I’m doing some more yahoo pipes work–aggregating and filtering blog feeds. I’ve created a combination of whitelist and a highly filtered set of search results known as Chardonnay, and I’ll eventually make a less-filtered “2-Buck Chuck” and a highly-filtered Eiswein version.

My basic rule-of-thumb for the Chardonnay feed is that if the signal-to-noise ratio of a blog is less than 3:1 or so, I would bump it into Tier 2. Not that they don’t have any good content, but I was trying to keep my feed at least 8:2 signal-noise ratio.

For the Eiswein feed, I’m aiming for 9:1 signal-noise ratio. In order to do that, I have to filter everything, including myself. =)

As far as 2-Buck Chuck, well, let’s say it’s so unfiltered that it has chunks^wpieces of sediment in it. It’s also hard to build something like this and intentionally disable the quality controls you’ve built.

“Why the wine motif?” you ask. Well, I was looking for something that has a price and quality range, so wine fit right in there. I bought www.chateaublogsville.com which will be the entry site for the 3 security blog feeds. It might take me a couple of weeks to get up a simple site but in the meantime you’re free to subscribe to any of the feeds.

One thing that I’m finding out about blog feeds. For the Chardonnay, I had to look at a couple of approaches to feed aggregation. I started out with a linked-to list of people and a desire to have a google and technorati catch-all search to find some relevant information from little-known feeds. After working with some data munging for a couple of days, I notice that the source feeds fit into the following groups:

• Tier 1 Feeds that I want to let through pretty much unfiltered (Mine, Matasano, Curphey, ISM-Community, Bejtlich, etc)
• Tier 2 Feeds that need to be filtered for relevancy (Security Bloggers Network members, news site aggregages that I haven’t whitelisted above)
• Tier 3 Feeds that need to be filtered for spam and then filtered for relevancy whilst wearing lead gloves (technorati and google searches)

Now that I write it all down, it sounds exactly like writing email filters or SIEM tuning or any one of a bazillion uses that you could have for filtering, so I’ve once again recreated ideas that already exist. Of course, I probably could have saved some time by approaching the problem from this angle, but really I had to move the ideas around a dozen different ways until it fit in a way that made sense.

The funny thing is that I had the hardest time filtering on privacy.  I was getting too much junk off the blog search feeds (privacy of timeshares, that kind of thing), so what I’m playing with is killing privacy from the main filter and then filtering the search feeds on privacy and a second keyword.

The usual disclaimers work here: I’m playing with content provided by other people, so I don’t even remotely pretend to have any control over it. There are a couple pieces of junk that will slip through the filters. Because the source of the filters is open for the world to see, you can cheat them by including the right words.

• Blog Statistics and Search Strings
• Google Advanced Operators and Government Website Leakage
• A Day in the Life of the Feedmaster
• Get Yer Feeds Here
• It’s a Series of Pipes

So I’ve gotten ISM-Community a wee little bit of press over the past week.

Dark Reading

IT Backbones Security

About the best advice I’ve gotten on PR stuff was from Paul Graham’s essay The Submarine:

“A good flatterer doesn’t lie, but tells his victim selective truths (what a nice color your eyes are). Good PR firms use the same strategy: they give reporters stories that are true, but whose truth favors their clients.”

In other words, I wrote our press release so that it was easy to cut and paste the sections that a reporter would want.  Instead of giving them a list of facts, I gave them a modular story with some good quotes that could be cut off whenever they wanted.

Anyway, you’re hearing about me being a PR wonk because that’s about all I have time for right now.  I can’t talk work-related stuff because for the next couple of weeks it’s all stuff that nobody needs to know about–covert missions and whatnot.  =)

• Making Press Releases
• Buy a Costume, Get Security Suite Free!
• My System Environment
• Targeted Spam
• It’s a Series of Pipes

But you probably knew that already, didn’t you? =)

Get it all here

• My Favorite Conspiracy Theory
• The Honor System
• My System Environment
• Data Centers and Hair Driers
• ISM-Community DC Chapter Meeting Announcement

I spent last night writing a press release for ISM-Community Top Ten.  Press of the world, be warned, you will be hearing from me soon.

Anyway, lessons learned from writing a press release:

• Geeks hate hyperbole
• Security geeks hate hyperbole even more
• There is a big need for marketing people to learn how to talk “security dweeb” and there is a need for security managers to learn how to talk to “marketing dweebs”
• Have a stock supply of quotes from people associated with the project to put wherever you see fit–collecting them at the last minute is hard to do
• Don’t ever volunteer again =)

Seriously, though, it’s good skills to learn, even if you think you’ll never need them again.

• Busy Days
• Hack Disaster Relief
• Call for Volunteers
• Volunteer to be Tracked
• Being a PR Wonk is Hard

Computer lab that I cared for and kept running as a side job to keep from going crazy from the heat.  Check out the layer of dust.

You can read about my satellite adventures here.

• Wiebetech MJ-1
• It’s All Friggin’ Magic, Mkay?
• My Favorite Conspiracy Theory
• Internet in the Remote Desert
• Pandemic Flu Exercise

Rational Security/Chris Hoff with his take on the NAC Forum.

What I was thinking, only without the boots and hats. =) That’s about as irreverent as something I would write.

• Bacn–It’s Cooked Spam
• It’s Time for an Exit Strategy
• Do You Know What FISMA Is?
• An Informal Study on the Literacy Level of Security Blogs–We All Get Pwned by Amrit
• Needed: Agency CSOs