Friday, July 10, 2009

Random items - it's Friday, and the sky hasn't fallen yet this week...

Some random things this morning…

InfoSec related, sort of… First few days of class have gone by, and I am finally getting my schedule down. Up at 0400 hrs, brew a quart of Starbucks Sumatra (which has a “capricious spirit” and is an “adventurous coffee” by the way?) answer my section’s students’ email, review discussion posts, and generally look over what my section has done so far. Finish up by 0530 hrs or so, and then get ready to go in to the office for my day job. Come home by 1900hrs, log back on to Blackboard, and do it again. Offline by 2300 hrs or so, and then off catch a few hours of sleep.

To Con or Not to Con? Still trying to decide whether or not to hop a flight out to DC this year. BH is out, unfortunately, no budget for that amount. The $150 for DC is a whole lot more affordable, assuming I don’t lose it to one of the slots on the way out of the airport. A good friend, Mike Murray is speaking at DC this year, and I would encourage anyone to slide into his presos.

Also have been trying to come up to speed on my son’s new MacbookPro. He’s off to college in the fall, majoring in Film and Photography. His school requires incoming freshmen to have a MBP, and he was overjoyed at the prospect of getting one of the latest models. We waited until WWDC, and then placed an order. After having seen one of the new MBPs, I can say that I (almost) could be swayed.

Anyway – I’m starting to have discussions with him about the ugliness that exists beyond the boundaries of what has to date been a relatively safe environment. No more house firewalls or content filtering, no more watchful eyes… After about ten or fifteen minutes of outlining some “safety” measures, the glaze-factor started to kick in. If you have teenagers, you know exactly what I mean. So – I showed him some old Wireshark traces I took on my occasional rides from Boston to Washington on the Acela. When I explained to him that I was able to see user’s accounts, their passwords, email, web surfing habits, while traveling down the rails at a rapid clip, he started paying attention.

I guess the short version of this post is that getting the Information Security message out solely by traditional educational means may not work. If you want to get someone’s attention – a direct, hands-on demo is what does it for most, and especially teens. I see their population most at risk because whether or not one wants to believe it, they are the most connected generation and will far surpass us in their permanent connectedness. They take being connected for granted, and more importantly, do not see the dangers lurking just under the surface.
I’m rambling at this point – so enough for now. I have to get on the road to my Day Job.

Bill P

No comments: