The Perils of CRIMPing
< Next Topic | Back to topic list | Previous Topic >
Posted by Ken
Jun 6, 2015 at 05:20 AM
Advance apologies for the partial rant, but I thought I would share the following CRIMP related story for your amusement and as a possible warning. As you may recall, I have not been happy with my task management software of late, Asana, and have again been looking for a possible program to use at work. I am again heading into a very busy period of work and the trial of Todoist was just not fully cutting it as a replacement for Asana. I decided to look at some other possible alternatives, including some software that I had previously considered, and was doing a bit of research on the web about some previous possible contenders that we had discussed here in prior posts. My research included a look at MyInfo again, including a quick look at what kind of files were available for download. While I clicked the download link to see the file type, which happened to be an EXE file, I cancelled the download when prompted because we are not permitted to download files at work. I also revisited AllMyNotes, of which a no-install portable copy was on my machine from a previous trial. Upon opening the application, I was greeted with a screen telling me that my trial had ended, and offering me several options for continuing. I decided not to take any action other than to close the application.
I then resumed working and had a large number of email messages open while I was trying to track the latest version of a number of documents that had been circulating among a number of parties. I was also engaged in a somewhat intense phone conversation when one of our department’s IT staff approached my cubicle and was standing there staring at me. I waved him off as I was at a very critical point in my phone call when he started shaking his head at me. I abruptly, and apologetically, ended the conversation only to be told that the main IT department had been detecting traffic from my machine to servers in Germany and elsewhere in eastern Europe, and that they had detected what appeared to be the Angler exploit. I was told that my machine had to be immediately unplugged from the network, and that my hard drive was to be “flattened” and a new image would be installed.
With only a minute to see what was on my C: drive, my machine was then immediately removed right in the middle of work. Now, I cannot say what I exactly infected my machine because they were not going to analyze it due to work load issues, but I was not a happy camper to say the least, and I am left to wonder if some server that I may have connected with was infected. I am also not going to say that either of these software sites was the culprit because the infection could have happened from almost anywhere, but I will say that I am probably going to stick with web-based applications at work from now on to avoid this kind of fiasco. Needless to say, it was a very frustrating day, and I am no closer to finding some software that I find up to the job. I would say the search continues, but I will be spending a large amount of time trying to rebuild my new computer next week, just as I had to do when they gave me a loaner today. No good deed goes unpunished in trying to be a more productive worker. End of rant.
—Ken
Posted by Stephen Zeoli
Jun 6, 2015 at 12:46 PM
Wow, Ken. That is a cautionary tale. Makes me wonder how many of us without a heads-up IT department end up with that kind of infection without even knowing it.
As to your task management search, I am becoming more impressed with IQTell, at least with the web app. Haven’t really used the iPad client much, so not sure how that works.
Steve Z.
Posted by Ken
Jun 6, 2015 at 03:09 PM
Stephen Zeoli wrote:
Wow, Ken. That is a cautionary tale. Makes me wonder how many of us
>without a heads-up IT department end up with that kind of infection
>without even knowing it.
>
>As to your task management search, I am becoming more impressed with
>IQTell, at least with the web app. Haven’t really used the iPad client
>much, so not sure how that works.
>
>Steve Z.
Yes, it was a bit cautionary, but it was also frustrating because they did not share any details with me. It might very well have been Angler, or it could have been something like AllMyNotes just “phoning home” to offer me post-trial options. And, while I have not had the time to look up additional information about Angler to see if typical AV/malware/firewall software will detect and prevent it on a PC at home, I could just as easily have conducted that search at home. More frustrating is that I am now very gun shy about using any portable/no-install apps at work, especially if they “phone home” abroad, legitimate or otherwise.
—Ken
Posted by Dr Andus
Jun 6, 2015 at 03:12 PM
Hi Ken,
That sounds like a pretty good IT department you have there… Regarding the infection, maybe that’s one more argument for using a web-based task management tool.
If you don’t mind me saying so, it seems to me that your search for a solution is a bit too focused on the tools, rather than on the problem to be solved. I’d suggest to approach it the other way round.
Work out your preferred workflow first, and then look for the tools that best fit the steps in the workflow. Chances are that you might need to assemble two or three different tools to accomplish your workflow.
There is a danger that if you choose the tool first and try to fit it around your workflow, then it’s someone else’s idea of a workflow that is being forced on yours, and inevitably there won’t be a perfect overlap.
I realise that finding one perfect tool might sound preferable to having to work across three tools, but it might not be as onerous as it sounds. Sometimes it’s just a question of switching between two or three tabs in a browser, and sometimes they may even allow direct links to each other.
If you absolutely need to use a local PIM database of some kind, you could also look for a portable one on a USB drive (if your IT system allows it).
Posted by Dr Andus
Jun 6, 2015 at 03:16 PM
Ken wrote:
>More
>frustrating is that I am now very gun shy about using any
>portable/no-install apps at work, especially if they “phone home”
>abroad, legitimate or otherwise.
Oops, I didn’t see your message before I posted mine. I didn’t realise a portable app would do such a thing (?)