Research

It was a bit of a shock to us over two years ago, when we learned the Boy has a lazy eye. We found out when he got evaluated prior to entering kindergarten, and they said he needed to get his eyes examined. The Boss and I have very good vision, especially when we were growing up, so it was unexpected. Ultimately it’s not a big deal. He needs to wear glasses and we have to patch his good eye for a few hours every day to force his weaker eye to get stronger. We got him some pretty snazzy looking glasses. Oval in shape, you know, right out of the metrosexual handbook. Thankfully when you are 8, it’s cute. A couple years later, the glasses are part of him. He kind of looks strange when he doesn’t have them on. He is a boy, so he’s pretty hard on the glasses, with them always getting bent or otherwise screwed up. And when they don’t fit well, he tends to look over them. It’s not a conscious decision – he just lets them slide down his nose and goes about his business because his strong eye compensates. Or he doesn’t turn his head up when he’s looking up. Either way, he’s not getting the benefit of the glasses and it’s not helping to strengthen his weaker eye. During his quarterly check-up, the ophthalmologist suggested a new pair with bigger lenses that he wouldn’t be able to look over. We’re fine with that, but the Boy is a bit change averse. His first thought was that he didn’t want Waldo glasses. Those big frame models that make him look like the character from “Where’s Waldo?” We set the expectation that he’ll get the best glasses to address the issue, even if they are Waldo glasses. The Boss and I had a sneaking suspicion it wouldn’t end well, but we had to deal. I took him to the eyeglass shop and he started trying out frames. We found a pair that seemed good, which had rounder lenses. Not Harry Potter round, but rounder than his current model. I asked what he thought, and his response: “Horrible, Dad.” But both the optometrist and I told him they were cool, even if he didn’t believe us. Then I spied a pair of the dreaded Waldo glasses. “Boy, try these on!” After a little resistance, he put on the Waldo glasses (which were actually a pair of very expensive Calvin Klein models). I actually thought they looked good, but he was locked into the No Waldo position. He was clearly getting upset at the idea of having to get the Waldo model. Then I took the first pair with the rounded lenses and had him try those on again. Evidently it wasn’t the optometrist’s first rodeo either – he played up the cool frames and told him all the chicks would dig them. The Boy had no idea what he was talking about, but I was entertained. I had him put the Waldo glasses back on (just for good measure) and then try the rounded ones again. Then I went for the close. “So what do you think, dude?” He said, “I like them, Dad. They are cool!” Just like it was his idea. Win! Maybe at some point he’ll realize the conspiracy. Maybe not. Either way, it’ll be a lot harder for him to look over his glasses, which ultimately is all that matters. Even if it took a little manipulation to get him there. –Mike Photo credits: “Where’s Waldo” originally uploaded by Carolyn Coles Incite 4 U AV dying? Just like spam was going to be gone by 2004: Now that Microsoft has unveiled Windows 8 (talk about pre-announcing) with enhanced security features, the security industry is bracing for yet another assault on the cash cow of all cash cows: anti-virus. Evidently Win8 will have enhanced ASLR and heap stack protection, which is good news because <sarcasm>the attackers continue to stand still.</sarcasm> But it seems Windows Defender will be able to handle AV signatures now. First, AV signatures aren’t the answer. Second, inertia is substantial in both the consumer and business markets. If Microsoft said they were bundling white listing in, or some other mitigation that actually made a difference, I would be interested. But they didn’t so I’m not. But I do like the new Metro(sexual) interface. Not enough to actually use Windows, like ever, but it is pretty. – MR Needle in a crapstack: Most of the surveys we see in the security industry are pretty bad. They are driven by vendors looking for FUD to sell products. And hey, it’s our own fault because none of us wants to pay for the good stuff. (Our stuff excepted, of course 😉 ). But we can often find interesting nuggets anyway. These two surveys came courtesy of Martin McKeay, as prep material for this week’s podcast. The first, from Trustwave and Cybersource, tells us that 70% of businesses care more about their brands than PCI fines. Well, I sure as hell hope so – otherwise their priorities would be seriously out of whack. Then, courtesy of PWC, we find that only 13% of companies surveyed have a security strategy, reviewed the effectiveness of said strategy, and knew the types of breaches they suffered in the past 12 months. Heck, I’d say 13% sounds good – maybe even a little high. A lot of the rest of these two surveys is too tuned for my tastes, but I’m happy any time I can get a nugget or two. – RM Right tool for the job: If you are reliant upon email security to address HIPAA, you’ve already lost. But eWeek is positioning DLP Lite in email security tools as front-line defense for HIPAA. It’s a little like closing the window and leaving the front door wide open. Content screening of email is a last line of defense – one you hope you don’t

This is a bit off topic, but indulge me. We had a little situation in our neighborhood last week, involving a home invasion. A couple masked (evidently armed) guys tied up a family and ransacked their house. The father was in the garage when the intruders made their entrance. The mother and a teenage child were also in the house. This happened in my sleepy suburban neighborhood, so it can happen anywhere. The good news is that no one got hurt. They lost some money and some jewelry and I’d imagine they got a pretty good scare, given they were tied up in their bedroom after opening the safe. I don’t know the family, but it was the best outcome they could have gotten. As you can imagine, our neighborhood is in a tizzy. There are discussions of putting gates at the entrances, as well as significantly increasing the private security patrols that we contract. Yup, there is plenty of opportunity for security theater here. But security theater isn’t interesting to me. I deal with that crap every time I fly. It got me thinking about what I’d do in a similar situation. I’m in the garage, the Boss and the kids are in the house. Multiple armed men enter the garage. It’s quite a quandary. Some of you Hong Kong Phooey types might try to fend off the attackers. Do you run? Do you attack? Do you sacrifice everything to keep them out of the house? Do you try to talk some sense into them? Even if you have a gun in the house, how often are you in your garage? If you have an alarm, will you be able to hit the panic button? Should you, given that it could cause an unstable attacker to do something rash? Remember, you have family members in the house, which are unlikely to be as equipped as you to deal with the situation. I think I know what I’d do. But I’m not sure what standard operating procedure would be, so I’m asking for some help. I know a bunch of you have law enforcement and/or military backgrounds, and many have advanced training in all sorts of self-defense tactics. In a similar situation, what do you do? The police are holding a meeting in our neighborhood next week, so we’ll find out what they suggest we do. But that’s just one opinion, right? This seems like a targeted situation. The family has money and drives fancy cars, lives at the edge of the neighborhood, and their culture is known to keep cash and valuables in the house. None of which is my situation. But I’m wary of being too optimistic and naive about the risks to my family. So I’m going to do the threat models. I need to take precautions. I need to train my family what to do in a similar situation. What should I teach them? Share: