I hate Comcast!
I was paying a fee for a DVR from Comcast. Most of the time, many of the features didn't work. For example, the machine often froze, on demand NEVER worked, and on top of everything else, Comcast had to reset my system several times a month.. all for the high value, very low monthly price of $130.
So, I bought an Elgato Hybrid stick, inserted it in my trusty Mac Mini, hooked the whole thing up to my flat screen and off I went. All those ClearQam channels plus the local stuff. LOVE IT. The story gets better hang with me.
Comcast announced a few months ago that everything was going to digital.. and they did. My Elgato handled it nicely until... Comcast seemingly started encrypting more signals! I lost the Discovery Channel!
Finally over the weekend after missing Mike Rowe I broke down and bought a TiVo --only to find out that I need a multi-streaming CableCard --a PCMCIA card that plugs into the backend of the Tivo. So, on Sunday I enter into a chat session with a very nice Comcast rep who tells me "no problem! I'll ship you one.. or better yet, you have a Comcast office right around the corner from your apartment". If you go pick one up it'll save you ten dollars in shipping. I agreed.
So yesterday I took time over lunch and ran to the Comcast office. After waiting in line for twenty minutes the CSR told me that I had to schedule a service appointment. SHIT! FOILED AGAIN BY F*ING COMCAST! No appointments after 5! I have a secretary who scraps for every timeslot during my day and Comcast wants me to stay in the apartment waiting for one of their idiot flunky high school dropout (ahem) technicians? I asked if they could call so I could meet them... no. I didn't get a card. I didn't schedule a service appointment.
Today I called Comcast. I finally ended up with an appointment. The CSR on the phone put 'a note in the file' to tell them to call thirty minutes before they arrive. She couldn't promise anything. We'll see.
Poor customer service
High price
Low value programming
Three hour time slots required for delivery
Uneducated technicians (the last one sporting Appalachian goatee)
Let me say it again: I HATE COMCAST!!!
Jeff
Tuesday, March 30, 2010
Sunday, January 31, 2010
Is Google the new NSA?
Am I the only one worried about this?
I've been watching Hulu and keep seeing Google ads for Chrome.
Every time I turn around, I see ads for the Google Droid (cell phone).
Here's a question for you.. does anyone know how Google makes money? It's not the same as other phone manufacturers, or Apple, or netbook manufacturers. They make money by selling hardware and/or software, and take a cut from the cellular providers for every two year contract.
Google makes money by collecting and selling information. Of course they're going to make money on the device itself, and from a cut from the cellular providers, but their main source of revenue is from collecting information -YOUR information, and selling it to marketers, data miners, analysts, researchers, or anyone else who will pay.
Now we've all heard the stories of how much information NSA (and other SIGINT collection agencies in the world) collect, and how much they process but these agencies get what can be collected over the air. Google has a better source --the handset itself. Can you think of better way to understand individual user preferences, calling patterns, behaviors? I can't. It's the one electronic device that we use the most; we depend on to stay connected, and Google gets to see it all. Where exactly do all of those apps connect back to? How does the phone stay in touch with Google? How much information is being collected? Who uses this information? Try Googeling "Google versus NSA" and see how many results come back.
Now take this a step further.. Google, although being challenged by Microsoft's Bing owns the search market, is moving quickly with their 'Chrome' browser, owns the blog I'm publishing this on, owns YouTube (and all of it's subscribers), Google Earth, Mail, Wave, Google Voice, and endless apps that they collect information from, and now, Droid.
Silly, but I keep having visions of a movie from last summer "Eagle Eye" and the automated actions of a supercomputer who used information collected from all of these devices and software, analyzed it, and used it to control every movement Shia LeBouf and a second unwitting victim. In the movie they referred to this information as 'collective intelligence'.
The difference between Google and NSA? NSA has intelligence oversight. Google does not.
Am I the only one worried about this?
I've been watching Hulu and keep seeing Google ads for Chrome.
Every time I turn around, I see ads for the Google Droid (cell phone).
Here's a question for you.. does anyone know how Google makes money? It's not the same as other phone manufacturers, or Apple, or netbook manufacturers. They make money by selling hardware and/or software, and take a cut from the cellular providers for every two year contract.
Google makes money by collecting and selling information. Of course they're going to make money on the device itself, and from a cut from the cellular providers, but their main source of revenue is from collecting information -YOUR information, and selling it to marketers, data miners, analysts, researchers, or anyone else who will pay.
Now we've all heard the stories of how much information NSA (and other SIGINT collection agencies in the world) collect, and how much they process but these agencies get what can be collected over the air. Google has a better source --the handset itself. Can you think of better way to understand individual user preferences, calling patterns, behaviors? I can't. It's the one electronic device that we use the most; we depend on to stay connected, and Google gets to see it all. Where exactly do all of those apps connect back to? How does the phone stay in touch with Google? How much information is being collected? Who uses this information? Try Googeling "Google versus NSA" and see how many results come back.
Now take this a step further.. Google, although being challenged by Microsoft's Bing owns the search market, is moving quickly with their 'Chrome' browser, owns the blog I'm publishing this on, owns YouTube (and all of it's subscribers), Google Earth, Mail, Wave, Google Voice, and endless apps that they collect information from, and now, Droid.
Silly, but I keep having visions of a movie from last summer "Eagle Eye" and the automated actions of a supercomputer who used information collected from all of these devices and software, analyzed it, and used it to control every movement Shia LeBouf and a second unwitting victim. In the movie they referred to this information as 'collective intelligence'.
The difference between Google and NSA? NSA has intelligence oversight. Google does not.
Am I the only one worried about this?
Monday, July 20, 2009
The NEW Infosec is upon us! (but we're still armed with old products!)
Everyday I read dozens of articles regarding cyber war, DDoS, cyber espionage, the President's cyber czar (which, as I understand, remains unfilled), a TON of pro and con opinions in the press, and dozens of analyst opinions. This doesn't include vendor pitches and the deluge of advertising aimed at the Information Security dollars that will be spent in the coming years.
I'm going to lay it on the table in the hopes that someone will get it... today is the first of a couple of blogs offering comments about where we are, why we have issues, and hopefully, what we can do about it.
Here's number one... Vendors.
Vendors -companies who sell infosec products -don't get it!
Entrepreneurs want to hype their companies all with the hopes of making their products, companies and books looking better than than they really are will say anything to make it sound like the products are the best thing since sliced bread. In fact, many just don't get it. I can't tell you how many presentations I've sat through, only to ask the hard questions --hard questions about not the 80% of the threats they've built their pitches on, but about the top 20% of the threats that come in through spam, phishing, and drive-bys --all fueled by sophisticated social engineering? Yeah? Whadya gonna do about that?? So vendors, here it is --your products are built on the old threat models. Get with the program. Hire people with recent experience and sell GOOD products rather than products that try to solve EVERY problem. Find the pain point in the market, get really good at it, and fill the hole as best you can. Do your homework! Use a competitive intelligence guru who knows your space and can tell you exactly what your competitors are doing. Please, for the love of God, please, don't come see me without having detailed competitive intelligence in your back pocket. I swear, if I hear one more entrepreneur tell me they don't have any competition I'm gonna puke.. and then kick you out of my office.
Medium sized vendors.. I've got to pick on Security Information Management for a moment. Great idea, but it's making our SOC analysts dumb. They have come to rely on the boob tube with absolutely no idea what's going on the background. These products have turned skilled analysts into movie watchers. What's worse? The vendors have'em hooked like crack whores. Once the licenses are bought, and the SOC works on the SIM/SEM GUI, the company never looks back and will continue to pay over and over and over and over and over. They'll keep coming back for more because the sunk costs are two high to leave behind without without the CISO getting really red faced over the already money spent. Why do I have so many issues with SEM/SIM? Remember the old days when we watched a VT100 screen with IDS logs passing by? We were inundated with information but had no idea which ones were important. Today we have the same issue. How do you know what's important? OK, I'm a pretty seasoned guy, and can (sometimes) tell by looking, but most SOC analysts aren't. They need to know what's bad and what isn't. Then, they need to be able to look deeper. So, SIM guys, make it so! Bells and whistles aren't worth a damn if everything looks important. I can't tell you how many times I walked into the SOC, saw the SEM top ten list on the big screen and asked what was happening with the number one... I always got the same answer ... "It's a false alarm." Bull shit.
Larger vendors (like the Antivirus Vendors), can sit on their laurels and enjoy the fruits of ineptitude. That's right, I said ineptitude. Do we really know how (in)effective antivirus is? It's a good thing it's cheap! If it didn't why would we need so many layers in our defense in depth program? A/V should be able to kill anything landing on the computer, but, alas, they cant. Instead they have to rely on a whole slew of other technologies to do their job, and guess what? There's no way to correlate all of those things together to tell what's good and what's not! Sorry folks, I've come to the realization that A/V vendors would rather expand their market rather than make their product more accurate.
Bottom line. Vendors are out of touch with their market. Here are a few things that'd make things a WHOLE lot better.
1. Small and medium size companies --use Competitive Intelligence as a regular part of your marketing team. CI can help with pricing strategies (by finding out what competitors charge), product management, and long range planning. For the cost of one engineer, you can have a VERY clear idea of what you're facing and where the niche is.
2. Larger companies? Pay attention to your customers. Premium service packages are nice, but not if you're only catching 10% of the problems. The products should work first time, every time, and be right.
Next time... Magic Quadrant!
Jeff
I'm going to lay it on the table in the hopes that someone will get it... today is the first of a couple of blogs offering comments about where we are, why we have issues, and hopefully, what we can do about it.
Here's number one... Vendors.
Vendors -companies who sell infosec products -don't get it!
Entrepreneurs want to hype their companies all with the hopes of making their products, companies and books looking better than than they really are will say anything to make it sound like the products are the best thing since sliced bread. In fact, many just don't get it. I can't tell you how many presentations I've sat through, only to ask the hard questions --hard questions about not the 80% of the threats they've built their pitches on, but about the top 20% of the threats that come in through spam, phishing, and drive-bys --all fueled by sophisticated social engineering? Yeah? Whadya gonna do about that?? So vendors, here it is --your products are built on the old threat models. Get with the program. Hire people with recent experience and sell GOOD products rather than products that try to solve EVERY problem. Find the pain point in the market, get really good at it, and fill the hole as best you can. Do your homework! Use a competitive intelligence guru who knows your space and can tell you exactly what your competitors are doing. Please, for the love of God, please, don't come see me without having detailed competitive intelligence in your back pocket. I swear, if I hear one more entrepreneur tell me they don't have any competition I'm gonna puke.. and then kick you out of my office.
Medium sized vendors.. I've got to pick on Security Information Management for a moment. Great idea, but it's making our SOC analysts dumb. They have come to rely on the boob tube with absolutely no idea what's going on the background. These products have turned skilled analysts into movie watchers. What's worse? The vendors have'em hooked like crack whores. Once the licenses are bought, and the SOC works on the SIM/SEM GUI, the company never looks back and will continue to pay over and over and over and over and over. They'll keep coming back for more because the sunk costs are two high to leave behind without without the CISO getting really red faced over the already money spent. Why do I have so many issues with SEM/SIM? Remember the old days when we watched a VT100 screen with IDS logs passing by? We were inundated with information but had no idea which ones were important. Today we have the same issue. How do you know what's important? OK, I'm a pretty seasoned guy, and can (sometimes) tell by looking, but most SOC analysts aren't. They need to know what's bad and what isn't. Then, they need to be able to look deeper. So, SIM guys, make it so! Bells and whistles aren't worth a damn if everything looks important. I can't tell you how many times I walked into the SOC, saw the SEM top ten list on the big screen and asked what was happening with the number one... I always got the same answer ... "It's a false alarm." Bull shit.
Larger vendors (like the Antivirus Vendors), can sit on their laurels and enjoy the fruits of ineptitude. That's right, I said ineptitude. Do we really know how (in)effective antivirus is? It's a good thing it's cheap! If it didn't why would we need so many layers in our defense in depth program? A/V should be able to kill anything landing on the computer, but, alas, they cant. Instead they have to rely on a whole slew of other technologies to do their job, and guess what? There's no way to correlate all of those things together to tell what's good and what's not! Sorry folks, I've come to the realization that A/V vendors would rather expand their market rather than make their product more accurate.
Bottom line. Vendors are out of touch with their market. Here are a few things that'd make things a WHOLE lot better.
1. Small and medium size companies --use Competitive Intelligence as a regular part of your marketing team. CI can help with pricing strategies (by finding out what competitors charge), product management, and long range planning. For the cost of one engineer, you can have a VERY clear idea of what you're facing and where the niche is.
2. Larger companies? Pay attention to your customers. Premium service packages are nice, but not if you're only catching 10% of the problems. The products should work first time, every time, and be right.
Next time... Magic Quadrant!
Jeff
Saturday, May 30, 2009
We Have A Cyber Czar, and He Has Spoken
I couldn't help it. I took a link from Bob Gourley's CTOVision blog where he tells the world that we ALREADY have a Cyber Czar. His name is Vladimir Putin!
http://ctovision.com/2009/05/white-house-cyber-policy-review-and-a-cyber-czar/
Bob tells it like it is, so there's no need for me to :)
Enjoy!
Jeff
http://ctovision.com/2009/05/white-house-cyber-policy-review-and-a-cyber-czar/
Bob tells it like it is, so there's no need for me to :)
Enjoy!
Jeff
Friday, May 29, 2009
eWeekNews: Discovery Features Make DLP Smarter... really?
Lawrence Walsh's article (eWEEKNews, 2009-05-29) entitles "Discovery Features Make DLP Smarter" made me both scratch my head and chuckle a little. It's a story I've heard many times, and in fact commented on a few days ago in my blog notes entitled 'Vendor Hype'. In this case, it didn't take long to see something in the news about the one very item that I always think about when I think about vendor hype. Sorry Larry. You know I love ya!
Over the past several years (since 2004?) I've been keeping a close eye on the DLP space. This for many reasons. First if they can ever figure out how to go beyond SSNs, credit card numbers, and a few other key pieces of PII without the high false positive rate, this solution would be an absolute win. I'm not saying PII isn't important, but PII can be found using MANY tools, not just the expensive solutions offered by Vontu, Reconnix, and a half dozen others out there. There's something good that comes with these solutions (don't get me wrong!) but it is very simply this --they can find simple strings in moving data that they can flag on to tell you when something is leaving the enterprise that probably shouldn't.
I chuckle because one vendor in particular took a host based approach --Verdasys --to finding data and watching it move, while the rest seemed to believe they could do a better job of flagging it in motion. Now it appears they're heading in the same direction. The network based tools want to do host based detection/protection, while the host based providers want to start moving in the direction of the network.
That said, I polled several reference customers of a couple of DLP vendors. Not one of them reported their DLP vendor having done great jobs in the areas not considered their sweet spot. The network providers don't do host based work well.
Hunting critical information to effect its protection? This is a task not easily performed. Here's why... even in a small environment, data doesn't always sit where you think it should. While shares and repositories are likely places you'd want to find source code, work product, finished proposals, PII, or anything else you might consider important they almost always sit on the users computers and in many cases, private backup disks and other removeable media. Another critical issue --I've worked in LARGE enterprise (100,000+ users) for the last several years. One thing that troubles me in large enterprise is that most times the owners of those environments have no idea, nor any accounting, for where critical information resides. This is especially true of any company who's growth came from the heavy acquisition strategy used in the '90s!
