released two documents to cover their Protector product. The bulletin covers three vulnerabilities and provides details on each. For the workaround document, mind the side effect mentioned at the bottom, as with some sites, this may introduce a risk assessment against delivery versus the exploit's vulnerability. 1. Bulletin - Security Bulletin: Vulnerabilities in OpenSSL may cause weak cyphers to be used over SSLv [read] Keywords: domino ibm lotus protector oracle security twitter
359


Silent No More: IBM Makes Security Announcements on SHA-2, TLS, POODLE
Tue, Oct 21st 2014 9:12a   Bill Malchisky Jr.
Today (21 Oct 14), IBM created a set of Technotes covering what appears to be a first step in helping soothe the customer and partner concern on the lack of offered direction and plan for resolving the SHA-1, TLS, and POODLE exploits that exist from years of community support and a yet to be implemented capability for increased security. I offer first step as no date for the patch is provided, just that they are stating their intentions and scope with a solution by year-end, which is my conjectu [read] Keywords: domino ibm inotes sametime xpages community google security server smtp
2214


New SSL3 Exploit: The POODLE Is Here and Lifting Its Leg
Wed, Oct 15th 2014 3:38a   Bill Malchisky Jr.
Here we go again... another blockbuster security exploit with another clever code name is announced. POODLE (Padding Oracle On Downgraded Legacy Encryption) CVE-2014-3566 specifically allows a man-in-the-middle style attack utilizing an SSL3 connection. Once again, Red Hat does a stellar job offering full details on background, technical specifics, and testing. Google's Online Security Blog post is exceedingly terse when contrasting. Here is what you need to know. What is It? CVE-2014-356 [read] Keywords: admin domino ibm applications enterprise firefox google linux microsoft network oracle red hat redhat security server
230


Linux Bash Bug - Shellshock - FINAL FIX RELEASED: Get Patched (AIX, Mac Too)
Mon, Sep 29th 2014 6:13a   Bill Malchisky Jr.
Author's Note: Thank you to the ICS community for their tremendous support of my first Shellshock post. For those that read it early, you received critical information 14-72 hours before many sites released their stories. Several readers were fully patched before big names tweeted the issue. You were well ahead of the curve. Shellshock stories released over the weekend proved outdated and incomplete. This post provides better information faster. I am grateful for your support. As I mentione [read] Keywords: ibm protector aix apple application bug centos community desktop linux mac macintosh red hat redhat security server twitter ubuntu




259


Linux Bash Bug - Shellshock - is Real: Get Patched (Mac Too)
Thu, Sep 25th 2014 6:13a   Bill Malchisky Jr.
This is ugly, but fortunately you just have to update to a fixed Bash version and your fine (for now). No need to reboot your system either. Red Hat is out early on this and escalated this appropriately. Their first round of updates got all but one exploit permutation, so they re-issued another bug identifier and are working to close it soon. Their initial timeline: Red Hat announced the bug on 14 Sep, had a proposed upstream patch seven hours later (0500h 15 Sep), backported it to Bash 3.0, [read] Keywords: domino apple application bug centos enterprise linux mac red hat redhat security ubuntu
149


Ryder Cup Skype Chat Announced
Wed, Sep 24th 2014 9:12p   Bill Malchisky Jr.
It is that time again when the best pro golfers in The United States of America take on the best pro golfers in Europe for the coveted Ryder Cup. This year, it is played at the beautiful Gleneagles course in Scotland designed by pro golf legend Jack Nicklaus, who describes his course hole by hole. Play commences Friday, Saturday at 7:35am local time, or 2:35am EDT, with a more respectable Sunday start at 11:36a local time, or 6:36a EDT for singles play. I will open a Skype chat for the event. [read] Keywords: google iphone mobile skype
156


Big News for ICS Partners!
Wed, Sep 17th 2014 10:15p   Bill Malchisky Jr.
After three years of working with IBM, I am proud to make the first public announcement of the beta milestone of a new IBM community feedback continuity tool entitled, Voice of the Partner. ICS is behind this at the highest levels and there is a strong desire within IBM to make this a success. Imagine that as a partner you have a tool where you can input ideas and concerns to IBM and receive a response in a meaningful way, that also ensures continuity of feedback throughout the issue's life [read] Keywords: ibm community
117


Using Sametime Mobile? Avoid iOS 8 for Now
Tue, Sep 16th 2014 6:12a   Bill Malchisky Jr.
IBM released a Technote yesterday on the issues with their Sametime Mobile applications on iPhones and iPads running iOS 8 -- due for release on Wednesday, 17 September 2014. My friends Gabriella Davis and Matteo Bisi both blogged on the Technote. Beyond that, there exists a post on The Sametime Blog offering a behind-the-scenes look as to the challenges therein, written by the on-premises Sametime Product Manager - Marlon Machado. In meeting Marlon previously, I can tell you he is a good guy an [read] Keywords: connections ibm sametime apple applications mobile planetlotus planetlotus.org




Created and Maintained by Yancy Lent - About - Blog Submission - Suggestions - Change Log - Blog Widget - Advertising - Mobile Edition