I haven’t been writing much over the past few weeks because I took a few weeks with the family back in Boulder. The plan was to work in the mornings, do fun mountain stuff in the afternoons with the kids, and catch up with friends in the evenings. But the trip ended up turning into a bit of medical tourism when a couple bugs nailed us on day one. For the record, I can officially state that microbrews do not seem to cure viruses. But the research continues…
It was actually great to get back home and catch up as best we could under the circumstances. My work suffered but we managed to hit a major chunk of the to-do list. For the kids I think the highlight was me waking up, noticing it was raining, and bundling the family up to the Continental Divide to chase snow. We bounced along an unpaved trail road in the rain, keeping one eye on the temperature and the other on our altitude, until the wet stuff turned into the white stuff.
Remember, we live in Phoenix – when it started dumping right when we hit the trailhead, with enough accumulation for snowmen and angels, I was in Daddy heaven.
For me, aside from generally catching up with people (and setting a PR in the Bolder Boulder 10K), another highlight was grabbing lunch with some rescue friends and then hanging out in the new headquarters with the kids for a couple hours.
It has been a solid 7-8 years since I was on a call, but back at the Cage, surrounded by the gear I used to rely on and vehicles I used to drive, it all came back. Surprisingly little has changed, and I was really hoping the pager would go off so I might hitch along on a call. Er… then again, I’m not sure you are allowed to respond with lights and sirens when kids are in the back in their car seats.
There is an intensity to the rescue community that even the security community doesn’t quite match. Shared sweat and blood in risky conditions, as I wrote about in The Magazine. That doesn’t mean it’s all one big lovefest, and there’s no shortage of personal and professional drama, but the bonds formed are intense and long-lasting. And the toys? Oh, man, you can’t beat the toys.
That part of my life is on hold for a while as I focus on kids and the company, but it’s comforting to know that not only is it still there, it is still very familiar too.
On to the Summary:
Webcasts, Podcasts, Outside Writing, and Conferences
Adrian’s Dark Reading article on Database DoS.
Favorite Securosis Posts
David Mortman: New Google disclosure policy is quite good.
Adrian Lane: Mobile Security Breaches. Astute, concise analysis from Mogull.
Rich: Security Analytics with Big Data: New Events, New Approaches. Adrian is killing it with this series.
Other Securosis Posts
API Gateways: Security Enabling Innovation [New Series].
Matters Requiring Attention: 100 million or so.
Apple Expands Gatekeeper.
Incite 6/5/2013: Working in the House.
Oracle adopts Trustworthy Computing practices for Java.
A CISO needs to be a business person? No kidding…
Security Analytics with Big Data: Defining Big Data.
LinkedIn Rides the Two-Factor Train.
Finally! Lack of Security = Loss of Business.
Network-based Malware Detection 2.0: Scaling NBMD.
Friday Summary: May 31, 2013.
Evernote Business Edition Doubles up on Authentication.
Favorite Outside Posts
David Mortman: Data Skepticism.
Adrian Lane: NSA Collects Verizon Customer Calls. Interesting read, but not news. We covered this trend in 2008. The question was why the government gave immunity to telecoms for spying on us, and we now know: because they were doing it for the government. Willingly or under duress is the current question.
Rich: Why we need to stop cutting down security’s tall poppies. Refreshing perspective.
Research Reports and Presentations
Email-based Threat Intelligence: To Catch a Phish.
Network-based Threat Intelligence: Searching for the Smoking Gun.
Understanding and Selecting a Key Management Solution.
Building an Early Warning System.
Implementing and Managing Patch and Configuration Management.
Defending Against Denial of Service (DoS) Attacks.
Securing Big Data: Security Recommendations for Hadoop and NoSQL Environments.
Tokenization vs. Encryption: Options for Compliance.
Pragmatic Key Management for Data Encryption.
The Endpoint Security Management Buyer’s Guide.
Top News and Posts
Democratic Senator Defends Phone Spying, And Says It’s Been Going On For 7 Years.
Expert Finds XSS Flaws on Intel, HP, Sony, Fujifilm and Other Websites.
Whom the Gods Would Destroy, They First Give Real-time Analytics.
Apple Updates OS X, Safari.
Original Bitcoin Whitepaper.
Unrelenting AWS Growth. Not security related, but the most substantive cloud adoption numbers I have seen. Note that the X axis of that graph is logarithmic – not linear!
Microsoft, US feds disrupt Citadel botnet network.
Blog Comment of the Week
This week’s best comment goes to Andy, in response to LinkedIn Rides the Two-Factor Train.
This breaks the LinkedIn App for Windows phone.
But who uses Windows phone, besides us neo-Luddites who refuse to buy into the Apple ecosystem?