264 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Perspective - Welcome to the top 1%
Fri, Jan 30th 2015 16
and the spinning is on... IBM denies "layoffs", Cringley admits to being a gadfly
Tue, Jan 27th 2015 19
Trying to work out what was missing from the ConnectED 2015 OGS
Tue, Jan 27th 2015 19
Three points that Lotusphere, er, Connect, er, ConnectED 2015 should refute
Sun, Jan 25th 2015 20
I, Cringley: IBM’s reorg-from-Hell launches next week
Fri, Jan 23rd 2015 20
Domino customer? Please call IBM support help get SMTP TLS/SSL fixed
Fri, Jan 16th 2015 21
IBM’s POODLE TLS fixes for Domino, while timely (thanks!) breaks SMTP email connectivity (BAD,BAD)
Thu, Jan 15th 2015 18
Top 10
Domino customer? Please call IBM support help get SMTP TLS/SSL fixed
Fri, Jan 16th 2015 21
(Repost): IBM... PLEASE update Domino’s SSL/TLS. It’s stuck in ancient times and vulnerable.
Mon, Aug 25th 2014 20
I, Cringley: IBM’s reorg-from-Hell launches next week
Fri, Jan 23rd 2015 20
Three points that Lotusphere, er, Connect, er, ConnectED 2015 should refute
Sun, Jan 25th 2015 20
Trying to work out what was missing from the ConnectED 2015 OGS
Tue, Jan 27th 2015 19
and the spinning is on... IBM denies "layoffs", Cringley admits to being a gadfly
Tue, Jan 27th 2015 19
IBM’s POODLE TLS fixes for Domino, while timely (thanks!) breaks SMTP email connectivity (BAD,BAD)
Thu, Jan 15th 2015 18
Perspective - Welcome to the top 1%
Fri, Jan 30th 2015 16
Hey, IBM! While you’re adding SHA-2 support across all Domino services, we expect to see HTTP/2 on the road map (soon)
Mon, Oct 6th 2014 15
Google accelerates end of SHA-1 support - IBM’s letting its customers down
Thu, Sep 11th 2014 14


Craig Wiseman
Blog Title Craig Wiseman
Blog Description cpwBlog - You know, I was thinking about that....
Blog URL http://www.Wiseman.La/cpw
RSS Feed http://www.wiseman.la/web/cpwBlog.nsf/feed.rss
Validate Feed feedvalidator.org or validator.w3.org
Feed Last Checked Jan 30, 2015 9:47:10 AM EST. Realtime Update:
Location Baton Rouge, LA, USA


Recent Blog Posts
16
Perspective - Welcome to the top 1%
Fri, Jan 30th 2015 9:47a   Craig Wiseman
Perspective To be in the top 1% of the US, you have to make more than $380,000. To be in the top 1% of the WORLD, you have to make more than $47,000. Welcome to the top 1%. World: Go here to see where you rank in the world: http://www.globalrichlist.com/ US:
19
and the spinning is on... IBM denies "layoffs", Cringley admits to being a gadfly
Tue, Jan 27th 2015 7:30p   Craig Wiseman
IBM (IBM.N) dismissed on Monday a Forbes magazine report claiming the technology firm is preparing to cut about 26 percent of its workforce, which would represent its biggest-ever layoffs. IBM is cutting jobs, as disclosed in its latest earnings report last week, but those reductions will affect "several thousand" employees, a "small fraction" of what Forbes reported, according to an emailed statement from IBM to Reuters. Forbes had said as many as 112,000 employees could be laid off. -
19
Trying to work out what was missing from the ConnectED 2015 OGS
Tue, Jan 27th 2015 2:10p   Craig Wiseman
20
Three points that Lotusphere, er, Connect, er, ConnectED 2015 should refute
Sun, Jan 25th 2015 11:58a   Craig Wiseman
There's no one driving the bus. This has been pretty clear for years, but made even clearer by the dissolution of the Lotus brand. Who "owns" and drives development for Connections, Portal, Sametime, Notes, Domino, etc.? The entire group of "social" products seems to be on autopilot. Who pushes them and markets them? If you are not in the IBM blackhole, it's impenetrable. And why would anyone not already sucked in care? OK, what we really mean is that we value you[r renewal
20
I, Cringley: IBM’s reorg-from-Hell launches next week
Fri, Jan 23rd 2015 10:57a   Craig Wiseman
A worthy read, particularly the comments: IBM's reorg-from-Hell launches next week IBM's big layoff-cum-reorganization called Project Chrome kicks-off next week when 26 percent of IBM employees will get calls from their managers followed by thick envelopes on their doorsteps. By the end of February all 26 percent will be gone. I'm told this has been in the planning for months and I first heard about it back in November. This biggest reorganization in IBM history is going to be a nightmar
21
Domino customer? Please call IBM support help get SMTP TLS/SSL fixed
Fri, Jan 16th 2015 12:56p   Craig Wiseman
