Archive for the 'Miscellaneous' Category

« Previous Entries
Next Entries »

Small Businesses Work Together to Maintain Asheville’s Character and Help Local Economy

Monday, June 2nd, 2008

Asheville’s small businesses, such as marketing and Web technology company Jaymunda (www.Jaymunda.com,) help to maintain the city’s character and atmosphere by working together to build a strong business community. Strong small businesses are ones that will stick around, supporting the local economy for years to come.
Asheville, NC – May 16, 2008 – While other cities and towns across the country are feeling overrun by development and major corporations moving in, Asheville’s small businesses are thriving and helping to keep the charm and community feel of the city by working together. Local Web development and Internet marketing company, Jaymunda (www.Jaymunda.com), is a prime example – helping other area small businesses make the most of new technologies through education and Web-based services.
“Asheville’s small businesses all have something to offer the community or to each other,” says Jaymunda’s Co-owner and Vice President, Heather Syzdek. “These entrepreneurs are real members of the community themselves, and they’re a part of the local culture. By working together towards growth, Asheville’s business owners help to support the local economy while ensuring their own stability. Jaymunda tries to do its part by educating area entrepreneurs about technologies that can help them succeed in the local market or expand beyond it, as our company did last year by expanding to a second office in the Atlanta area. Strong small businesses are good for Asheville as well as good for the owners.”
Jaymunda and the company’s clients serve as an example of the power of word-of-mouth – referrals and cross-promotional opportunities are always available, and they can help any type of small business succeed. “When small businesses thrive, it builds confidence within the members of the community who can build bonds with local entrepreneurs in ways that corporate chain stores can’t compete with,” says Syzdek. “Our tight-knit community feel isn’t of concern to large corporations opening stores and offices anywhere they can make a buck, but small business owners are residents, neighbors, and friends.”
In addition to helping local small businesses build a Web presence and market themselves online, Jaymunda has actively worked to educate members of the Asheville community about small business technology issues by teaching classes through A-B Tech’s Small Business Center.
In addition to classes for local entrepreneurs, Jaymunda offers free marketing tips, tools, and downloads at www.Jaymunda.com to help small business owners make better use of Web-based technologies.
About Jaymunda
Jaymunda: Graphic & Web Design, Inc. is a respected Web technology company focused on providing advertising, design, programming, search engine optimization, and marketing services to small and medium-sized businesses. Based in Asheville, NC, the company expanded in 2007 to open a second office in Marietta, GA. Jaymunda was founded by President Jason Syzdek.
For more information about Jaymunda, or what the company is doing to help Asheville’s small and medium-sized businesses, please visit www.Jaymunda.com or contact Jason Syzdek at 828-254-0892.

Posted in Miscellaneous | No Comments »

Congregational Web Sites: Our New Front Door

Tuesday, April 15th, 2008

by Lynne M. BaabJonathan, 28, believes Web sites functions like a “front page” for organizations. He notes that his generation surfs the Internet continuously, both during the work day and during leisure hours, and that they would almost never visit a church or other organization without first checking out its Web site. Whether or not Jonathan can speak for an entire generation, organizational Web sites are certainly proliferating. More congregations are establishing Web sites and more congregational leaders are realizing how helpful, even strategic, Web sites can be. 

Reaching All Audiences Congregational Web sites have three audiences, two of them primary and one of them less prominent. One audience is congregation members. Often they come to the Web site for information. What time is that missionary speaking tonight, and where? They also visit the Web site to download the sermon in audio, video, or written form. Keeping the Web site updated with factual information and recent sermons is key for this audience. 

A second audience is potential visitors. Is the time of the worship service posted on the homepage? Is there a link to directions to the church? Is basic information about the congregation presented—both verbally and visually—so that a visitor would have some sense of this congregation’s priorities? Are there links to information specifically for newcomers, or general information about the church that newcomers would value? A third audience congregational Web sites might consider addressing is people from other congregations who are looking for resources. Perhaps someone visits a congregation on vacation, enjoys the sermon, and comes back to the congregation’s Web site each week to read or listen to the pastor’s sermon. Or perhaps a children’s ministry leader is looking for new ideas, so scans other churches’ Web sites to see how they are serving children. A worldwide network of connections is facilitated by the existence of congregational Web sites, a fascinating new manifestation of the body of Christ and of Jewish solidarity. 

The Rise of the Visual Communication scholars have noted a significant shift in communication patterns in recent decades. The written word is giving way to images. Web sites are an assemblage of words and images, and most experts on Web sites affirm that viewers tend to notice the visual aspects first. 

Most of the Web site producers I interviewed affirmed that the pastors and leaders of their congregations are largely word-oriented. I suspect this is true of rabbis and leaders of synagogues as well. My interviewees told me that their pastors and other congregational leaders generate announcements of events and descriptions of the church that are usually designed for newsletters, brochures, and printed bulletins. Web designers edit these texts, usually shortening them significantly, and pair them with photos and other images to create a pleasing whole. Note the disconnect here. Congregational leaders are charged with leading the congregation and communicating its vision, yet the aspect of the Web site that carries the greatest impact—the visual components, such as photos and graphics, as well as the overall visual structure—is usually determined by one person, the Web designer. This person is usually a member of the congregation who volunteers to create the site, a paid employee, or a paid independent contractor. In very few cases is it a leader of the congregation. 

Many congregational Web sites are quite effective and interesting, but are they communicating the values of the congregation in ways that mesh with the vision for the congregation established intentionally by its leaders? Unless leaders of congregations take their Web sites seriously, these sites will continue to be the work of one person, or a very small number of people, who may or may not be closely connected to the leaders and their vision. Help from “Critical Friends” 

When the Internet started to become a significant force in society about a decade ago, religious leaders were divided in their opinions about this new technology. Some were extremely negative, viewing the Internet as a dehumanizing force, a threat to community and communication. Others saw it as a place of opportunity for religious organizations, a place where proclamation and explanation could take place and a place where community and connections could be nurtured. One of the premier researchers on online religious community, Heidi Campbell, argues for a middle ground. She uses the term “critical friends” 1 to describe what she would like to see: religious leaders who affirm the opportunities provided by the Internet while also being cautious and careful about the possible negative repercussions. 

In my study of congregational Web sites, I found that this critical friend role was often absent in congregations. Many Web site producers work quite independently because of lack of interest by congregational leaders. Critical friends among the congregation’s leaders would bring an additional set of eyes and an understanding of the congregation’s priorities, enabling Web sites to represent congregations as accurately as possible. In addition, critical friends are urgently needed in congregations to minimize the growing tendency toward a consumerist model of faith and congregational life. Because Web sites use visual communication in ways similar to those of the advertising industry, congregational leaders need to think carefully about how their Web sites tap into consumerist practices. 

The Web site producers I interviewed were uniformly positive about the opportunity afforded by the medium. Most of them saw no potential conflicts in wholesale adoption of secular marketing strategies to promote their congregation and to describe its uniqueness. Critical friends, with an awareness of the risks inherent in the consumer model and perhaps with theological training, need to be in dialogue with Web site producers as choices are made regarding Web site content. Web sites provide amazing opportunities for congregations to reach out and to provide information and resources for members. Careful and effective use of congregational Web sites will involve attention to the visual as well as the verbal and will reflect the congregation’s values in photos, graphics, art, and links. Web site producers will not work in isolation but with the help of critical friends among the congregation’s leaders, who will help them make decisions about this strategic communication tool. 

Excerpted fromOur New Front Door: How Congregational Web Sites Communicate Church Vision from the Spring 2008 issue of Congregations magazine. Lynne M. Baab’s book Reaching out in a Networked World: Expressing Your Congregation’s Heart and Soul will be published this fall.
_________________
1 Heidi Campbell, “Approaches to Religious Research in Computer-mediated Communication,” in J. Mitchell & S. Marriage, eds., Mediating Religion: Conversations in Media, Culture and Religion (New York: T & T Clark, 2003), 216. 

Posted in Miscellaneous, Marketing | Comments Off

About being unique…

Thursday, April 10th, 2008

Jaymunda recently launched two websites with a very simple, yet effective feature: A button that changes the size of the text for those who need larger text! 

The idea first came as I was working on the user experience phase for Champion Eye Center in Asheville, NC. They liked it so much that I suggested it to the NC Bankers Association, headquartered in Raleigh, NC, where we built their website in conjunction with Apple Advertising. To date, both organizations are receiving rave reviews about the feature!

To see the feature in action, look to the top-right corner of both of these pages: 

http://www.championeyecenter.com/content/frames/ 

http://www.ncba.com/ 

Just one more way we’re creating uniqueness for our clients to increase their business. :-)

Posted in Miscellaneous | Comments Off

Going Cuckoo for Marketing

Thursday, April 3rd, 2008

A friend of mine recently quoted: 

“The definition of insanity is doing the same thing over and over and expecting different results.”
Unknown

Many people take this to heart when marketing a business, throwing their hands up in frustration when “nothing seems to work”.    Funny thing is, they don’t realize they are doing the same kind of marketing over and over again in different ways.   It’s time for a change.   In the United States, more traditional ways of marketing are being ignored by the general consumer.  Jaymunda often suggests our clients use W.O.M. or Word of Mouth marketing (see http://jaymunda.com/content/services_what/ for a diagram).  W.O.M. marketing focuses on your website, attracting consumers by getting them to tell others about your business with Jaymunda methods and thus in turn, attracting more business.  Have you considered:

  • referral based marketing
  • website marketing
  • guerilla marketing techniques
  • joint business marketing

I recently saw an excellent joint business marketing example from a television ad.  Geico Insurance had Mrs. Butterworths tell a story about Geico for a Geico customer.  You wouldn’t associate the two companies, but they did a great job keeping you interested and longing for buttery pancakes at the same time.   You don’t have to go Cuckoo for Marketing, just embrace change.  If you’d like to learn more about one of these marketing techniques or would like a free consultation click on this link: www.jaymunda.com/contact

Posted in Miscellaneous | Comments Off

A couple of great links and resources

Sunday, February 24th, 2008

Here are a few things I ran across recently that I enjoyed…

Are you a human or computer? How artificial intelligence is taking over our internet.

Onebox.com - Virtual PBX

UniquenessIsPower.com - Weekly Radio Show with marketing tips and tools for the trade

Coolhomepages.com - Award-winning graphic design inspiration

Asheville Website Design, Atlanta Website Design

Artistic Inspiration from Behr Paint

1960s Braun Products Hold The Secret to Apple’s Future

Posted in Miscellaneous | Comments Off

The Six Dumbest Ideas in Computer Security

Sunday, February 24th, 2008

There’s lots of innovation going on in security - we’re inundated with a steady stream of new stuff and it all sounds like it works just great. Every couple of months I’m invited to a new computer security conference, or I’m asked to write a foreword for a new computer security book. And, thanks to the fact that it’s a topic of public concern and a “safe issue” for politicians, we can expect a flood of computer security-related legislation from lawmakers. So: computer security is definitely still a “hot topic.” But why are we spending all this time and money and still having problems?

Let me introduce you to the six dumbest ideas in computer security. What are they? They’re the anti-good ideas. They’re the braindamage that makes your $100,000 ASIC-based turbo-stateful packet-mulching firewall transparent to hackers. Where do anti-good ideas come from? They come from misguided attempts to do the impossible - which is another way of saying “trying to ignore reality.” Frequently those misguided attempts are sincere efforts by well-meaning people or companies who just don’t fully understand the situation, but other times it’s just a bunch of savvy entrepreneurs with a well-marketed piece of junk they’re selling to make a fast buck. In either case, these dumb ideas are the fundamental reason(s) why all that money you spend on information security is going to be wasted, unless you somehow manage to avoid them.

For your convenience, I’ve listed the dumb ideas in descending order from the most-frequently-seen. If you can avoid falling into the the trap of the first three, you’re among the few true computer security elite.

#1) Default Permit

This dumb idea crops up in a lot of different forms; it’s incredibly persistent and difficult to eradicate. Why? Because it’s so attractive. Systems based on “Default Permit” are the computer security equivalent of empty calories: tasty, yet fattening.

The most recognizable form in which the “Default Permit” dumb idea manifests itself is in firewall rules. Back in the very early days of computer security, network managers would set up an internet connection and decide to secure it by turning off incoming telnet, incoming rlogin, and incoming FTP. Everything else was allowed through, hence the name “Default Permit.” This put the security practitioner in an endless arms-race with the hackers. Suppose a new vulnerability is found in a service that is not blocked - now the administrators need to decide whether to deny it or not, hopefully, before they got hacked. A lot of organizations adopted “Default Permit” in the early 1990’s and convinced themselves it was OK because “hackers will never bother to come after us.” The 1990’s, with the advent of worms, should have killed off “Default Permit” forever but it didn’t. In fact, most networks today are still built around the notion of an open core with no segmentation. That’s “Default Permit.”

Another place where “Default Permit” crops up is in how we typically approach code execution on our systems. The default is to permit anything on your machine to execute if you click on it, unless its execution is denied by something like an antivirus program or a spyware blocker. If you think about that for a few seconds, you’ll realize what a dumb idea that is. On my computer here I run about 15 different applications on a regular basis. There are probably another 20 or 30 installed that I use every couple of months or so. I still don’t understand why operating systems are so dumb that they let any old virus or piece of spyware execute without even asking me. That’s “Default Permit.”

A few years ago I worked on analyzing a website’s security posture as part of an E-banking security project. The website had a load-balancer in front of it, that was capable of re-vectoring traffic by URL, and my client wanted to use the load-balancer to deflect worms and hackers by re-vectoring attacks to a black hole address. Re-vectoring attacks would have meant adopting a policy of “Default Permit” (i.e.: if it’s not a known attack, let it through) but instead I talked them into adopting the opposite approach. The load-balancer was configured to re-vector any traffic not matching a complete list of correctly-structured URLs to a server that serves up image data and 404 pages, which is running a special locked-down configuration. Not surprisingly, that site has withstood the test of time quite well.

One clear symptom that you’ve got a case of “Default Permit” is when you find yourself in an arms race with the hackers. It means that you’ve put yourself in a situation where what you don’t know can hurt you, and you’ll be doomed to playing keep ahead/catch-up.

The opposite of “Default Permit” is “Default Deny” and it is a really good idea. It takes dedication, thought, and understanding to implement a “Default Deny” policy, which is why it is so seldom done. It’s not that much harder to do than “Default Permit” but you’ll sleep much better at night.

#2) Enumerating Badness

Back in the early days of computer security, there were only a relatively small number of well-known security holes. That had a lot to do with the widespread adoption of “Default Permit” because, when there were only 15 well-known ways to hack into a network, it was possible to individually examine and think about those 15 attack vectors and block them. So security practitioners got into the habit of “Enumerating Badness” - listing all the bad things that we know about. Once you list all the badness, then you can put things in place to detect it, or block it.

Figure 1: The “Badness Gap”
 The badness gap

Why is “Enumerating Badness” a dumb idea? It’s a dumb idea because sometime around 1992 the amount of Badness in the Internet began to vastly outweigh the amount of Goodness. For every harmless, legitimate, application, there are dozens or hundreds of pieces of malware, worm tests, exploits, or viral code. Examine a typical antivirus package and you’ll see it knows about 75,000+ viruses that might infect your machine. Compare that to the legitimate 30 or so apps that I’ve installed on my machine, and you can see it’s rather dumb to try to track 75,000 pieces of Badness when even a simpleton could track 30 pieces of Goodness. In fact, if I were to simply track the 30 pieces of Goodness on my machine, and allow nothing else to run, I would have simultaneously solved the following problems:

  • Spyware
  • Viruses
  • Remote Control Trojans
  • Exploits that involve executing pre-installed code that you don’t use regularly

Thanks to all the marketing hype around disclosing and announcing vulnerabilities, there are (according to some industry analysts) between 200 and 700 new pieces of Badness hitting the Internet every month. Not only is “Enumerating Badness” a dumb idea, it’s gotten dumber during the few minutes of your time you’ve bequeathed me by reading this article.

Now, your typical IT executive, when I discuss this concept with him or her, will stand up and say something like, “That sounds great, but our enterprise network is really complicated. Knowing about all the different apps that we rely on would be impossible! What you’re saying sounds reasonable until you think about it and realize how absurd it is!” To which I respond, “How can you call yourself a ‘Chief Technology Officer’ if you have no idea what your technology is doing?” A CTO isn’t going to know detail about every application on the network, but if you haven’t got a vague idea what’s going on it’s impossible to do capacity planning, disaster planning, security planning, or virtually any of the things in a CTO’s charter.

In 1994 I wrote a firewall product that needed some system log analysis routines that would alert the administrator in case some kind of unexpected condition was detected. The first version used “Enumerating Badness” (I’ve been dumb, too) but the second version used what I termed “Artificial Ignorance” - a process whereby you throw away the log entries you know aren’t interesting. If there’s anything left after you’ve thrown away the stuff you know isn’t interesting, then the leftovers must be interesting. This approach worked amazingly well, and detected a number of very interesting operational conditions and errors that it simply never would have occurred to me to look for.

“Enumerating Badness” is the idea behind a huge number of security products and systems, from anti-virus to intrusion detection, intrusion prevention, application security, and “deep packet inspection” firewalls. What these programs and devices do is outsource your process of knowing what’s good. Instead of you taking the time to list the 30 or so legitimate things you need to do, it’s easier to pay $29.95/year to someone else who will try to maintain an exhaustive list of all the evil in the world. Except, unfortunately, your badness expert will get $29.95/year for the antivirus list, another $29.95/year for the spyware list, and you’ll buy a $19.95 “personal firewall” that has application control for network applications. By the time you’re done paying other people to enumerate all the malware your system could come in contact with, you’ll more than double the cost of your “inexpensive” desktop operating system.

One clear symptom that you have a case of “Enumerating Badness” is that you’ve got a system or software that needs signature updates on a regular basis, or a system that lets past a new worm that it hasn’t seen before. The cure for “Enumerating Badness” is, of course, “Enumerating Goodness.” Amazingly, there is virtually no support in operating systems for such software-level controls. I’ve tried using Windows XP Pro’s Program Execution Control but it’s oriented toward “Enumerating Badness” and is, itself a dumb implementation of a dumb idea.

In a sense, “Enumerating Badness” is a special dumb-case of “Default Permit” - our #1 dumb computer security idea. But it’s so prevalent that it’s in a class by itself.

#3) Penetrate and Patch

There’s an old saying, “You cannot make a silk purse out of a sow’s ear.” It’s pretty much true, unless you wind up using so much silk to patch the sow’s ear that eventually the sow’s ear is completely replaced with silk. Unfortunately, when buggy software is fixed it is almost always fixed through the addition of new code, rather than the removal of old bits of sow’s ear.

“Penetrate and Patch” is a dumb idea best expressed in the BASIC programming language:

10 GOSUB LOOK_FOR_HOLES
20 IF HOLE_FOUND = FALSE THEN GOTO 50
30 GOSUB FIX_HOLE
40 GOTO 10
50 GOSUB CONGRATULATE_SELF
60 GOSUB GET_HACKED_EVENTUALLY_ANYWAY
70 GOTO 10

In other words, you attack your firewall/software/website/whatever from the outside, identify a flaw in it, fix the flaw, and then go back to looking. One of my programmer buddies refers to this process as “turd polishing” because, as he says, it doesn’t make your code any less smelly in the long run but management might enjoy its improved, shiny, appearance in the short term. In other words, the problem with “Penetrate and Patch” is not that it makes your code/implementation/system better by design, rather it merely makes it toughened by trial and error. Richard Feynman’s “Personal Observations on the Reliability of the Space Shuttle” used to be required reading for the software engineers that I hired. It contains some profound thoughts on expectation of reliability and how it is achieved in complex systems. In a nutshell its meaning to programmers is: “Unless your system was supposed to be hackable then it shouldn’t be hackable.”

“Penetrate and Patch” crops up all over the place, and is the primary dumb idea behind the current fad (which has been going on for about 10 years) of vulnerability disclosure and patch updates. The premise of the “vulnerability researchers” is that they are helping the community by finding holes in software and getting them fixed before the hackers find them and exploit them. The premise of the vendors is that they are doing the right thing by pushing out patches to fix the bugs before the hackers and worm-writers can act upon them. Both parties, in this scenario, are being dumb because if the vendors were writing code that had been designed to be secure and reliable then vulnerability discovery would be a tedious and unrewarding game, indeed!

Let me put it to you in different terms: if “Penetrate and Patch” was effective, we would have run out of security bugs in Internet Explorer by now. What has it been? 2 or 3 a month for 10 years? If you look at major internet applications you’ll find that there are a number that consistently have problems with security vulnerabilities. There are also a handful, like PostFix, Qmail, etc, that were engineered to be compartmented against themselves, with modularized permissions and processing, and - not surprisingly - they have histories of amazingly few bugs. The same logic applies to “penetration testing.” There are networks that I know of which have been “penetration tested” any number of times and are continually getting hacked to pieces. That’s because their design (or their security practices) are so fundamentally flawed that no amount of turd polish is going to keep the hackers out. It just keeps managers and auditors off of the network administrator’s backs. I know other networks that it is, literally, pointless to “penetration test” because they were designed from the ground up to be permeable only in certain directions and only to certain traffic destined to carefully configured servers running carefully secured software. Running a “penetration test” for Apache bugs is completely pointless against a server that is running a custom piece of C code that is running in a locked-down portion of an embedded system. So, “Penetrate and Patch” is pointless either because you know you’re going to find an endless litany of bugs, or because you know you’re not going to find anything comprehensible. Pointless is dumb.

One clear symptom that you’ve got a case of “Penetrate and Patch ” is when you find that your system is always vulnerable to the “bug of the week.” It means that you’ve put yourself in a situation where every time the hackers invent a new weapon, it works against you. Doesn’t that sound dumb? Your software and systems should be secure by design and should have been designed with flaw-handling in mind.

#4) Hacking is Cool

One of the best ways to get rid of cockroaches in your kitchen is to scatter bread-crumbs under the stove, right? Wrong! That’s a dumb idea. One of the best ways to discourage hacking on the Internet is to give the hackers stock options, buy the books they write about their exploits, take classes on “extreme hacking kung fu” and pay them tens of thousands of dollars to do “penetration tests” against your systems, right? Wrong! “Hacking is Cool” is a really dumb idea.

Around the time I was learning to walk, Donn Parker was researching the behavioral aspects of hacking and computer security. He says it better than I ever could:
“Remote computing freed criminals from the historic requirement of proximity to their crimes. Anonymity and freedom from personal victim confrontation increased the emotional ease of crime, i.e., the victim was only an inanimate computer, not a real person or enterprise. Timid people could become criminals. The proliferation of identical systems and means of use and the automation of business made possible and improved the economics of automating crimes and constructing powerful criminal tools and scripts with great leverage.”

Hidden in Parker’s observation is the awareness that hacking is a social problem. It’s not a technology problem, at all. “Timid people could become criminals.” The Internet has given a whole new form of elbow-room to the badly socialized borderline personality. The #4th dumbest thing information security practitioners can do is implicitly encourage hackers by lionizing them. The media plays directly into this, by portraying hackers, variously, as “whiz kids” and “brilliant technologists” - of course if you’re a reporter for CNN, anyone who can install Linux probably does qualify as a “brilliant technologist” to you. I find it interesting to compare societal reactions to hackers as “whiz kids” versus spammers as “sleazy con artists.” I’m actually heartened to see that the spammers, phishers, and other scammers are adopting the hackers and the techniques of the hackers - this will do more to reverse society’s view of hacking than any other thing we could do.

If you’re a security practitioner, teaching yourself how to hack is also part of the “Hacking is Cool” dumb idea. Think about it for a couple of minutes: teaching yourself a bunch of exploits and how to use them means you’re investing your time in learning a bunch of tools and techniques that are going to go stale as soon as everyone has patched that particular hole. It means you’ve made part of your professional skill-set dependent on “Penetrate and Patch” and you’re going to have to be part of the arms-race if you want that skill-set to remain relevant and up-to-date. Wouldn’t it be more sensible to learn how to design security systems that are hack-proof than to learn how to identify security systems that are dumb?

My prediction is that the “Hacking is Cool” dumb idea will be a dead idea in the next 10 years. I’d like to fantasize that it will be replaced with its opposite idea, “Good Engineering is Cool” but so far there is no sign that’s likely to happen.

#5) Educating Users

“Penetrate and Patch” can be applied to human beings, as well as software, in the form of user education. On the surface of things, the idea of “Educating Users” seems less than dumb: education is always good. On the other hand, like “Penetrate and Patch” if it was going to work, it would have worked by now. There have been numerous interesting studies that indicate that a significant percentage of users will trade their password for a candy bar, and the Anna Kournikova worm showed us that nearly 1/2 of humanity will click on anything purporting to contain nude pictures of semi-famous females. If “Educating Users” is the strategy you plan to embark upon, you should expect to have to “patch” your users every week. That’s dumb.

The real question to ask is not “can we educate our users to be better at security?” it is “why do we need to educate our users at all?” In a sense, this is another special case of “Default Permit” - why are users getting executable attachments at all? Why are users expecting to get E-mails from banks where they don’t have accounts? Most of the problems that are addressable through user education are self-correcting over time. As a younger generation of workers moves into the workforce, they will come pre-installed with a healthy skepticism about phishing and social engineering.

Dealing with things like attachments and phishing is another case of “Default Permit” - our favorite dumb idea. After all, if you’re letting all of your users get attachments in their E-mail you’re “Default Permit”ing anything that gets sent to them. A better idea might be to simply quarantine all attachments as they come into the enterprise, delete all the executables outright, and store the few file types you decide are acceptable on a staging server where users can log in with an SSL-enabled browser (requiring a password will quash a lot of worm propagation mechanisms right away) and pull them down. There are freeware tools like MIMEDefang that can be easily harnessed to strip attachments from incoming E-mails, write them to a per-user directory, and replace the attachment in the E-mail message with a URL to the stripped attachment. Why educate your users how to cope with a problem if you can just drive a stake through the problem’s heart?

When I was CEO of a small computer security start-up we didn’t have a Windows system administrator. All of the employees who wanted to run Windows had to know how to install it and manage it themselves, or they didn’t get hired in the first place. My prediction is that in 10 years users that need education will be out of the high-tech workforce entirely, or will be self-training at home in order to stay competitive in the job market. My guess is that this will extend to knowing not to open weird attachments from strangers.

#6) Action is Better Than Inaction

IT executives seem to break down into two categories: the “early adopters” and the “pause and thinkers.” Over the course of my career, I’ve noticed that dramatically fewer of the “early adopters” build successful, secure, mission-critical systems. This is because they somehow believe that “Action is Better Than Inaction” - i.e.: if there’s a new whizzbang, it’s better to install it right now than to wait, think about it, watch what happens to the other early adopters, and then deploy the technology once it’s fully sorted-out and has had its first generation of experienced users. I know one senior IT executive - one of the “pause and thinkers” whose plan for doing a wireless roll-out for their corporate network was “wait 2 years and hire a guy who did a successful wireless deployment for a company larger than us.” Not only will the technology be more sorted-out by then, it’ll be much, much cheaper. What an utterly brilliant strategy!

There’s an important corollary to the “Action is Better Than Inaction” dumb idea, and it’s that:
It is often easier to not do something dumb than it is to do something smart.
Sun Tzu didn’t really write that in “The Art of War” but if you tell IT executives that he did, they’ll take you much more seriously when you counsel a judicious, thoughtful approach to fielding some new whizzbang. To many of my clients, I have been counselling, “hold off on outsourcing your security for a year or two and then get recommendations and opinions from the bloody, battered survivors - if there are any.”

You can see the “Action is Better Than Inaction” dumb idea all over corporate networks and it tends to correlate with senior IT managers that make their product-purchasing decisions by reading Gartner research reports and product glossies from vendors. If you find yourself in the chain of command of such a manager, I sincerely hope you’ve enjoyed this article because you’re probably far better acquainted with dumbness than I am.

One extremely useful piece of management kung-fu to remember, if you find yourself up against an “early adopter” is to rely on your peers. Several years ago I had a client who was preparing to spend a ton of money on a technology without testing it operationally. I suggested offhandedly to the senior IT manager in charge that he should send one of his team to a relevant conference (in this case, LISA) where it was likely that someone with hands-on experience with the technology would be in attendance. I proposed that the manager have his employee put a message on the “meet and greet” bulletin board that read:
“Do you have hands-on experience with xyz from pdq.com? If so, I’m authorized to take you to dinner at Ruth’s Chris if you promise to give me the low-down on the product off the record. Contact, etc…” The IT manager later told me that a $200 dinner expense saved them over $400,000 worth of hellish technological trauma.

It really is easier to not do something dumb than it is to do something smart. The trick is, when you avoid doing something dumb, to make sure your superiors know you navigated around a particularly nasty sand-bar and that you get appropriate credit for being smart. Isn’t that the ultimate expression of professional kung-fu? To get credit for not doing anything?!

The Minor Dumbs

These dumb ideas didn’t quite merit status as “The Dumbest” ideas in computer security, but they’re pretty dumb and deserve mention in passing:

  • “We’re Not a Target” - yes, you are. Worms aren’t smart enough to realize that your web site/home network isn’t interesting.
  • “Everyone would be secure if they all just ran ” - no, they wouldn’t. Operating systems have security problems because they are complex and system administration is not a solved problem in computing. Until someone manages to solve system administration, switching to the flavor-of-the-month is going to be more damaging because you’re making it harder for your system administrators to gain a level of expertise that only comes with time.
  • “We don’t need a firewall, we have good host security” - no, you don’t. If your network fabric is untrustworthy every single application that goes across the network is potentially a target. 3 words: Domain Naming System.
  • “We don’t need host security, we have a good firewall” - no, you don’t. If your firewall lets traffic through to hosts behind it, then you need to worry about the host security of those systems.
  • “Let’s go production with it now and we can secure it later” - no, you won’t. A better question to ask yourself is “If we don’t have time to do it correctly now, will we have time to do it over once it’s broken?” Sometimes, building a system that is in constant need of repair means you will spend years investing in turd polish because you were unwilling to spend days getting the job done right in the first place.
  • “We can’t stop the occasional problem” - yes, you can. Would you travel on commercial airliners if you thought that the aviation industry took this approach with your life? I didn’t think so.

Goodbye and Good Luck

I’ve tried to keep this light-hearted, but my message is serious. Computer security is a field that has fallen far too deeply in love with the whizzbang-of-the-week and has forsaken common sense. Your job, as a security practitioner, is to question - if not outright challenge - the conventional wisdom and the status quo. After all, if the conventional wisdom was working, the rate of systems being compromised would be going down, wouldn’t it?

taken from http://www.ranum.com/security/computer_security/editorials/dumb/

Posted in Miscellaneous, General Technology | Comments Off

USP: Revisited

Monday, February 18th, 2008

Back in December (see post) I wrote about how having a USP, or Unique Selling Proposition, was of little importance and most companies shouldn’t bother. That was a sort of a firestarter posting and I’m glad I did it because it has given people a reason to speak out. Since then, I have received all kinds of feedback from a variety of different types of people.

One bit of feedback I received recently sticks out in my head- from a marketing consultant in Atlanta. He said that a USP doesn’t need to be very complicated, it just has to be unique. Take this example: You run a dry cleaners. You used to say “top in customer service” and thought that this was your USP. However, what if you said “less than 1/4 mile off of I-85, exit 97.” This may bring you more business than anything else because people want their dry cleaner to be quick and convenient. Sounds unique to me.

To add to my previous post I also want to remind people that not every business will be all that unique. It’s something that you don’t hear many business-to-business companies saying- ESPECIALLY not marketing companies. Why? Because they don’t want to alienate potential customers. Not all companies need to worry about it. There are thousands of small businesses in America that are simply there to provide jobs for their owners and a handful of employees. The only thing that makes the convenience store down the street unique from the other convenience store down the street is that there’s a different person at the register. And do most people really care? So you’re going east instead of west. That’s how your decisions are made.

The point is, unless you need to figure it out, you might not need to spend so much time or money worrying about the USP. You might just need to work on your cash-flow instead. (or team-building, organizational management, yadda yadda). Visualize this one: two Hondas pull off the assembly line. One is red, the other blue. The red Honda has oil changes every 3,000 miles, regular tune-ups, maintenance, and the driver never hits a pothole. The blue Honda only gets an oil change every 10,000 miles, the driver doesn’t bother with tune-ups and I think you see where this is going…  After 150,000 miles, which do you think is more likely to burn oil and spew nasty smoke out of the tailpipe? Neither is unique, they’re just operated differently.

Posted in Miscellaneous, Marketing | Comments Off

Website Security

Monday, January 21st, 2008

I recently had a discussion with a business owner who, no matter how I reasurred her, refused to give her clients the option of online payment.  She said it wasn’t safe.  This is a concern for not just the baby boomer generation, but is a worry that has seeped through to even some high school students who believe their unsecure cell phone texting is more secure than online transactions. 

According to a recent study paying online is actually safer than by phone.  Phone payment can be a concern because you rely on people instead of computers to take down your information and use it appropriately.  Identity theft is also a hot button when talking about paying online.  The truth is that there is more identity theft person to person when someone overhears you giving your social security number or scanning your driver’s license.  Often times the reason people run into trouble with online payment is that they don’t follow a few simple internet rules.  The following is a list of great guidelines to follow:

  • Never respond to e-mail messages from third-party payment services asking you to confirm account details, such as passwords or other personal information. 
  • If you need to update your account information, visit the website and login.
  • Check if the seller has been a verified member of the payment service for a few months or more.
  • never use your account to transfer money for someone you don’t know. Always go through a website payment option.  (This is a good tip when using Ebay or Amazon).
  • Be careful when you purchase more expensive items such as jewelry (it doesn’t hurt to get a site recommendation for retail items from a friend or site ratings).

By being smart about your personal information, you can easily keep all of your private information private.  Jaymunda is an official Authorize.net reseller.  All of our clients have the option of adding this secure payment feature, many for less than the annual cost of a Paypal account.   If you are not a client and are interested in learning more, you can contact us through our website at www.jaymunda.com  

Posted in Miscellaneous, General Technology | Comments Off

« Previous Entries
Next Entries »
cialis propecia viagra xenical and meridia dreampharmaceuticals order propecia online viagra errection viagra efffects when used by women order tadalafil capsule pain whilst using xenical tadalafil manufacturing viagra doses prices com net org clonezepam versus xanax xanax uk xanax alprazolam zanax xanax safer than ssri's panic didorder phentermine cheap diet pills order online phentermine buy 2mg xanax without prescription soma sonic crazy moon lyrics alcohol and valium wet the bed tramadol urinalysis testing coming off valium medical information ambien klonopin ultram affect side herbal viagra alternative viagra us drugs stors fosamax dental bone loss ultram in 9 panel drug test florida in phentermine phentermine under $125.00 fioricet fioricet cost low ery ambien wellbutrin withdrawal help how to come off ativan phentermine online from miami cialis pils tramadol and pregnancy hair loss with wellbutrin adhd paxil effexor ambien cr extended-release tablets doses tramadol anxiety propecia hair loss ht blue sildenafil paxil price dosage amoxicillin for lyme disease propecia and dietary supplements tramadol cod saturday geometric structures of amoxicillin cat valium withdrawal distributions sp cialis es alli xenical diet pill 65 90 ultram trazadone xanax interaction phentermine cod delivery paypal can you drink alcohol with paxil zoloft tramadol interactions valtrex nasonex tramadol ativan and smoking cessation u 2241 viagra worldwide phentermine india pharmacy zyban phentermine blue yellow cooper pharma sildenafil active ingredients in amoxicillin phentermine blue clear capos ambien pregnancy buy xenical propecia viagra egypt soma rc crane viagra kamagra cialis c o d adipex ultram and osteoporosis ativan during pregnancy edinburgh uk viagra tid news moo viagra dosage paxil cr sex xanax alprazolam side affects cialis discount coupon amoxicillin tropical fish fosamax irregular heart rhythms insomnia ambien studies rheumatoid arthritis and tramadol order phentermine overnight valium safe in pregnancy non medical use viagra 1buy generic cialis buy viagra professional adipex affiliate paxil generic available how long before ultram begins working diet plan for xenical amoxicillin allergy migrane how many ambien can kill ambien and trazadone how viagra works in the body ultram and multiple myeloma serious side effects avinza wellbutrin adipex and drug testing moteur de recherche sp cialis side effects xenical finding phentermine 90tabs ship compare phentermine xanax and buspirone hydrochloride phentermine no prescription us pharmacy phentermine yellow 6hair loss shen min rogaine propecia us pharmacies for wholesale phentermine we to buy phentermine viagra next day shipping cheap tadalafil 36 hour cialis gooding fast delivery cialis case law regarding viagra xanax shapes colors buy valium in tijuana buy adipex c o d gain weight from wellbutrin fioricet cheap fioricet birth defects phentermine free shipping no prescription needed viagra plus cialis no prescriptions needed adipex paxil advertising viagra mode of action zithromax for broncitis ambien used as a sedative tramadol images propecia adverse paxil and leg pain i want to purchase phentermine weight loss with paxil zenegra sildenafil natural is mexican viagra real viagra for animals viagra alternative ne propecia rogaine finasteride minoxodil strep amoxicillin dosage who makes ambien bontril protonix evista evista fosamax miacalcin osteopenia treatment alprazolam counter indications sildenafil 50mg kamagra tablets evista manufacturer wellbutrin missed dose how works clomiphene sales ultram who invented the soma cubes paxil use and genetic testing phentermine mg tablets us licensed pharmacies cock s on viagra consultation xanax alprazolam order anxiety wellbutrin sr with duradrin phentermine ingredients pharmacy discounter tramadol blood preasure zyban breggin alzheimers and ambien zithromax and breastfeeding generic viagra sildenafil phentermine hci ingredien viagra college roomate stories order tadalafil by mail paxil and breast feeding what is xenical medicine data sheet tramadol generic viagra levitra and tadalafil dreampharmaceuticalscom levitra online order amoxicillin picture of tablet low price tramadol purchase ambien online with a prescription compare price tramadol paxil long term effect cheap propecia 5mg propecia discount vitamin amoxicillin max dose diarrhea amoxicillin 500 mg no phentermine rx online levitra online cheap phentermine 37.5 no rx viagra cyalis 2mg green xanax ativan morphine interaction ambien interaction alcolhol ambien 1275 phone call viagra vendor paxil drug information phentermine norvasc fedex delivery cod tramadol phentermine without contacting your doctor xanax abuse effects and dangers amoxicillin and cold medicine phentermine 37.5 90 sale heart disease celecoxib xenical co uk tadalafil clinical trials and study overnight xanax alprazolam delivery phentermine cheap no prescription arkansas adipex fastin ativan drip mcdonough georgia phentermine soma mandal md rush limbaugh viagra adipex p addiction tadalafil money order online vertigo from adipex hydrocodone and tramadol effects clomiphene ovolation ultram from pain in knees with tramadol free trail of cialis g3721 xanax picture us pharmacy no prescription ambien pfizer viagra generic anxiety disorder and wellbutrin difference between xenical and alli symptoms which valiums may help ativan inj info on the drug diazepam valium lethal dosage ativan sd soma difference in blue and yellow phentermine discount for cialis viagra in women adipex phentramine who is the levitra woman actress women does viagra work zenegra sildenafil rectal fissure amoxicillin suppliments interaction supplement of propecia fioricet and migraine increased appetite on generic wellbutrin xl wellbutrin medicine dosage ups delivered tramadol alternative for paxil tramadol without prescription overnight delivery propecia does it work tramadol computer cheap cialis viagra actavis phentermine smoking while taking wellbutrin pills cialis euphoria tramadol symptoms of weaning from paxil fosamax 5mg funny viagra pictures 5 how to make sildenafil valium no prescription needed is evista abelha rainha cheap phentermine 37.5 online md amoxicillin buy online no prescription zithromax for chlamydia cialis online all information about tramadol headache ultrams pharmacology business and finance adipex diet pill wellbutrin generic vs tabletki zyban order tramadol next day shipping canada online pharmacy viagra six co uk buy prescription propecia soma club boulder co cheapest phentermine no rx online viagra reviews phentermine canada 37.5 levitra prescription on line generic viagra pill tramadol hcl 50 mg description medication my dog ate a viagra phentermine on-line doctor zithromax allergic symptoms purchase phentermine get it online vasoderm better than viagra phentermine sustained release ambien coma buy zyban uk phentermine 37.5 free shipping doctor online do not take zithromax with prilosec viagra logo items alprazolam in italy starting paxil after quitting paxil and high colesteral phentermine pay with cod amoxicillin vs ampicillin viagra generic ordering good service buy phentermine with discount effect of cialis on women glucophage and dieting wellbutrin effect if not depressed ativan no rx female levitra tramadol hydrochloride contraindications loratadine levitra and nancy bryan viagra san luis colorado tamoxifen wellbutrin interaction german pharmacies that sell xanax tramadol with cymbalta zenegra generic sildenafil tramadol use for pets soma product valium vicodin prescription no rx phentermine ship fast alcohol xanax addiction taking ambien for a month diet pill adipex cause death ovarian cysts and glucophage buy cheap valium buy evista versus fosomax 6buy cheap propecia online structure of levitra 3g amoxicillin oral dose ambien cr 7 days free cialis pharmacology soma intimates free shipping codes viagra s sibutramine sildenafil buy brand adipex online xenical getpharma the real pharmacy tramadol valium combination xanax graffiti phentermine in mexico levitra and price list buying propecia in japan pcos and glucophage success stories kentucky valium cod lupus and paxil cialis levitra free sample viagra falls southern rock ativan insomnia paxil sexual dysfunction viagra pinup ambien online pharmacy without prescription the viagra myth argento soma ultram er dosages tramadol breastfeeding evista art pro alprazolam 0.5 256 muscle relaxer soma soma pregnancy category drugs similiar to viagra wellbutrin delay orgasm german viagra substitutes zithromax and marijuana phentermine discretion fedex overnight ambien viagra 50mg uk buy viagra uk soma strokes phentermine on sale purchase amoxicillin tramadol 25mg amitriptyline phentermine 37.5 online rx wellbutrin sideeffects cheap us phentermine amoxicillin no rx dr charles soma phentermine through body building phentermine tablets no rx sex viagra xanax phentermine without prescription c o d order c o d fioricet canadian prices for viagra wellbutrin affects male fertility tramadol saturday delivery drug interactions between chantix and wellbutrin zyban manufacturer interaction with ultram er list generic brands of valium more pill sildenafil sperm phentermine no prescription usa pharmacy cheapest viagra online in the uk prozac and wellbutrin cocktail inject xanax how too discount generic zyban aura soma oracle wellbutrin norco interactions dictionnaire sp cialis en mercatique akane soma photo phentermine delivered next day soma sniffing phentermine getmeds online generic ultram dream pharmaceutical comprar viagra brasil xenical and flabby skin fosamax in gastric bypass surgery generic ultram picture ambien anaphalyxis snorting valium ultram sensitivity screen test viagra and pulmonary edema zantax anxiety what is fioricet fioricet saturday fedex delivery soma prices levitra diarrea soma hernandez pictures evista online buy canin valium first generation of ativan valium dosage amount buy phentermine online wothout rx discount online phentermine fda approved medications soma experience pharmacy xenical colors of valium drugstore phentermine online phentermine w o perscription wellbutrin cranky wein from xanax to klonipin amoxicillin no prescription required wellbutrin xl overdose wellbutrin causes osteoporosis 193 web levitra 278 buy phentermine viagra meridia ultr fake phentermine save generics side effects of levitra jh solutions buy ultram online ordering propecia how do you feel taking zyban ambien drug information xanax alcohol peripheral neuropathy works viagra valium wisdom tooth description and pictures of viagra levitra play split cialis zithromax and birth control clomiphene rx phentermine without a precription xanax how many mg to overdose viagra online rss feed adipex at cost preparing alprazolam for injection xanax and ritalin combination order ultram pill tablets brand fioricet generic viagra in neonates paxil generic teva online generic cialis sildenafil oral jelly paypal find tadalafil online getting soma online cash on delivery high dose ambien at bedtime tadalafil kaufen paxil side effects chest pain bupropion xl vs wellbutrin xl street value viagra viagra free viagra find charles edinburgh tramadol c o d only cialis lead investigator wellbutrin side effects increased appetite alprazolam birth defect free consult phentermine us 5 sildenafil citrate prices valium waltz paxil cr 37 5mg ativan overnight in canada online mexican pharmacy phentermine tenuate street value of ativan free glucophage buy prescription online zyban retin-a ordering valium citrate generic name sildenafil viagra cialis blues wellbutrin eating disorder canadian phentermine without prescription stopping ambien during pregnancy cialis drug appearance tadalafil tadalafil bialis india overnight fedex phentermine canadian cheap adipex tramadol online rx chief overdose on glucophage buy ambien overnight delivery fosamax plus cmi incidence of sweating in tramadol er phentermine diet plans dangerous effects side zyban reviews on taking phentermine genetic viagra generic cialis pills for women adipex click here viagra online shop in uk viagra amp the red meat connection buying phentermine blue white 37.5mg ativan compare xanax paxil and its side effects wellbutrin no prescription needed ultram weight pill cutter propecia dosage cheap phentermine 15mg 3 months 180 xanax birth defects alprazolam vs xanax xanax logo mix xanax and clonozopam xanax prolactin medical use of viagra discount viagra and cialis order clomiphene xanax performance anxiety sildenafil drug interations order phentermine online phentermine phentermine saturday kennedy ambien wellbutrin adipec generic ambien internet pharmacies adipex no prescription no doctor authorization what is tramadol 377 viagra 100 pic ultram itching 7buy ambien buy phentermine no prior rx reid finn valium adipex interactions fosamax and teeth and jaw bone online phentermine 37.5mg prices xenical or orlistat fedex overnight delivery codeine ultram tramadol low price zyban rx soma metallic body odor paxil is zithromax safe for pregnant women i love tramadol free xenical weight loss information online buy fioricet 3 dangers of generic cialis pills potassium gates of neurons function valium order phentermine online uk cialis symptoms ativan life span ambien cr long term use phentermine hydrochloride a 167 klonopin and ativan soma lotus xanax 10 mg zyban bupropion hci propecia and feminine ambien tox screen online drug purchase levitra safe alternatives to paxil ambien tattoo xanax overnight delivery no prescription buy no script phentermine adipex discount online pharmacy soma bringer buy soma wellbutrin with herbs 1333 info levitra 1920 chemicals tramadol hydrocloride zithromax liquid dosage the truth about fosamax aura soma sale phentermine sale ambien effects long side term use false positives with amoxicillin tp lecturer soma can you mix amoxicillin with milk paxil and erections sex cialis buy valium on line pharmacy online phentermine no prescrition lexipro and xanax valium dose for anxiety evista ad soma company how to wein off tramadol levitra blood urine phentermine fed ex overnight delivery pay pal order soma cheapest phentermine 100 37.5 adipex predinsone buy clomiphene levitra cooper buy drug satellite tv buy xenical flexeril ultram buy ambien cr no rx fioricet during pregrancy valium allergy 4 buy tramadol does xanax show on drug test fosamax tooth extractions soma compound with codeine soma no prescription needed drug effects paxil side buy zyban cheap information drug viagra phentermine pill slimming uk action attack celecoxib class heart weaning from ambien feline's and valium pharmacy online phentermine combined alcohol and valium withdrawal symptoms cheap phentermine online free prescription cheap viagra online pharmacy online how much pseudoephedrine in phentermine left facial pain in wellbutrin withdrawal no prescription cheap tramadol fda celecoxib wellbutrin cause of ulcers order fioricet overnight saturday delivery overnight tramadol wellbutrin vitamin b 6 gained weight back after phentermine steve soma portland or order oklahoma ambien cod prescribing information valium phentermine online get it here difference between phendimetrazine phentermine zithromax fdog cialis after priapism english to soma online dictionary coumadin statin glucophage followup labs regalis prices generic tadalafil tramadol cat medication wellbutrin antidepressant xanax mylan 477 xanax for tobacco cessation effects paxil positive what is wellbutrin prescribed for chlorpromazine lexapro wellbutrin ambien dosing amoxicillin is it penicillin paxil for premature attorney celecoxib effects side pain reliever tramal search tramadol capsules buy cialis onli ne phentermine horny buy phentermine cheap without prescription net cialis can amoxicillin causing yeast infection evista side effecfts generic levitra online low blood pressure viagra warning ativan facts c20 viagra paxil paxton phentermine fed-ex cost of clomiphene citrate soma watson brand picture better deal tadalafil ic amoxicillin adipex using american express what is alprazolam used for cheap phentermine free shipping free consultation propecia claims cialis for seniors side effect propecia alprazolam allergic reaction canine how to get off xanax amoxicillin price ambien online scams reviews over the counter xenical diet medicine zenegra glina tadalafil sildenafil sex medicine welcome phentermine buy cheap phentermine online online phentermine with no prescription proper tapering from wellbutrin pravachol ketamine foradil paxil christine brooklyn xanax generic name for xenical buying levitra in mexico fosamax renal cheapest priced propecia phentermine mail order no prescription viagra for doggies what is alprazolam taken for valium highs price levitra tramadol fedex overnight shipping adipex online descriptive adipex online details phentermine without prescribtion non-generic phentermine no adverse effects with paxil cry thou blessing cialis cty anti anxiety valium phentermine low cost online soma muscle clomiphene citrate information sildenafil price any tried phentermine phentermine illegally order cheap viagra xanax or klonipin viagra single dose tadalafil or cialis valium calming effect of nervous system better discount tadalafil drug testing tramadol viagra makes you blind tablets free brand consultation fioricet facts viagra tylenol amoxicillin dosage for puppy xanax natural fioricet side effects when did wellbutrin go generic viagra pay with paypal casm you snort ativan xanax placebo viagra email offers gardnerella zithromax treatment xanax online pharmacy free consultation zithromax urinary tract cialis home page mechanism of death due to fosamax alprazolam schedule tadalafil faq what kind of medicine is alprazolam buy phentermine without doctor xenical available overcounter htp paxil fosamax 12 zyban smoking depression wean cat off valium buy phentermine on-line physician substitute for viagra tramadol florida pharmacy add treatment wellbutrin can amoxicillin help bronchitis soma hotels zyban hormonal reactions tramadol 3f xanax ekg changes online pharmacy ambien levitra brunette photos get tadalafil when does ambien cr become generic frontal hair loss propecia mirtazapine alprazolam fioricet 3 with codeine fosamax 10mg long term effects and ultram buy xenical without prescrption deal good propecia aquafish amoxicillin antibiotic wholesale phentermine information from order valium with a doctor consultation soma style hot cup phentermine a159 mp273 instructions zyban the truth about adipex symptoms of phentermine withdrawal levitra longevity buy phentermine with no prescription cod find cheap on line phentermine pills order by 2pm get phentermine overnight zithromax image depression and viagra buy phentermine 15mg tramidol and paxil interaction cialis dreampharmaceuticals online prescription ultram personal testimonies soma ambien cr and acetameniphen 10-day treatment with amoxicillin bronchitis advantage with viagra adipex drug phentermine vs soma purchase discount ultram order online effectiveness of ultram ambien and e d 30 mg ultram cheap soma no rx cod accepted wellbutrin and clenbuterol effects valium withdrawl symptoms ads for cialis ultram suppliers cheapest phentermine 37.5 what drug class is tramadol levitra alpha blockers buy via