=Spica Shui=

Oleh Puteri Fatia | Yahoo! She – Rab, 26 Okt 2011 17.38 WIB

Curriculum vitae adalah representasi diri. Tetapi para lulusan baru sering mengirim CV yang bikin geleng-geleng kepala. Karena kurang referensi, mereka kerap melakukan kesalahan yang tidak disadari. Memang tidak mutlak membuat mereka ditolak, tetapi memperkecil peluang diterima.

Nah, jika Anda seorang lulusan baru yang sedang berburu kerja dan tidak kunjung mendapat panggilan, jangan-jangan Anda melakukan beberapa kesalahan ini.

Foto
Jika perusahaan mensyaratkan foto dalam lamaran kerja, pilihlah foto yang membuat Anda terlihat profesional. Jangan pakai foto yang diambil dari Facebook hanya karena Anda tampil menarik (atau seksi). Bagaimana Anda mau dianggap serius bila foto yang dilampirkan terlihat main-main dan hasil crop?

Umumnya perekrut lebih menyukai foto yang simpel. Pergilah ke studio foto dan bikin satu foto yang bagus – untuk investasi Anda ketika melamar pekerjaan.

Alamat email
Hmm, alamat email seperti inacuantixxbanget@yahoo.com atau romisayangchika@ymail.com sepertinya kurang menarik jika dipajang di CV. Anda kan sedang melamar pekerjaan di suatu perusahaan jadi sebaiknya hindari alamat email yang terlalu personal. Buatlah satu akun email dengan nama asli Anda untuk keperluan resmi. Jangan sampai Anda kalah bersaing dengan pelamar lainnya hanya karena alamat email Anda menggelikan.

Informasi yang tepat
Jangan kirim CV yang persis sama ke semua perusahaan. Usahakan “jahit” terlebih dahulu setiap kali Anda melamar. Beri penekanan pada prestasi atau keahlian yang relevan dengan posisi incaran. Tidak perlu mencantumkan prestasi “pemenang lomba karaoke” bila memang posisi yang Anda inginkan tidak membutuhkan keahlian bernyanyi.

Informasi pendidikan juga cukup dimulai dari SMA saja, tidak perlu taman bermain dan TK. Intinya, tekankan pada informasi yang bisa menunjukkan Anda orang yang tepat untuk posisi ini.

Terlalu panjang
Pihak perekrut akan menerima setumpuk lamaran, jadi satu menit pertama amat menentukan. Jangan buang waktunya sia-sia dengan membeberkan prestasi Anda dari sejak TK. Buatlah kesan yang baik di surat lamaran sehingga mereka mau membaca hingga habis.

Anda boleh menyertakan alamat LinkedIn atau blog yang berisi portofolio bila diperlukan. Tetapi apa pun yang terjadi, jangan pernah meminta perekrut untuk mendownload sendiri CV Anda dari Internet. Tidak semua kantor punya koneksi bagus.

Email kosong
Mentang-mentang CV tersimpan di telepon seluler, maka begitu melihat suatu lowongan Anda langsung mengirimkannya tanpa berusaha membuat surat lamaran. Mau tahu kesan yang muncul begitu membaca email kosong seperti ini? Pelamar adalah seseorang yang malas.

Pelamar hanya secara acak mengirim CV ke kanan-kiri tanpa usaha lebih untuk membuat surat lamaran yang menarik.

Jiplakan
Yep, para perekrut sudah sering membaca bertumpuk CV jadi mereka bisa mengenali mana yang jiplakan dan bukan. Usahakanlah membuat surat lamaran dengan kalimat orisinal untuk meningkatkan kemungkinan Anda diterima.

Kalaupun belum memiliki pengalaman, Anda bisa menceritakan poin kekuatan Anda yang cocok untuk pekerjaan yang diincar. Tak perlu membuat surat lamaran yang terlalu panjang. Fokus pada kekuatan Anda dan tentunya jangan lupa mencantumkan informasi kontak agar mudah dihubungi.

Sumber : http://id.she.yahoo.com/kesalahan-umum-dalam-mengirimkan-cv-pada-lulusan-baru-.html

SecureToken ST2 is built based on 8-bit microprocessor smart chip together with card reader in the single USB device platform. As secure smart card technology is still the most secure device platform that prevents hacking and hardware cloning thus makes SecureToken ST2 the most preferred choice for strong 2-Factor Authentication option.

SecureToken ST2 supports onboard 1024-bit RSA Key Pair generation with additional advanced cryptographic functions with digital signing on hardware, make it a powerful plug-in for Public Key Infrastructure (PKI) and Challenge Response Authentication implementation. As the middleware was designed to comply with PKCS#11 and Microsoft CAPI standards, SecureToken ST2 can be seamlessly integrated into many popular applications such as Internet Explorer, Microsoft Outlook, Outlook Express, Mozilla Firefox, and other popular VPNs.

SecureTokenST2 built-in secure and encrypted internal storage offer secure container for user credentials which by default can store up to minimum five X.509 v3 digital certificates. By nature, SecureToken ST2 can support multiple keys for multiple PKI or smart card applications simultaneously thus cross applications usage of a single SecureToken ST2. Proper authentication with User PIN is required whenever any application trying to access the SecureToken ST2 which achieve the essential 2-Factor Authentication objective.

SecureToken ST2 Highlights

• Onboard generation of RSA 1024-bit key pair
Key pairs generated onboard together with digital signing on hardware thus ensure for maximum security. It offers secure encrypted storage for X.509 v3 digital certificates.

• Random Number generation performed on hardware
FIPS compliance Random Number generation on hardware for strong challenge response authentication.

• Built-in support for RSA, DES, 3DES, MD5 and SHA-1 algorithms
Supports various powerful security algorithms with advanced encryption/decryption on hardware ready.

• Middleware support PKCS#11 and Microsoft CAPI applications
Seamless integration to many popular applications such as Internet Explorer, Microsoft Outlook, Outlook Express, Mozilla Firefox and more. Powerful plug and play connectivity to PKI applications.

• Supports multiple PKI and smart card applications
One SecureToken ST2 can store multiple key pairs and ready to use on multiple PKI or smart card applications.

• Compliant and Certified by International Standards
FIPS, RoHS, PC/SC compliant, CE and FCC Conformity Certified.

• Tamper Prove Casing
SecureToken ST2 comes with tamper evident hard plastic casing option.

Source : http://securemetric.com/product.php?id=3

Dalam perhitungan pajak penghasilan di Indonesia (PPh21), ada 3 metoda yg bisa digunakan, yaitu :

1) Net Method

Merupakan metode pemotongan pajak dimana perusahaan menanggung pajak karyawannya

2) Gross Method

Merupakan metode pemotongan pajak dimana karyawan menanggung sendiri jumlah pajak penghasilannya

3) Gross-Up Method

Merupakan metode pemotongan pajak dimana perusahaan memberikan tunjangan pajak yang jumlahnya sama besar dengan jumlah pajak yang akan dipotong dari karyawan.

SecureDongle is the market's most wanted Software License and Copyright Protection dongle that offer Maximum Security but Minimum Learning and Investment.

SecureDongle was built based on advanced microprocessor smart chip which has been certified by EAL4+ and ITSEC. The smart chip based hardware architecture ensures complete security against risk of Dongle hardware being cloned or duplicated. In addition to hardware advantage, SecureDongle was also built with a very user friendly interfaces on its bundled firmware and utilities. Unlike many other competing products where their shortcomings are summarized as below:

• Non-Smart Chip based
  Usually based on common low cost EEPROM where the main protection algorithms rely more on the firmware that is bundle together rather than on the hardware. This type of hardware architecture can easily be duplicated by many Dongle Duplication Experts.
• Smart Chip based
  There are few smart chip based dongles available on the market and most of them is very complicated to integrate; a fresh dongle user might need to spend weeks to months in order to be able to come up with a good protection.

Maximum Security
SecureDongle offers a combination of advanced smart card level hardware security together with advanced software protection firmware with is also integrated with advanced anti-cracking algorithms and mechanisms.

Minimum Learning
SecureDongle SDK offers comprehensive but user friendly tools, utilities, tutorials and API samples where even a fresh developer can master it within days.

Minimum Investment
SecureDongle offer the most cost effective option in the industry, so why pay more!

SecureDongle Feature Highlights:-

• HID Driverless
  As HID driverless, SecureDongle requires no external device driver installation thus minimize common technical issue arise from device driver. No driver needed and as long as a USB thumb drive can work on the computer, so do SecureDongle!
• Smart Chip based
  Advanced EAL4+ and ITSEC certified microprocessor smart chip that enable algorithms execution on chip with built-in support for RSA, DES, 3DES security algorithms. Microprocessor smart chip prevent hardware cloning and duplication attack.
• Built-in RSA, DES and 3DES Encryption Algorithms
  Smart chip is preloaded with RSA/DES/3DES security algorithms which ready to provide powerful encryption/decryption perform on hardware. Developers can make use of those ready security algorithms to perform advanced challenge-response authentication in their SecureDongle software protection.
• Security Password
  Valid 2-level 64-bit password is required in order to gain access into SecureDongle. Developers can set and change their own security password which ensures higher privacy. Moreover, SecureDongle have built-in advanced password protection system that can prevent Brute-Force attack.
  
• Globally Unique Hardware ID
  32-bit pre-burnt and unchangeable globally unique hardware ID provides unique reference on each individual SecureDongle. Even us – the manufacturer do not have the privilege to change it.
  
• Module Zone
  Up to 64 secure protected Module Zones which facilitate unreadable memory and can also be used as the validity flags to protect up to 64 software modules, provides easy licensing management.
• Self Definable Security Algorithms
  Up to 128 self definable security algorithms that will be executed on-board when called by protected software which will then be authenticated using the popular Challenge Response Authentication to maximize the security level of the protection.
• Data Zone
  Up to 1,000 bytes data zone which developer can use it as an external memory for some selected variables or constants accessed by the protected software as an additional security measure.
  
• Onboard Seed Code and Random Number Generation
  Supports on-board proprietary Seed Code and true Random Number generation which developer can apply it into their protection to strengthen the security and to make the protection more complicated to crack.
• Software Enveloper
  Provide Envelop encryption program to encrypt executables with easy-to-use protection facility.
• Soft Timer
  Built-in with innovative soft timer that requires no battery but still support protection using expiry time or date.
• Remote Update
  Supports secure remote update for developer to amend the SecureDongle settings which enables secure software license update and upgrade.
• Secure Communication
  Built-in with advanced encryption/decryption on communication together with time gate between firmware and hardware to prevent debugging and emulator attacks.
• Multi Levels Access Right Management
  Supports multi level access right management to facilitate different access rights for the development team.

1. Combining API and Envelope
   Most Software License Protection Dongle will come with API (Application protocol interface such as DLLs and Object files), where there are various libraries files provided for software vendors to include protection function calls into their source codes. Envelope is whereby the software vendor can make use of the provided shell program to encrypt their application without the need to modify their source code. The best protection will be Envelope after completed the API protection, a combination of both. 
    
2. Updating Protection
   As the best protection now might no longer secure few years later, it is very important that the software vendors will keep updating their protection more often. The best practice is to change their protection strategy for different versions or product, do not use the same strategy once for all. 
    
3. Object vs DLL Links
   In order to gain higher security, a software vendor should link their applications to the Software License Protection Dongle’s objects instead of DLLs. This is because link by objects will be compiled and integrated as part of the protected application of which will make simulating attacks more difficult. 
    
4. Intelligent use of API Calls
   A smart protection should include multiple API calls with different security function calls from various program points. Protection with more various different API calls will definitely harder to trace than protection with few almost similar API calls. Try to make your API Calls more sophisticate. 
    
5. Dummy API Calls
   One simple ways to make your protection even harder to hack is to include some dummy API Calls, i.e. some API or security checks that will not have any legitimate reaction. Such method will be able to confuse hackers who will need to spend more effort on analyzing such dummy API calls that they will never know this is not the “real” one. 
6. Delay Reaction
   Most software vendors practice direct reaction in their implementation should the API calls found no dongle or invalid return, thus hackers are able to back trace the security checking points and then bypassing it. To make your protection even harder to back trace, perhaps you can delay some of your reactions to confuse the hackers, means if detected no dongle or invalid return then keep a validity flag in your program then at later program point only suspend the program. 
    
7. Manipulate Functionalities
   Many software vendors include standard response such as displaying error message and suspending program should there is no dongle found or invalid return. Another better ways to make hacking harder is to alter the program functionalities should the dongle not found, such as disable printing report features until a valid dongle is attached. Hacker might not realize there is security check point that restricted the program functionalities. 
    
8. Authenticate instead of compare
   Direct comparing value is just too easy to understand, should the dongle product chosen provide possible features to allow software vendors to perform certain authentication such as Checksum after performing predefine security algorithms, use it. Some dongle products provide more advanced security features such as onboard encryption, seed code or random code generation, onboard security algorithms, of which it will maximize protection if we utilize it in the right manner.

Source : http://www.securemetric.com/articles-d.php?id=4