After much worrying non-communication, IBM came out with the initial POODLE for SSL patch and then the POODLE for TLS patch. These were timely and clean fixes - thank you IBM for these. I've included an email to IBM support regarding the fact that the POODLE SSL/TLS fixes break Domino as an internet-facing SMTP host... a role it Domino has served for many many organizations since the Notes Server R4 days. If you are an IBM Domino customer, please call IBM support and open a PMR on t
18
IBM’s POODLE TLS fixes for Domino, while timely (thanks!) breaks SMTP email connectivity (BAD,BAD)
Thu, Jan 15th 2015 9:12a   Craig Wiseman
After much worrying non-communication, IBM came out with the initial POODLE for SSL patch and then the POODLE for TLS patch. These were timely and clean fixes - thank you IBM for these. However, we've noticed an issue with the impact these fixes have on SMTP traffic. The issue is that the POODLE fixes completely drop support for SSLv2, which on one level is fine - SSLv2 is insecure. But there's a more subtle issue caused by completely dropping SSLv2 support: According to various
7
Rethinking Ray Ozzie
Sat, Nov 1st 2014 4:41p   Craig Wiseman
Mr. Thurrott wrote this a year ago, but it's worth a re-read. From a public perspective, Mr. Ozzie kind of disappeared into Microsoft, but it's clear he had the forethough and intelligence to see what was coming. Microsoft's history is full of baloney legends, like "The Internet Tidal Wave" memo from Bill Gates that allegedly caused the company to "turn on a dime" and embrace the Internet (and in the process squash Netscape). But a more complete and less hagiographic telling of that hi
7
Good! Communication on upcoming short term fixes for both the Poodle and SHA-2 issues from IBM regarding Domino | MIA: No confirmation or roadmap for TLS 1.2/1.3 or HTTP v2
Tue, Oct 21st 2014 10:08a   Craig Wiseman
What these are: GOOD Short time, targeted fixes to immediate issues Domino faces. This is some good, hard news. Updates on what's going to be done and timelines that work. Remember, the Poodle exploit is *at this point* proof of concept from Google, so we do have a window of time before it becomes a true issue. This is a very acceptable approach. As I told support... I'm fine with having a Poodle-resistant solution for Domino 8.5.x and moving to full TLS and HTTP in 9.x. Planned SH
12
What IBM’s response to the POODLE SSL v3 attack feels like to its Domino customers
Mon, Oct 20th 2014 1:48p   Craig Wiseman
What IBM's response to the POODLE SSL v3 attack feels like to its Domino customers:
9
I, Cassandra? If you’re wondering what’s wrong with IBM (and why the bad news today), Cringley’s been telling you for years
Mon, Oct 20th 2014 9:14a   Craig Wiseman
[Background research: Who was Cassandra?] IBM announced some pretty bad news today... IBM's PAYING GlobalFoundries to take its chip making facility off its hands and IBM's given up on its HUGELY vaunted earnings plans. If you're interested in why this may be, take a gander at what Cringely been saying for a long, long time: The Decline and Fall of IBM (italics are mine) Even on the surface, IBM in early 2014 looks like a troubled company. Sales are flat to down, and ea
13
Apparent (small) update from IBM on "concerns around TLS and SHA-2" from the Domino 9 forum
Thu, Oct 16th 2014 8:58p   Craig Wiseman
This seems promising. OK, "promising" is way overselling it. Really, I guess it's not "promising" when the vendor acknowledges something that customers have been asking about for over 8 years. But that's not the point: Re: Poodle SSL vulnerability Greetings, We are currently working on statements regarding solutions for our clients with concerns around TLS and SHA-2. Thanks, dave David Kern | Resident Paranoid STSM, Global ICS Security Architect Source
9
Poor Domino users. For folks who care about security, looks like now is when IBM’s disrespect (contempt) for its userbase bites us: new Poodle SSL v3 hack
Wed, Oct 15th 2014 7:04a   Craig Wiseman
For over 8 years, there's been post after post, PMR after PMR, IdeaJam idea after idea on upgrade Domino's SSL security in order to keep it current. (Here's a google search for: Please upgrade Domino SSL ) While they've been very busy apparently doing nothing about this, IBM's also been very quiet about it, although they have acknowledged that IBM's PAYING CUSTOMERS think it's important (see here). Now, we expect to hear something about how to fix this. SOON. It's not like IBM ha
12
Re: IBM Domino and SHA-1 / SHA-2 / SHA-256 (etc) ... that doesn’t sound promising, does it?
Mon, Oct 6th 2014 11:37a   Craig Wiseman
What do you say when you have bad news or no news... when you really should be saying something? One corporate take is to say as little as possible. (and hope the issue goes away, I guess). I've blurred the name of the source for this comment, because I don't want her (or is it him?) blamed for my extrapolation. Related to this issue we have an answer from our colleagues from Level 2 that even the future version 10 does not have the support for it yet - and there is an enha
15
Hey, IBM! While you’re adding SHA-2 support across all Domino services, we expect to see HTTP/2 on the road map (soon)
Mon, Oct 6th 2014 6:39a   Craig Wiseman
One of the great things about Notes and Domino has been the iterative growth of features. Well, that was true until about 4 years ago. Lately, a lot has been said about IBM's poor performance in keeping Domino's security stack up to date: http://planetlotus.org/c27d79 http://planetlotus.org/c28ea9 http://planetlotus.org/c2841d http://planetlotus.org/c2af15 http://planetlotus.org/c39b14 http://planetlotus.org/c2af24 http://www.ideajam.net/IdeaJam/P/ij.nsf/0/342557C4307F678D86257833004C
14
Google accelerates end of SHA-1 support - IBM’s letting its customers down
Thu, Sep 11th 2014 11:58a   Craig Wiseman
There's been a justifiable bit of a hullabaloo about security and IBM Domino (nee Lotus Domino). The biggest point lately concerning Domino's shameful lack of general support for modern Web security has hinged around Domino's support for only the SHA1 hash. What's sad about this is that "The first signs of weaknesses in SHA1 appeared (almost) ten years ago. - Qualys Blog". Ten years ago... back when IBM gave the appearance of caring about Domino's future. Now Google has announced
20
(Repost): IBM... PLEASE update Domino’s SSL/TLS. It’s stuck in ancient times and vulnerable.
Mon, Aug 25th 2014 12:14p   Craig Wiseman
I posted about this here in 2011. Other good folks have been posting about this as well, here, here, here, here, etc. Simply put, Domino needs proper, modern TLS 1.3 support across all protocols, including SMTP, LDAP, HTTP, POP, IMAP, etc. What kind of shocks me is that there's any discussion about making this happen. If I had a product in this situation, the only meetings I'd be having is about WHEN the enhancements will be finished. IBM is all about security, except... when it isn
6
Something was added in the latest Java update from Oracle: Suppress sponsor offers when installing or updating Java
Thu, Aug 21st 2014 4:20p   Craig Wiseman
Here's a subtle thing for IT folks. This check box was added in the very latest Java release. See anything useful about it?
4
Don’t let the bad guys get you: How to Prevent Email Worms, Viruses, and Trojans
Wed, Nov 28th 2012 7:28a   Craig Wiseman
I've been sending versions of this email out for years and years (I had to update it when the term "phishing" came along), so I thought I'd put it up here as well. Don't let the bad guys get you: How to Prevent Email Worms, Viruses, and Trojans We have the best anti-spam and Anti-virus software. We have great firewalls, encrypted VPNs, secure servers... but it's not enough to save us from every "Day 0 Attack"*. An email worm*/virus*/trojan* can go worldwide in just minutes or
3
8 minutes of awesome
Fri, Dec 16th 2011 6:09a   Craig Wiseman
This just needs to be here.
5
My fellow Americans, I give you.... the next US President
Wed, Dec 14th 2011 6:26a   Craig Wiseman
A simple, uncomplicated campaign we can rally behind. And it's not the first time we've had a puppet as President.
2
True: Don’t Blame The IQ, Blame The Carrier
Sun, Dec 4th 2011 7:17a   Craig Wiseman
If you're mad at Carrier IQ, then you are doing exactly what the carriers want you to. The surprising thing is that the ire has been directed at Carrier IQ themselves. Why? If someone runs you over in their car, you don't write a stern letter to Ford. Carrier IQ made and sold an invasive piece of software, certainly. But they didn't install it on your phone. Sprint [and AT&T] did. Full Story
7
IBM... PLEASE update Domino’s SSL/TLS. It’s stuck in ancient times and vulnerable.
Wed, Sep 21st 2011 10:46a   Craig Wiseman
So, we've waited for years for IBM to update Domino's SSL/TLS implementation. There have been other ideas on this expressed. Now, it seems that the implementation is vulnerable... and since we don't have current TLS options, we have no native Domino solution. It realllly looks like neglect, but perhaps there's a better expression. Update: John James has something useful to say about the SSL/TLS vulnerability here.
7
Be careful, folks in Irene’s path. Better than careful - run away.
Fri, Aug 26th 2011 10:33a   Craig Wiseman
For you folks in Irene's path, I certainly "feel your pain". Yep, that lil red dot was me in 2008 when Gustav hit. In the northeastern quadrant of the storm (always the worst part of the storm). I was a bit further away from Ike (2008), Katrina, and Rita( 2005), so all we got then was heavy rain & moderate winds. The best thing to do in a hurricane is NOT be in its path. You can always rebuild a building, but people ... not so much. That's one reason I like hurricanes better than e
3
The White, Black, and Orange people have failed us. We have but one choice left.
Tue, Jul 26th 2011 9:28a   Craig Wiseman
3
A video walkthrough of the unholy marriage of BlackBerry and Android
Fri, Jul 22nd 2011 3:56p   Craig Wiseman
From AndroidCentral.com: A video walkthrough of the unholy marriage of BlackBerry and Android BlackBerry fans everywhere were astonished Thursday when an early version of the Android Player for the PlayBook leaked out and their little tablets suddenly became usable. Usable as in once you've got Android running on the PlayBook, you suddenly have an e-mail app. Craziness! Pretty cool stuff, especially since it's running Android 2.3.3, and there's a good chance your phone doesn't even th




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition