If you're new here and would like to see more of what I'm saying, you may want to subscribe to my RSS feed or have a look at my papers and presentations page for downloads of stuff that you can share or "borrow heavily from". You also might find my guidelines for posting comments interesting, especially if you're a government employee. Thanks for visiting and happy hacking!

Seth Godin’s take on bacn, the spam you get from social networking sites to let you know that somebody has replied to your comment.

Living with 3 socially-aware people (read: girls) aged 10 to 37, I have a simple solution:  procmail rules to kill all the MySpace/Facebook/$FooSpace notifications on my server so the 200+ pieces of mail never make it to the /dev/null inbox. =)

Word to social networking sites:  put the entire content of the response in the email that way users can decide if it’s worth their time to respond or if it’s just somebody saying “OMFG me 2 gf LOL”.  Your users shouldn’t have to go to your website to read every one of these.

And hats off to the Word Press blog  software–it does put the text of a blog comment into the email notification along with the link to moderate.  That’s the way things are supposed to be.

Bookmark to:

Basic test of intelligence: Marketer:CISO as ?:?

• Oil:Water
• Promises:Delivery
• Matter:Antimatter
• Optimism:Pessimism
• Lies:Truth
• FUD:Anti-FUD
• Cash Flow:Stagnation

Basically, the 2 don’t mix, and that’s why deep down inside I remain skeptical about anybody who can take what I do, productize/solutionize it, and start selling it to people.  Most of the time when I start thinking about it, I don’t think security scales the way that it needs to for people to make money on it.  Then I remember my core belief that security is no different from IT which is no different than business, we only think that it’s different.

After awhile in the security industry, you can’t help but be cynical about the whole deal.  Utimately, it’s the customer’s responsibility to secure their data–as a vendor, consultant, etc, it’s my responsibility to help, and sometimes that means going away because they aren’t ready for what I’m offering.

Bookmark to:

I spent a couple of hours today mucking around with Debian and WPA.  Yeah, yeah, you’re all thinking it’s about time I did something instead of bloviate about FISMA. =)

Anyway, I found the best resource on “The One True Debian Way” (TM) to set up WPA.  I gave myself a roaming setup using wpa_supplicant.conf

This is especially important to me now that I’m going out in areas with a ton of wifi interference–I need to be able to intelligently select which AP I’m connecting to since the neighbors have wide-open wifi that is much too easy to associate with.

Bookmark to:

I had a friend, Mr Vlad the Impaler of blog comment fame, who sent me this article: 10 Pieces of Lousy Security Advice.

Numbers 1 and 4 (IIRC) are my favorite whipping-boy, c*mpliance. Yes, it’s lightweight reporting and fairly obvious to security dweebs, but it brings a tear to my eyes. =)

Bookmark to:

Yes, I know we’re all security dweebs, but the videos for the Aspen Summit are up. Think IT industry visionaries. Think future of privacy. Think online child protection. Think technology meets the US Constitution.

It’s good watching. Many thanks to the Technology Liberation Front.

My other video obsession is TED, but you probably know about that already.

Bookmark to:

Yep, I was quiet last week on the blog front. I moved from my not-so-wonderful abode in Falls Church to part of the “tech ghetto” along the Dulles Toll Road.  Let’s just say it’s a good upgrade and leave it at that.

However, I’m back at blogging after a week’s hiatus.

Bookmark to:

Cemetary Plus Toxic Waste = Zombies

Bookmark to: