A few months back one my dogs knocked over one my speakers. Sent it flying, actually. 3’ 50lb wood cabinet speaker – as if it wasn’t there. The culprit is still a puppy, but when she gets ripping, she can pretty much take out any piece of furniture I own. And she has a big butt. She seems to run into everything butt first, which is impressive as she does not walk backwards. Wife calls her ‘J-Lo’. She learned how to spin from playing with my boxer, and now she spins out of control when she is amped up. Big ass, right into a chair… BANG! I miss having music in the living room, so I thought I would solve the problem by bringing out a pair of tower speakers from the back room. They are six feet tall and weigh 180lb each. I thought that was the perfect solution, until she moved the piano a half of an inch with one of her spins. For the sake of the speakers, and my health, I removed all stereo components from the living room.
But I still want music so I have been searching for small electronics to put on the shelf in the kitchen. My requirements were pretty simple: Decent quality music that won’t become a projectile of death. I began shopping and found, well, everything. I found hundreds of portable DAC’s, the size of a cigarette pack, for the iPhone & iPad. There are lots of boom boxes, desktop radios, and miniature receivers. I ordered the iHome IP1 because it got good reviews and – while the audiophile in me hates to admit it – it just looked good. I was really excited when it arrived last week and I cleared off a space for it, cleaned up the shelf, got everything plugged in, and updated my music library with some fresh tunes. Only problem – it sucked. Or maybe it was defective, I don’t really know. Won’t play music from an iPhone 4, iPad, or iPod touch – only the iPhone 3GS. And when it did play, it sounded underwater. Ugh. Really freakin’ bad.
So I am still searching for a good desktop radio that I can stream music to from my iDevices. If you have reasonably priced recommendations let me know. For now I am just playing from the built in speakers, which is better than nothing.
On to the Summary:
Webcasts, Podcasts, Outside Writing, and Conferences
- Mike on the Importance of Application Intelligence.
- Adrian’s DR post on How To Respond To The Sony Attacks.
Favorite Securosis Posts
- Adrian Lane: SDLC and Entropy. See Gunnar’s take.
- David Mortman: What’s Old Is New again. And we wonder why our lives (in security anyway) are described as the “hamster wheel of pain.” We repeat the same stuff over and over again. With maybe a twist or two (as Adrian astutely points out), but the plot is the same. So is the end result. Sigh.
- Mike Rothman: Why We Didn’t Pick the Cloud (Mostly) and That’s OK. Who else gives you such a look into the thought processes behind major decisions? Right, no one. You’re welcome.
Other Securosis Posts
- Earth to Symantec: AV doesn’t stop the APT.
- Incite 5/4/2011: Free Agent Status Enabled.
- Standards: Should You Care? (Probably Not).
- Software vs. Appliance: Virtual Appliances.
- Software vs. Appliance: Data Collection.
Favorite Outside Posts
- Adrian Lane: VMWare Building Clouds? An interesting look at virtual platform use by cloud providers.
- David Mortman: The Rise of Data-Driven Security. I love it when we get validated by a heavy hitter like Scott.
- Mike Rothman: Summary of the Amazon EC2 and Amazon RDS Service Disruption in the US East Region. Great explanation from Amazon about their EC2 FAIL a few weeks back. You can learn a lot about cloud architecture, as well as get a feel for how complicated it is to really scale. It’s like a tightrope walk every time they have to scale (which is probably constantly). This time they fell off and went splat. Let’s hope the net is positioned a bit more effectively next time.
Project Quant Posts
- DB Quant: Index.
- NSO Quant: Index of Posts.
- NSO Quant: Health Metrics–Device Health.
- NSO Quant: Manage Metrics–Monitor Issues/Tune IDS/IPS.
- NSO Quant: Manage Metrics–Deploy and Audit/Validate.
- NSO Quant: Manage Metrics–Process Change Request and Test/Approve.
Research Reports and Presentations
- React Faster and Better: New Approaches for Advanced Incident Response.
- Measuring and Optimizing Database Security Operations (DBQuant).
- Network Security in the Age of Any Computing.
- The Securosis 2010 Data Security Survey.
- Monitoring up the Stack: Adding Value to SIEM.
Top News and Posts
- Fake Mac Security Software It’s drive-by malware… if you actually click all the buttons and install it.
- Anonymous claims no involvement in Sony hacks.
- How to disappear completely.
- Yeah, more Sony mayhem.
- Barracuda Breach Post Mortem Analysis.
- Test-Driving IBM’s SmartCloud. Interesting analysis of IBM’s ‘SmartCloud’ trial product. In fairness, it’s very early in the development process.
- Zero-Day Attack trends via Krebs. Second installment. Makes you think security companies are not eating their own dog food.
- LastPass Forces Users to Pick Another Password It’s bad when the salt is stolen with the hashed passwords… now it becomes a dictionary attack. If it was a foreign government (wink-wink), they have the resources to crack all the passwords.
- Nikon Image Authentication System Compromised. Interesting read.
Blog Comment of the Week
Remember, for every comment selected, Securosis makes a $25 donation to Hackers for Charity. This week’s best comment goes to ds, in response to Earth to Symantec: AV doesn’t stop the APT .
The reality here is that SYMC is a very successful security vendor with a lot of customers and many solutions. They aren’t stupid and press announcements like this aren’t driven by ignorance.
Sadly, they will sell product to customers based on this. It speaks volumes about the buyer and their ability to understand complex security issues and appropriate remedies. In short, most “security” professionals can’t, and many companies don’t even have “security” professionals on staff, esp in the SMB space.
So, don’t expect SYMC to adhere to strict definitions of APT and don’t be surprised when they overstate their capabilities because it works to sell products and that is their reason for existing. Also, most people who are buying products today to counter APT won’t ever see one, so SYMC is taking a reasonable gamble that such specious market hype won’t come back to haunt them.
So, all in all, I guess SYMC’s response to the headline “AV doesn’t stop the APT” would be “So what? APT sells AV! =P”
Comments