info@qualityplusconsulting.com l +1 262-553-6510

Special note for Ubuntu users

Breakfast Bytes podcasts are streaming MP3. In order for Firefox on Ubuntu to play the streaming MP3, install the GStreamer extra plugins that list MP3 as one of the supported formats. GStreamer can be obtained through the Ubuntu Software Center.

Breakfast Bytes - Browser Cleaning Tools

 

5/17/2014

Browser cleaning tools and the scam that is WorkMarket

I encourage everyone to use the free standalone tools on http://www.nirsoft.net under the Browser Tools category to inspect and clean their browser leftovers. Some browser leftovers are cookies, search history, browser cache, and other items. You will be shocked to see the detail about your internet browsing history that can be learned from this data.

Nirsoft makes standalone tools that require no installation. I suggest you put them in C:\Windows\System32 so that you can launch them from the Run menu by name. You could alternately download the ZIP files, extract them all to the same folder, and create desktop shortcuts to the EXE files.

Internet Explorer is a more secure browser because of its ability to control content more effectively. However, Firefox has some advantages such as allowing the use of AdBlock Plus and HTTPS Everywhere. Both browsers work with the DuckDuckGo search plugin. And you can use StartPage.com as your secure search engine in both.

In this show, I discuss the issues with Java, and how application developers that have secure requirements are completely failing to use a secure version of Java. This forces insecurity upon anyone and everyone who has to use their application. If you are one of those people, you may have no choice but to use different browsers for different purposes. And the entire security of your system is based upon your ability to be disciplined in the proper use of those browsers for their restricted purposes.

This show also covers some of the issues with WorkMarket. Basically, WorkMarket is a website where people with task-based jobs offer up the jobs to be completed by the first response lowest cost bidder. Often, these jobs are posted by national IT service provider firms that have no local presence, but hey need local smart hands onsite at their client site in order to do some tasks.

I have seen jobs posted for:

  • Installation of TVs
  • Installation of wireless access points
  • Installation of point-of-sale systems
  • Installation of printers
  • Rebuilds of computers
  • Virus removal tasks
  • Network firewall installation
  • and more

I consistently see major problems with these jobs that are posted. I have yet to see a job posted that any qualified IT service provider would actually accept for the pay that is being given.

One of the most egregious ones I have seen is a scope of work that would easily be 5 - 7 hours of work listed for $50/hr for maximum of 3 hours. So the question is who is willing to do this work? I have seen several jobs listed for scope of work including back up of computer data and full rebuild of computer. HOWEVER, the end user doesn't have the operating system CD/DVD. Therefore, if you show up and install an OS on that computer, you either have to provide a new license for the OS, which obviously greatly exceeds the value of the scope of work, OR you are installing a pirated OS.

I have seen jobs posted by national IT service providers calling for work to be provided to Quizno's, Carmax, and many other franchise-type businesses. You have to wonder the qualifications and motivations of the people that are willing to work for negative income. Not only does the amount being offered not cover the scope of work cost, but it doesn't cover drive time either. And whoever does the job still has to pay income tax on top of that. So basically, they didn't make any money. Not only does the payment not cover their costs, but it actually results in negative income because they have to pay taxes on this fake income that didn't cover their costs.

So you have to wonder what motivates them to take the jobs? Are hackers who are interested in tapping into point-of-sale systems to get credit card information to sell on the black market taking these jobs? What integrity system exists in how WorkMarket allows these jobs to be fulfilled by people who are low-bid contractors?

Some of the job posters do require background checks for people who accept the jobs they post. I see some benefit there. But if I was running the national IT service firm that provides service to Carmax, I would reach out to a regional IT service provider and setup a contract with them for hands-on service. The problem is that I see these local competent providers being viewed as competition to the national company. I also don't see how the national provider could make any profit on those transactions. But should they be?

It seems to me that they should be willing to turn over their entire hourly rate to the onsite provider in order to have a high enough quality provider that they can trust to not be doing malicious things to their clients' computers.

My perception is that given the extremely low payout of the jobs being offered, no legitimate IT service provider would take those jobs. I have seen many jobs posted that included illegal or unethical components of the scope of work such as installing unsupported or pirated operating systems. No ethical IT service provider would do these things.

So who is completing these jobs posted on WorkMarket, and what risk exists to consumers of companies who are serivced by these people?

Linkedin