When your load hit the road, you always have to secure the load in the first place, otherwise there will be dire consequences, be it stopped by police or the load got loose, punitive actions will be asserted. According to Federal Motor Carrier Safety Administration’s Cargo Securement Rules, “The intent of the new requirements is to reduce the number of accidents caused by cargo shifting on or within, or falling from, commercial motor vehicles operating in interstate commerce, and to harmonize to the greatest extent practicable U.S., Canadian, and Mexican cargo securement regulations.”, all motor carriers have to use tie down devices to secure their load to prevent load from causing accidents on the road.

The basic assumption of FMCSA rules are:

  1. 0.8 g deceleration in the forward direction;
  2. 0.5 g acceleration in the rearward direction; and
  3. 0.5 g acceleration in a lateral direction.

The rules are very specific on different kind of loads and cargo securement devices, all drivers have to follow the rules to secure their loads, or suffer the consequence, it’s very clear in the text and in practice, it’s the LAW, we have to follow it, for our own and other people’s safety. But in IT world, the safety rules are largely ignored.

Have a look at recent incidents, “Norfolk Computers Melt Down”, “Broad New Hacking Detected”, the Norfolk, Va incident is classical case of malware strike, of course, all machines infected are running MS Windows, the most insecure OS ever built by human being, and it will continue be the culprit on the Internet. The second incident is a hacking through IE security hole which exists in all version of IE on MS Windows, when carefully crafted malicious web page visited by IE the machine on which IE is running will be controlled by the crackers,  all security measures are off if the machine is inside the company firewall, now the crackers gain access to company network through compromised machine. These two incidents have the exact same security hole, the MS Windows, and we hear and see these kind of security breach all the time on MS platform, yet no one seems to care.

Of course there is no FMCSA equivalent in IT world, if we have such an organization make strict security rules for using computers to access information high way(Internet), and people who use insecure products will be prosecuted if they caused damages to other people(such as propagate malware/virus), the Internet probably will be a much safer place to go. Being a responsible person, I believe we can do what we can do improve the situation, the first thing to do is to learn the basic safety rules of using a computer to access Internet, if you’re running Windows, you have to install all kinds of anti malware/virus tools, and most of times you may have to pay for these services, if you don’t how to do that you can consult Windows expert about this security thingy. Of course as long as you’re running MS Windows, you’re in danger of being compromised or already compromised but you don’t know it, ever wonder where are those spams come from? Not only MS platform, all closed applications have the same vulnerability, which is “CLOSED”, so no outsider can look into the code to spot the problem, the closed entity always has limited resource to seek and fix most the bugs.

What can we do now? Since being “CLOSED” always brings problems, “OPEN” comes to rescue. Being “OPEN” means being watched by the world, not selected a few, this way the problems will be spotted as soon as possible and the fix will be prompt, just the way we see in the Open Source world. I am not going into details here, just judge from our own experience. In 9 years we don’t have one security incident, no malware, no virus, no security breach, no mysterious system problems, we even have a few destops from 2000 which are still working great, how is this possible, you ask? It’s actually very simple, we only use free(as in speech) and open(as in source code) software on our computers, the OS is GNU/Linux, we’re running a few different flavors of Linux, U/ Kubutu, Fedora, CentOS,  etc., we’re really happy with what we can do and what we can get with system we choose, most important is the peace of mind, you know those mysterious security breaches won’t happen to your system is priceless.

Here at www.mfrexpress.com we take our own and people’s safety very serious, we only sell high quality tie down products, and we ony run secure systems on our hardware, we want to protect both ourselves and customers from being harmed by bad products, both in IT and Trucking area.

Technorati Tags: , , ,

Tagged with:  

Here at www.mfrexpress.com we’re running Zen Cart as our public facing ecommerce web site.

The reason to choose Zen Cart is pretty simple, we came from osCommerce, and Zen Cart is great successor of it.

We’ve been working with Zen Cart for a few years now, adding features, doing security patches and a lot of small improvements.

The feature list is not complete, because there are small features sneaked in from time to time.

Hardware: Dell PowerEdge 1950, a solid machine bought on ebay for $800.

Software:

OS: CentOS 5.4, a RedHat Enterprise Linux clone, we’ve been running CentOS from 1.x era, and it works great all the time and we believe it will continue to work wonders.

Important Administration features:

  • Admin Profile: you can assign different access privileges to different admin users;
  • Sales Report: A must have feature, can export CSV sales report;
  • SEO URL: Search Engine Optimization, a must have;
  • Testimonial Manager: Customer testimonial management;
  • Google XML Sitemap: Must have SEO feature;
  • Google Base Feeder: Advertise your product on Google Base;
  • Free Gifts: Customer appreciation feature;
  • Super Tracker: See where your users from and what they are doing on your website;
  • Super Order: Order management add-on, really nice  feature.

And there are more, but I’ll leave those for you to explore.

Public User Interface Feature:

  • Fual Slimbox: Nice photo gallery tools;
  • Customer Testimonial Listings: See what people say about us;
  • Pay by credit card, Paypal & Google Checkout: Choose whatever method you prefer;
  • Discount Coupon & Gift Certificate: More incentives;
  • Ask a question: You can ask questions about any products;

These are only a quick summary of all the features.

The cost of the whole thing is just the hardware cost, we’re not going to talk about the time we invested, which is just a small price to pay, and this is one of the reasons we love open and free software so much, no ridiculous licenses to purchase, maintain, keep tracking of. And don’t forget the unexpected audits some day.

Finally let’s look at the security part of the story. We always enable SELinux on our public facing server, and always run iptable firewall, use public key encryption for SSH access, apply security patches timely, document all system modifications, keep track of online security forums, so far we have speckless security record(for 9 years).

We really appreciate what we can do with open and free software, we hope you can enjoy it too!

Technorati Tags: , ,

Tagged with:  

Run your own mail server

On January 31, 2010, in Business and Open Source, by admin

Last year we had to move our main server from our office to a data center, because we had quite some blackouts lately, we wanted our public facing website and email server to be available even our office power or network is down. Since we moved  the server we’ve had a few power and network outages. Unless you invest substantially in power and network solution there are no reliable services anymore.

Actually we didn’t move the old server, we just moved all the data over to a new server (bought on ebay) then put the new server into the data center. We had the choice of hosting all our emails on other people’s server, such as GMail, Yahoo, etc., or we continue to run our own mail server.We decided to run our own service for the time being.

All of our servers are running CentOS, which is a clone of RedHat Enterprise Linux, currently at version 5.4. We’ve been running CentOS for more than 9 years now, there are no problems at all, except hardware failures. And the good ol’ Qmail is what we use to run our mail server.

We choose Qmail because of it’s simplicity yet featureful nature, of course I am talking about netqmail plus all kinds of goodies, we love the one from qmailtoaster.org, the only thing we added to it is the greylist  patch, which has been working wonderfully for us for many years now, we get one spam in almost 100 hams, which is pretty good ratio, coupled with spamassassin and clamav (actually we don’t need it, but put it there just in case) , plus Mozilla Thunderbird junk mail control, we send and receive emails through secure link, encrypt and sign important emails, keep at least 3 years email back up and 5 years archives, we have total power over our emails.

Our webmail frontend used to be squirrelmail, then Horde now is RoundCube, we love it because it offers most of the features we need and the UI is elegantly done, it’s lightweight and only needs IMAP to work. So far everybody in our company love the web interface, and we’re all using our beloved Mozilla Thunderbird, the first version we had used was 0.8 or something.

For small even medium business, run your own mail server can be really beneficial, to support 250 users you only need a server with dual core at 2.5GHz and 8-16 Gig RAM for your company website and mail service, the hardware will probably cost $800 or so, there is no software cost, all you need is an Linux support personnel, then you’re covered, from desktop to server. We at www.mfrexpress.com runs only Linux on our laptops, desktops and servers, and we’re proud of our choice.

Probably I will get into the details of Linux in our office late.

Technorati Tags: , , , , ,

Tagged with:  

Trucking and Open Source

On January 28, 2010, in Business and Open Source, by admin

You’d ask why trucking has anything to do with open source, particularly GNU/Linux?

Let’s see how does this Linux thing can help you lower your operation cost while  keep or even improve your service.

First, there is no exorbitant license fee to pay. You can download the Gnu/Linux distributions off the Internet,  or buy installation CD/DVD at shipping cost, you can install the system by yourself of someone knows Linux in your organization or follow online  help step by step, you will have GNU/Linux up and running in no time nowadays.

Then you have old hardware which is not capable of handling the latest Windows OS, you probably will have to buy new hardware just to run Windows, now you can keep using these old buddies for quite some time with GNU/Linux, because Linux can handle low end machines very well, just go online to see how to do it.

Now you have  system installed, applications are running, what next? Say you need accounting software, well, LedgerSMB is all you need. What about eCommerce? Zen Cart or Magento will do the magic. Gimp will help you to retouch your digital pictures, personal or business. You can surf the net safely with Firefox. These are just some of the great things I can think of right now, you will find there are a lot more interesting things you can do with Linux.

OK, you ask, what about those malware, virus,  spyware? Actually this is the strongest point of using Linux, as long as you don’t login as root to run your desktop, you are safe from most malware, spyware and virus.

All the benefits above, exactly what is there for Trucking business?

An important part of trucking business is hauling loads, before you go on your trip you need to make sure your load is safe, you need tie downs to secure your load, most of these tie down products are pretty heavy, especially transport chains, a few chains can weigh more than 150lbs, you can buy them locally, usually with high price, then you can buy them cheaper online, but the shipping charge sometimes can be prohibitive. Now let’s have a look at one online cargo control products store, www.mfrexpress.com, they are selling all kind of tie downs on their website, heavy duty chains, ratchet straps, cargo bars, truck winch and winch straps, etc., this may not be that special because a lot people are selling these stuff online, hat makes them special is that they offer free shipping on orders $25 or more,meanwhile they offer nice quality cargo control products at lower price than most online retailers, these two things together you have a really nice deal.

Now the question is how can they do that without being broke? Since the shipping charge is pretty hefty especially for binder chains and load binders, they will have to lower their operation cost quite a bit, this is where Linux, Open Source come into play. They run their office on all open source software, from OS to applications, from web server to email server, fax server, all based on Linux. Their desktop machines are from 2002/3 and still going strong under the command of Linux, their servers are all bought on EBA lately and running nonstop already for more than 3 years, they have their own email, fax, web and VoIP server, all of these greatly reduced the maintenance cost and ongoing security cost, for 6 years they haven’t needed any major spending on hardware or software, no malware/spyware/virus whatsoever, almost no down time except serious power black out.

In a weak economy, cutting cost often times means cutting corners, but with open source you can lower operation cost but not lower your standard.

Technorati Tags: , , , , , , ,