It’s All Friggin’ Magic, Mkay?

Posted June 17th, 2008 by

OK, whoever named this product should be shot:  Ashampoo Magical Security.

However, as much as I love sprinkling on the Magic FISMA Fairy Dust, “Magical Security” is craziness.

I won’t go into too much detail on hackers, shampoo, washing, and South Pacific.  I have a feeling I’ll get plenty of comments to that effect.



Similar Posts:

Posted in Odds-n-Sods | 7 Comments »
Tags:

Tie Down the Livestock, Twister’s a Comin’!

Posted June 5th, 2008 by

So we had a great bit of weather yesterday.  I had just gotten back from lunch with Chris from How Is That Assurance Evidence (pretty smart guy, similar content to myself, worth checking out some time) when  I got a tweet from the National Capitol Region Battlespace which is a civil-defense kinda organization but they have a good condensed tweet feed.  Anyway, the contents was this:  “Severe weather has entered NCR. Frequent lightning, tornado warnings for VA suburbs.”  Ooooh, tornado drill time, shut down the home servers, make sure Mrs Rybolov is wearing real shoes not sandals and get ready to bolt to the basement when you hear the train coming through your house.  Where’s Mogull to make a pithy saying about how twitter might have finally gotten a legitimate use.  =)

Meanwhile, less than 5 miles away at Dulles Airport, Jennifer Leggio was grounded and all but abandoned by the UAL crew who headed to the bunkers, so she had to wheel an elderly nun to safety (BTW, that’s fairly heroic/good-samaritan-like all things considered).  I think she finally got home today around late afternoon.

Parts of the DC area lost some power (Falls Church proper still doesn’t have power), including my server, which didn’t come back up when the power came back on because, well, I borked up LILO previously and didn’t know it.  After a trip over to see it this afternoon, everything is back to working.

Now from a blogging sense, this was the worst time for me because the day before I put up a slideshow about “What you can learn from the US Government” and now that my server’s back up, I’ve most likely dropped off everybody’s rss feeds.  The preso’s still there, go check it out.

After the storm blew through, NCR Battlespace sent the link to this beautifully evil picture of clouds in Alexandria:

Tornado Clouds over Alexandria

Impending Evil photo by Joseph J D’Angelo



Similar Posts:

Posted in Odds-n-Sods | No Comments »
Tags:

Transparency in Government: Just Give us the Data!

Posted June 2nd, 2008 by

Interesting blog post at Freedom to Tinker about government releasing the raw data.  It makes the security geek in me cringe because well, most of the data that the government has is PII, and I know that the typical government reaction is to say “not only no, but h*ll no!!”  I mean, after all, most of our goal in the Government is to keep the data from reaching the citizens and evil-doers–giving away data is a cultural clash.

Yes, transparent government is a pretty good goal.  I think the authors of Freedom to Tinker have forgotten that not all Government data is fit for public consumption.  The problem is one of sanitization:  how do you clean all of the PII out of data before you release it to the public?  Not only that, but because of the size of the data sets, most likely you need an automated method to sanitize it.  I think that because of the sanitization factor that the Government would not gain that much efficiency by outsourcing the data presentation to others.

As with all things in security, this is nothing new.  There’s a little-known project (First Rule of “Fight Club” being what it is…) known as Radiant Mercury that does exactly this with classified data.  You can check out the basic concept in quasi-official presentations here (.pdf caveat) and here.

If we were going to make all this data available, we would need an unclassified version of Radiant Mercury to filter out all the PII and “Sensitive but Unclassified” bits.

Now as far as letting second parties build interfaces into the raw data, I’m torn on it.  On one hand, private industry can provide access to data “Now at Web 2.0 Speeds!” but on the other hand, then the Government loses control over the presentation and, by extension, accountability for the content.



Similar Posts:

Posted in Odds-n-Sods, Rants | No Comments »
Tags:

Government Information Security Leadership Awards

Posted May 19th, 2008 by

In amongst all the usual ISC2 spammings, this one should perk the interest of my blog readers:  The Government Information Security Leadership Awards.  Nominations are open until July 25th.



Similar Posts:

Posted in Odds-n-Sods | No Comments »
Tags:

Introducing the NoVa InfoSec Portal

Posted May 15th, 2008 by

Nice, somebody added up all the security events in Northern Virginia and put them in one place. Not only is this a good idea, but I have no less than half a dozen events happening every month within 2 miles of where I live.  I now have a busy social calendar and I have to manage my “copious amounts of free time”.

Things haven’t been this happening since the Army of the Potomac invaded.



Similar Posts:

Posted in Odds-n-Sods | 1 Comment »
Tags:

LOLCATS Come to Guerilla CISO!

Posted May 15th, 2008 by

Oh yes, maybe I ate too much sushi last night, but I’m now adding a LOLCATS section to my blog over in the categories.  Stay tuned for moar.

 I KAN FIX UR FISMAZ



Similar Posts:

Posted in IKANHAZFIZMA, Odds-n-Sods | 6 Comments »
Tags:

« Previous Entries Next Entries »


Visitor Geolocationing Widget: