The Newspaper is Dead

Long live the newspaper!

Nope .. not like me at all. This is me:

• While I appreciate the USA Today that finds its way to my hotel room door, I usually pass it by.
• There are times at the gym that my Zune battery is dying or in the waiting room and my mail is caught up.
• Those pretty pictures sometimes catch my eye and I skim through the articles.

The bulk of the time (even by an overly-optimistic 80/20 rule), the newspaper is irrelevant to me.

So, where is the value of the daily rag? Is it:

• with older-than-50-somethings (for the record, I’m 50) as their primary source of news?
• with folks who simply refuse to “connect”?
• with folks who just like to get their hands dirty?

Besides hotels, who is buying enough newspapers to keep the industry alive?

In short, no one. Like all businesses facing the power of the Web, newspapers have to adapt, or become extinct.

One way to keep a profitable bottom line is to reduce staff .. but you need to reduce the right staff. With automation, you probably don’t need as many printers, but you need enough folks to run the machinery. This leaves assistants, sales people, managers, editorial staff and reporters .. the latter two being the most critical to maintain content quality.

I’m afraid to ask which groups the newspapers have cut .. there is a site called Newspaper Death Watch with all the latest stats (update to the 2008 version of this post).

As to evolution, the blogosphere is full of “me too” types. Now, I raise my hand: guilty as charged for a 1/3 of my content. Many bloggers just read news and other blogs and then post their opinions about them. In my defense, I post the link either as a supporting story, or I’ll make a glib comment and expect the reader to make the connections that are relevant to them.

However, the “me too” folks need something with which to start, and that something is a news story, captured by a reporter, edited by an editor and published in one form or another. Our news consumption would suffer greatly if we cannot retain / replace the news generated by the newspaper industry.

So .. the problem is not editorial or in content generation, it appears to be in deployment. Can the newspapers afford to race to an all-online model before they run out of dough?

SearchEngineLand posts a detailed commentary of the newspapers’ plight in “Can Newspapers Be Saved?” (2008 reference).

What do you think?

Original Post: August 18, 2008

Free Wi-Fi: Safety and Security be Darned!

You probably already know that Starbucks offers Wi-Fi free of charge at their locations. Some exceptions include ‘franchise’ stores like those at airports (which are typically belong to the food service provider that owns the relationship with the port).

There is a ton of free Wi-Fi out there; intentionally, or not. Access is available legitimately, or by “Wi-Fi Roguing” (stealing wireless Internet from unprotected networks) to private networks.

When looking (in advance, of course) use your search of choice; start with “WiFi zip code” in a search box; both Bing and Google will provide you a list.

So now you’ve found some Wi-Fi .. but you should be concerned that non-commercial / non-sponsored Wi-Fi may not be secure.

Free Wi-Fi at Starbucks, Panera Bread or some other gathering place, falls into the ‘sponsored’ category, as does your local coffee shop, community center, etc. I would expect sponsored Wi-Fi to be legitimate; safe from folks who might collect credentials. Since you really don’t know the operator, this is a risk, and your corporate IT may suggest / insist on the use of a Smart Card or secure proxy.

When roguing, you’re totally at risk when you connect to an unknown network; whether owned by random private individual whose condo is in range, or some punk with a laptop putting up a familiar (think: ‘linksys’, ‘netgear’ or “Free Public Wi-Fi”) SSID.

Hell, even commercial SSIDs run the risk of being spoofed. See “Wi-Fi Access Point or Account Credential Honeypot?” for a detailed walk-through of my observations in range of a (most likely legitimate) AT&T public Wi-Fi hotspot.

If in doubt, don’t connect.

Original Post: October 15, 2007

Wi-Fi Access Point or Account Credential Honeypot?

I shouldn’t have to say this as we all know better, but here it is: We need to exercise caution when connecting to ‘foreign’ Wi-Fi signals.

I’m no stranger to ‘roguing’, but I’ve recently become aware of significant security risks associated with connecting to unknown networks. Here is some food for thought:

You’ve seen this image before, I’m sure. It’s a peer-to-peer (computer-to-computer, versus access point-to-computer) networking icon. You should NEVER (except under the circumstances when a known and trusted user is sharing their connection with you), connect to a wireless signal that has the peer-to-peer icon.

You may see these icons when looking for Wi-Fi signals in busy public places. They are broadcast because of an unusual feature of older Windows versions wireless network stack that causes a computer to broadcast the last-connected SSID when not connected to a wireless network.

I STRONGLY suggest you edit the advanced properties of your wireless network card to connect ‘to ‘Access point (infrastructure) networks only to filter them out.

My flight was delayed at SeaTac the other day, so I did my usual “is there a wireless network in the building in the building that I trust" search. I have a T-Mobile account, and sometimes I get lucky. In this case, there wasn’t.

However, there was a seemingly-helpful AT&T access point in the building. Nothing against AT&T, it’s probably a legitimate hotspot. But their login page was interesting, offering a list of ‘other providers’ (presuming a reciprocal relationship with AT&T), on the left.

It’s a healthy list, but none of which I have an account. Ah, being helpful, there’s an ‘Other Provider’ link at the very bottom.

Once you find an Access Point, you should NEVER connect to a wireless network using your credentials from another wireless network (i.e., T-Mobile via xyzzy Wireless) unless you enter your credentials into your native wireless account logon page (I have seen services that do this, redirecting to a T-Mobile login page that ‘advises’ the local wireless the account credentials are valid).

You have no idea how your credentials are being used. If you post your credentials to a foreign wireless site, you have just given your login and provider information to an unknown party who might use it for illegitimate or illegal purposes, leaving you to hold the bag or pay the bills.

To finish this story, I filled out the login page like this (I didn’t log in, of course):

Let me point out that it would take a mediocre hacker about ten minutes to set up a page and host it on a laptop with a web server in an airport. In a busy public area, I’m confident a hacker could collect a pile of logins in just a few hours. Make the login experience compelling enough, including enough providers and data-hungry travelers will happily post their credentials rushing between planes. A polite "we cannot confirm your credentials at this time" message, and the traveler is none the wiser.

Be wireless-safe, people.

Original Post: August 18, 2006

Do you fear change?

I think we all do.

Change for the better, change for the worse.

Change is change. You are the one who makes your change a failure or a success.

How do I deal with change? Well, being a pragmatist, I:

• am a rabid fan (and defender) of the truth: categorizing and assessing feelings and facts
• talk about it (my uplines might say: a lot)
• document (like a fiend) and present compelling arguments

Am I confronted with change? Why, yes; yes I am. How am I going to deal with it? Well:

• I will state the truth
• I will email (I’m not in the office all that much these daze)
• I have documented and the presentations are ready.

Is my impending change good or bad? Well, it ‘is’. I’ll work with the hand I am dealt (note: pragmatism) and survive.

So, how do you deal with change?

Original Post: March 16, 2007