Man, I love Halloween; it is the ultimate hacker holiday. When else do we have an excuse to build home animatronics, scare the pants off people, and pretend to be someone else (outside of a penetration test)? Last year I built something I called “The Hanging Man” using a microcontroller, some windshield wiper motors, wireless sensors, my (basic) home automation system, and streaming audio. When trick or treaters walked up to the house it would trigger a sensor, black out the front of the house, spotlight a hooded pirate hanging from a gallows, push out some audio of a screaming guy, drop him 15 feet so he was right over the visitors, and then slowly hoist him back up for the next group.

This year Adrian and I were pretty slammed so I not only didn’t build anything new, I barely managed to pull the old stuff out. Heck, both of us have big parties, but due to overlapping travel we can’t even make it to each other’s events. But next year… next year I have plans. Diabolical plans…

It was a relatively quiet week on the security front, with no major disasters or announcements. On the election front we’re already hearing reports of various voting machine failures, and some states are looking at pulling them altogether. Personally, I stick with mail in ballots. This year election day will be a bit surreal since I’ll be in Moscow for a speaking engagement, and likely won’t stay up to see who won (or whose lawyers start attacking first). While I’m in Moscow, Adrian will be speaking on the Information Centric Security Lifecycle in Chicago for the Information Security Magazine/TechTarget Information Security Decisions conference. I’m a bit sad I won’t be up there to see everyone, but it was impossible to turn down a trip to Moscow.

So don’t forget to vote, please don’t hack the vote, and hopefully I won’t be kidnapped by the Russian Mafia next week…

Webcasts, Podcasts, and Conferences:

Favorite Securosis Posts:

Favorite Outside Posts:

Top News:

Blog Comment of the Week:

Dryden on The Five Stages of Cloud Computing Grief:

My version:

Denial: We can”t secure the cloud.

Anger: Why the f&*k is my CIO telling me to secure the cloud?

Bargaining: Can you please just tell me how you think we can secure the cloud?Depression: They”re deploying the cloud.Acceptance: We can”t secure the cloud.

Disclaimer: “Cloud” can be replace with virtually (pun intended) any technology.

See you all in 2 weeks…