Incite 11/30/2011: An Introverted ThanksBy Mike Rothman
As with most things, I have mixed feelings about the holidays. Who doesn’t enjoy a few days off to recharge for the end-of-year rush? But the holidays also mean family, and that’s a good thing in limited doses. I’m one of the lucky few who gets along with my in-laws. They have an inexplicably high opinion of me, and who am I to say they are wrong?
But by the fifth day of being surrounded by family over Thanksgiving weekend I was fit to be tied. I spent most of Saturday grumbling on the couch, snapping at anyone who would listen. And even those who didn’t. Thankfully my family ignores me, and suggested I stay back when they went to the fitness center pool. I was much better when they got back. I was able to recharge my social batteries – I just needed a little solitary confinement. Why? Because I’m an introvert – like all introverts, the longer I’m around people the harder it is for me to deal. I found this great guide to dealing with introverts from The Atlantic, and it’s right on the money.
I like to say I’m anti-social but that’s really not the case. But I only enjoy people in limited doses. I remember reading, a few years back, Never Eat Alone, a guide to networking. There is a lot of great stuff in that book, which I will never do. I actually like to eat alone, so most days I do. That’s really what I’m thankful for this year. I have a situation where I can be around people enough, but not too much. For me that’s essential.
But that’s not all I’m thankful for. I’m thankful for all the folks who read our stuff, who have bought my book, and who show up to hear us pontificate. When I explain what I do for a living most folks say, “really?” For the record, nobody is more surprised than me that I can write and speak every day and pay my bills. It’s really a great gig. So thank you for supporting our efforts.
And I’m also thankful that the important people in my life tolerate me. Obviously Rich and Adrian are getting used to my, uh, quirks. They haven’t voted me off the island. Yet. My kids are growing into wonderful people despite their genetically similarity to me. They continue to amaze me (almost) daily, and usually in a good way.
But most of all, I have to thank the Boss. We just celebrated our 15th year of marriage, and although there have been a number of great days in my life, the day we met is in the Top 4. She holds it all together, keeps me grounded, and lets me, well… be me. She has never lost faith, no matter how bumpy things got. I can only hope my kids are lucky enough to find someone who supports them like The Boss supports me.
Yes, I need my alone time, but without my partners (in business and life) I would be nowhere. Now is the time to remember that. So think about all those folks who allow you to do your thing, and thank them. Especially a week after Thanksgiving – after they thought you forgot. Got to keep them on their toes, after all.
Photo credits: “Thank You Trash…” originally uploaded by Daniel Slaughter
Incite 4 U
Can we call this a false positive? The major media was buzzing over the short pre-holiday week with reports of a foreign cyber-attack that took down a water pump in Springfield IL. Too bad it didn’t happen – it was an authorized contractor trying to troubleshoot stuff over a connection from Russia (where the guy was traveling on business). What perplexes me is how such a volatile piece of news could get out without corroboration or investigation. Who’s at fault here? The Illinois Statewide Terrorism and Intelligence Center, or the so-called expert who alerted the media? Probably both, but this kind of Chicken Little crap doesn’t help anything. If a water pump goes down, what is the danger? It’s not like the water supply was tampered with. At some point, a cyber-attack will happen. Let’s hope there is more and better information next time – and that it turns out to be as harmless as this incident. – MR
No app for that: Good on Chris DiBona for calling anti-virus vendors “charlatans and scammers”. Your average mobile phone user does not know – and does not want to know – the differences between viruses and malware. But developers know the risk vector is not viruses – it’s malicious apps that users willingly install because they don’t know any better. And these bad apps behave like every other app, so it’s not like signature-based detection can help! Of course that does not prevent AV vendors from spewing FUD and selling their wares to the unsuspecting public. It’s refreshing to see a developer sound off without being muzzled by the HR and legal teams, because he is right – AV will not provide any greater protection than what your platform provider offers by yanking malicious apps from their app store. – AL
Burn the house down: Before I go any further, I do think the hack these researchers came up with attacking printers is interesting. They figured out that the firmware updates weren’t signed, and were merely sent over as part of a print job. There’s a lot of hyperbole on this one that I will ignore, but printers really are something you should be paying attention to – especially multifunction devices (MFDs). I co-authored a Gartner note about these risks back in the day – among other things they often have insecure web servers built in, keep copies of everything faxed or printed on local hard drives, etc. And a lot of you probably outsource your printer support – like the client who told me their vendor insisted on full VPN access to manage the things. Fun stuff, and the stories from pen testers are even better. – RM
Optimism reigns, even for security folks: Apparently if you ask security folks what security spending will look like in 2012, they expect more of the same. According to TheInfoPro, more folks expect to spend more next year – after a pretty robust 2011. What did you think they would say? The study calls out DLP and NGFW (next generation firewalls) as areas of continued investment. Duh. Okay, I shouldn’t be too harsh, since these folks actually believe they will get the funding their management promises. Until they don’t. But we are lucky that (especially given how crappy our results are) senior management still hasn’t caught on, and gives us more money to
wastespend. Cool, I got in my daily snark quota. – MR
Big Analytics: Probably the single most difficult security problem out there is catching malicious activity from authorized parties. You know, when a real authorized user does something with malicious intent. Most of you probably call this the “insider threat”, but I really hate that term. Especially since the activity is often an external attacker compromising internal accounts. Short of tightening the screws so hard we break… everything… our best option is extensive monitoring. Which means collecting extensive data, not that anyone has the time to look at it or the ability to deal with that sort of event volume. So we need to look at unreliable analytics: heuristics, correlation, and all the other junk on marketing brochures that never works. Even DARPA recognizes the problem, and is putting up some research dollars. I actually have hopes this sort of technology will mature. Eventually. – RM
Pot, meet Kettle: Law enforcement uses ISP and merchant records to build criminal cases – they may include user account details, IP address information, and whatever conversations they can capture – in order to demonstrate identity, mindset, and possibly a link to whatever crime is being committed. You know, Timmy calling one of his friends in World of Warcraft a ‘punk-azzed beyotch’ now becomes court admissible ‘evidence’. Conversely Anonymous leaks 38k emails from a criminal investigator, along with voicemails and personal ads. Embarrassing stuff like your ex-girlfriend calling you a bastard, or how your personal ad describes you as ‘a cuddly Teddy bear’. This silly playground catfight does offer the Lulz – in a Jerry Springer-esque way – in embarrassing data leaks, and underscores certain law enforcement techniques as a sham. At the end of the day, this does not help anyone improve privacy or data security, nor will it alter law enforcement behavior. Unless people realize that the Internet sees everything and has a very long memory. – AL
Privacy and anonymity, cloud style: You hear about the bad guys hosting botnets and leveraging the cloud for other nefarious activities – after all it’s just software running in a different place. So it shouldn’t be surprising that the Tor folks have spun their stuff to run a privacy bridge in Amazon EC2. This will dramatically increase the nodes on the Tor networks to obscure source and destination, which is probably a good thing. Though like anything else, of course this can be used both for good and bad. The Tor folks did it right, building in bandwidth limiters and configuring the pre-packaged AMIs to run as micro-instances, ensuring there is no cost to folks who qualify for the free tier. I suspect we’ll see lots of open source projects spinning up AMIs to increase their footprint, given the lower cost of initial deployment in the cloud. – MR