Some random things this morning…
InfoSec related, sort of… First few days of class have gone by, and I am finally getting my schedule down. Up at 0400 hrs, brew a quart of Starbucks Sumatra (which has a “capricious spirit” and is an “adventurous coffee” by the way?) answer my section’s students’ email, review discussion posts, and generally look over what my section has done so far. Finish up by 0530 hrs or so, and then get ready to go in to the office for my day job. Come home by 1900hrs, log back on to Blackboard, and do it again. Offline by 2300 hrs or so, and then off catch a few hours of sleep.
To Con or Not to Con? Still trying to decide whether or not to hop a flight out to DC this year. BH is out, unfortunately, no budget for that amount. The $150 for DC is a whole lot more affordable, assuming I don’t lose it to one of the slots on the way out of the airport. A good friend, Mike Murray is speaking at DC this year, and I would encourage anyone to slide into his presos.
Also have been trying to come up to speed on my son’s new MacbookPro. He’s off to college in the fall, majoring in Film and Photography. His school requires incoming freshmen to have a MBP, and he was overjoyed at the prospect of getting one of the latest models. We waited until WWDC, and then placed an order. After having seen one of the new MBPs, I can say that I (almost) could be swayed.
Anyway – I’m starting to have discussions with him about the ugliness that exists beyond the boundaries of what has to date been a relatively safe environment. No more house firewalls or content filtering, no more watchful eyes… After about ten or fifteen minutes of outlining some “safety” measures, the glaze-factor started to kick in. If you have teenagers, you know exactly what I mean. So – I showed him some old Wireshark traces I took on my occasional rides from Boston to Washington on the Acela. When I explained to him that I was able to see user’s accounts, their passwords, email, web surfing habits, while traveling down the rails at a rapid clip, he started paying attention.
I guess the short version of this post is that getting the Information Security message out solely by traditional educational means may not work. If you want to get someone’s attention – a direct, hands-on demo is what does it for most, and especially teens. I see their population most at risk because whether or not one wants to believe it, they are the most connected generation and will far surpass us in their permanent connectedness. They take being connected for granted, and more importantly, do not see the dangers lurking just under the surface.
I’m rambling at this point – so enough for now. I have to get on the road to my Day Job.
Bill P
Friday, July 10, 2009
Monday, June 29, 2009
2009, and then some...
Well, it’s good to see that InfoSecToday is still alive and well. I’m still alive, and as far as being well, well you know how that goes… Lots of changes over the last year or so - Still married (the same one), still have a job (the same one), have two kids in college now (the same ones), but a lot less in the 401k. I’ve been through two different iPods, and am on my second Zune (a big one). It is amazing how much stuff you can cram into a space no larger than a pack of cards. More on that in later post.
One of the sad / scary / frightening highlights of the last year or so was my six week “vacation” from my InfoSec day-job. I’m not sure if you have had an opportunity to serve on a jury, but if you are ever called, please, do not try to wrangle your way out of this civic duty. Early in March of 2008, I got a rather fat envelope from the Rockingham County Court, and my first thoughts upon getting the fat envelope were “..what did the kids do this time???”. But as soon as I opened it up and saw the subject line, my skin got cold. After almost thirty years of not being called for duty, my number came up. Six weeks later (yes, six weeks in a box) we issued our verdict – Sane and Guilty of Murder in the First Degree on two counts. You can hear my 47 seconds on internet fame here announcing the verdict to the court clerk. Oh – and as to the trial? You couldn’t make this stuff up. Pick your favorite search engine and look for “Sheila LaBarre".
Tech-wise – I’m up to seven email accounts (no – don’t ask why), and I’m on Twitter, although I’m not fully sold on that one yet primarily due to the “noise” level and form-factor. If you want to some following, drop me a line, and I’ll tag you as someone I might trust. Maybe.. Con-wise, the big E-Ticket rides are a thing of the past (at least until either the economy rebounds or college costs abate), and maybe that’s not a bad thing, really? I went to my second and third ShmooCon events in the interim, and this year managed to convince my wonderful, tolerant of my whims, and now frightened out of her wits wife to come with me to ShmooCon09.
If I had to summarize the state of affairs of Information Security over the last 18 to 24 months in one word it would be “desensitization”. More to come on that thought next time…
Bill P
One of the sad / scary / frightening highlights of the last year or so was my six week “vacation” from my InfoSec day-job. I’m not sure if you have had an opportunity to serve on a jury, but if you are ever called, please, do not try to wrangle your way out of this civic duty. Early in March of 2008, I got a rather fat envelope from the Rockingham County Court, and my first thoughts upon getting the fat envelope were “..what did the kids do this time???”. But as soon as I opened it up and saw the subject line, my skin got cold. After almost thirty years of not being called for duty, my number came up. Six weeks later (yes, six weeks in a box) we issued our verdict – Sane and Guilty of Murder in the First Degree on two counts. You can hear my 47 seconds on internet fame here announcing the verdict to the court clerk. Oh – and as to the trial? You couldn’t make this stuff up. Pick your favorite search engine and look for “Sheila LaBarre".
Tech-wise – I’m up to seven email accounts (no – don’t ask why), and I’m on Twitter, although I’m not fully sold on that one yet primarily due to the “noise” level and form-factor. If you want to some following, drop me a line, and I’ll tag you as someone I might trust. Maybe.. Con-wise, the big E-Ticket rides are a thing of the past (at least until either the economy rebounds or college costs abate), and maybe that’s not a bad thing, really? I went to my second and third ShmooCon events in the interim, and this year managed to convince my wonderful, tolerant of my whims, and now frightened out of her wits wife to come with me to ShmooCon09.
If I had to summarize the state of affairs of Information Security over the last 18 to 24 months in one word it would be “desensitization”. More to come on that thought next time…
Bill P
Subscribe to:
Posts (Atom)