OK, it's easy to be negative. Here's what I'd like to see to solve the problem:
1. DLP vendors need to consider integrating spiders into their applications that can do pattern matching in an attempt to flag data in a data classification schema. Once this is performed, do a bucket analysis of each of the different flags and let a human review the schema to ensure it's accuracy, and how the data should be protected. Use company policy (if it exists) to enforce as needed.
2. Performing hash value calculations on anything in a database and then watching them leave the enterprise isn't an effective solution. First, as I mentioned above, it's rare to know where everything resides. Second, documents have lives of their own. Hash values will change every time the document changes. It's impractical.
3. Consider integrating with digital rights management solutions. DRM DOES tagging, as well as offers access credentials. By integrating DRM solutions into DLP, you get the best of both worlds without having to build another solution.
DLP vendors need to think about partnering to offset some of their gaps. One does host based protection well. Others do network based protection well. Stop trying to be something you're not and pair up!
As always, feedback welcome! Mine is only one opinion :)
Jeff
Over the past several years (since 2004?) I've been keeping a close eye on the DLP space. This for many reasons. First if they can ever figure out how to go beyond SSNs, credit card numbers, and a few other key pieces of PII without the high false positive rate, this solution would be an absolute win. I'm not saying PII isn't important, but PII can be found using MANY tools, not just the expensive solutions offered by Vontu, Reconnix, and a half dozen others out there. There's something good that comes with these solutions (don't get me wrong!) but it is very simply this --they can find simple strings in moving data that they can flag on to tell you when something is leaving the enterprise that probably shouldn't.
I chuckle because one vendor in particular took a host based approach --Verdasys --to finding data and watching it move, while the rest seemed to believe they could do a better job of flagging it in motion. Now it appears they're heading in the same direction. The network based tools want to do host based detection/protection, while the host based providers want to start moving in the direction of the network.
That said, I polled several reference customers of a couple of DLP vendors. Not one of them reported their DLP vendor having done great jobs in the areas not considered their sweet spot. The network providers don't do host based work well.
Hunting critical information to effect its protection? This is a task not easily performed. Here's why... even in a small environment, data doesn't always sit where you think it should. While shares and repositories are likely places you'd want to find source code, work product, finished proposals, PII, or anything else you might consider important they almost always sit on the users computers and in many cases, private backup disks and other removeable media. Another critical issue --I've worked in LARGE enterprise (100,000+ users) for the last several years. One thing that troubles me in large enterprise is that most times the owners of those environments have no idea, nor any accounting, for where critical information resides. This is especially true of any company who's growth came from the heavy acquisition strategy used in the '90s!
OK, it's easy to be negative. Here's what I'd like to see to solve the problem:
1. DLP vendors need to consider integrating spiders into their applications that can do pattern matching in an attempt to flag data in a data classification schema. Once this is performed, do a bucket analysis of each of the different flags and let a human review the schema to ensure it's accuracy, and how the data should be protected. Use company policy (if it exists) to enforce as needed.
2. Performing hash value calculations on anything in a database and then watching them leave the enterprise isn't an effective solution. First, as I mentioned above, it's rare to know where everything resides. Second, documents have lives of their own. Hash values will change every time the document changes. It's impractical.
3. Consider integrating with digital rights management solutions. DRM DOES tagging, as well as offers access credentials. By integrating DRM solutions into DLP, you get the best of both worlds without having to build another solution.
DLP vendors need to think about partnering to offset some of their gaps. One does host based protection well. Others do network based protection well. Stop trying to be something you're not and pair up!
As always, feedback welcome! Mine is only one opinion :)
Jeff
Thursday, May 28, 2009
Study finds IT security pros cheat on audits --Is this a surprise?
In an article received on twitter yesterday, the author (Angela Moscaritolo, on May 27, 2009) discusses the fact that IT Security Pros cheat on Audits. The article may be seen at:
http://www.scmagazineus.com/Study-finds-IT-security-pros-cheat-on-audits/article/137546/
It should come as no surprise that corners get cut in audits. I wouldn't call it cheating per se, nor am I defending those who blatantly gundeck (a Navy term for cheating on assigned tasks) for a few reasons, but here are two:
1. In smaller/medium sized companies, resources generally don't exist to carry out the full scope of even the most basic audit frameworks (measuring against 800-53, ISO, etc.), thereby leaving gaps in the completed audit when compared to the plan.
2. In larger companies, the audit teams report to the board of directors, not the ISO or CFO as will the Risk team or Information Security team. Auditors get treated like every other auditor.. they get what they ask for -nothing more, nothing less. I've worked as an auditor, and worked with auditors several times in the past eight years and know the drill quite well. If an auditor is uninformed, they don't ask good questions, and as a result, get inaccurate information.
Tips for doing better audits?
1. Look for experience IT/Security people that can be taught auditing. Certifications are good, but not perfect. CISA is common among the large consulting organizations, but again, personal experience leads me to believe that not all CISAs are created equal.
2. Create an environment of cooperation between the audit team and the infosec/risk team. If an audit is going to happen at a certain location, why not leverage the audit team to perform a risk assessment at the same time. There's an opportunity for resource sharing if you can get legal to sign off.
3. Cross train and labor share. Use infosec people as auditors, and get auditors involved in sitting in the SOC. This makes everyone smarter, and eventually, the company better.
4. Find a good framework and stick to it. Measure the results location versus location, program against program, or division against division. It's not a report card but a score card that offers baseline, and hopefully upward trending.
Most importantly, remember, auditors get treated like auditors. They're outsiders and need to know what to ask, and whom to speak with to get the right information. They get this through bonding and familiarity in the organization. Train them well, get cooperation with infosec, and you'll see markedly better, and more consistent audit results.
Happy hunting!
Jeff
http://www.scmagazineus.com/Study-finds-IT-security-pros-cheat-on-audits/article/137546/
It should come as no surprise that corners get cut in audits. I wouldn't call it cheating per se, nor am I defending those who blatantly gundeck (a Navy term for cheating on assigned tasks) for a few reasons, but here are two:
1. In smaller/medium sized companies, resources generally don't exist to carry out the full scope of even the most basic audit frameworks (measuring against 800-53, ISO, etc.), thereby leaving gaps in the completed audit when compared to the plan.
2. In larger companies, the audit teams report to the board of directors, not the ISO or CFO as will the Risk team or Information Security team. Auditors get treated like every other auditor.. they get what they ask for -nothing more, nothing less. I've worked as an auditor, and worked with auditors several times in the past eight years and know the drill quite well. If an auditor is uninformed, they don't ask good questions, and as a result, get inaccurate information.
Tips for doing better audits?
1. Look for experience IT/Security people that can be taught auditing. Certifications are good, but not perfect. CISA is common among the large consulting organizations, but again, personal experience leads me to believe that not all CISAs are created equal.
2. Create an environment of cooperation between the audit team and the infosec/risk team. If an audit is going to happen at a certain location, why not leverage the audit team to perform a risk assessment at the same time. There's an opportunity for resource sharing if you can get legal to sign off.
3. Cross train and labor share. Use infosec people as auditors, and get auditors involved in sitting in the SOC. This makes everyone smarter, and eventually, the company better.
4. Find a good framework and stick to it. Measure the results location versus location, program against program, or division against division. It's not a report card but a score card that offers baseline, and hopefully upward trending.
Most importantly, remember, auditors get treated like auditors. They're outsiders and need to know what to ask, and whom to speak with to get the right information. They get this through bonding and familiarity in the organization. Train them well, get cooperation with infosec, and you'll see markedly better, and more consistent audit results.
Happy hunting!
Jeff
Wednesday, May 27, 2009
Podcast: More Targeted, Sophisticated Attacks: Where to Pay Attention
What timing! I just blogged about this this morning.
The conversation is 20 minutes long, but the piece with Marty talking about new issues --Social Engineering and (still) bad code is about 6. It's worth a listen. I'd love comments back. Thoughts? What other issues should we be concerned with during this period of adjustment to new threats?
More Targeted, Sophisticated Attacks: Where to Pay Attention
http://www.cert.org/podcast/show/20090526lindner.html
Featuring:
Marty Lindner - CERT Julia Allen
RSS: http://www.cert.org/podcast/exec_podcast.rss
The conversation is 20 minutes long, but the piece with Marty talking about new issues --Social Engineering and (still) bad code is about 6. It's worth a listen. I'd love comments back. Thoughts? What other issues should we be concerned with during this period of adjustment to new threats?
More Targeted, Sophisticated Attacks: Where to Pay Attention
http://www.cert.org/podcast/show/20090526lindner.html
Featuring:
Marty Lindner - CERT Julia Allen
RSS: http://www.cert.org/podcast/exec_podcast.rss
Information Security Vendor hype?
It seems we're in an entrepreneurial dilemma... especially in the information security field.
Entrepreneurs/innovators/tech sales people create, commercialize and sell new, innovative tools, but it seems we've hit a plateau where the entrepreneurs don't understand the new market. In this down-turned economy how many infosec companies have failed? How many have been bought? I'd guess far fewer acquired than failed but then again, that's always been the case. Now it seems harder. It seems entrepreneurs are stuck in two areas that they just can't seem to find their way clear of:
1. New attack methods are not caught by old security tools! No matter how many signatures you stick into an IPS, it's not going to be able to stop a C2 channel heading out your door when it's buried inside of FTP! Don't tell me about Data Loss Prevention or losing the perimeter. I've had all the sales garbage that I can stand from the likes of Vontu and Verdisys. While both good ideas, DLP is not a solution for identifying and stopping badness inside your enterprise. The solutions stop 'not so smart' people from doing stupid things but do not stop smart people from stealing information from you.
2. Entrepreneurs are so busy selling (hyping) their products, and so busy with their noses pointed squarely at their keyboard (or financials), they've lost touch with what infosec practitioners really need... and the worst part is, they're not getting it from the trade magazines either! SC Magazine has gone from a robust magazine with good information to an ad rag full of expensive ads and very little content that will give entrepreneurs information to help them focus their product lines and strategy. So here's a bit of advice folks (from a guy who gets pitched more times than most), stop pitching. Leave your marketing materials at the door. Do your homework and be ready to answer hard questions. If I visit your company, I don't want to talk to your business development people. I want the techies. I want to see the results of your product on your company network, and I want to see the demonstrated ROI realized by you. I want to talk down and dirty tech. Tell me why it works. Show me that it does. Tell me it's current limits... then, and only then, will we have more to discuss.
3. Venture capitalists continue to push offshore development because the numbers make sense. You know what though? I won't buy it if there's no way to assure the security of the product, and EAL certification isn't it. Show me something that hits a product squarely with the newest attacks and handles it well. Base certification on that. Until then, VCs, you're limiting the ability of your portfolio companies to be able to sell to government and government contractors.
There, I said it. Want to know what the market looks like? Want to know what the market is going to look like? Want to know what kinds of threats your security tools need to be able to handle? Contact me. I'll tell you.
Jeff
Entrepreneurs/innovators/tech sales people create, commercialize and sell new, innovative tools, but it seems we've hit a plateau where the entrepreneurs don't understand the new market. In this down-turned economy how many infosec companies have failed? How many have been bought? I'd guess far fewer acquired than failed but then again, that's always been the case. Now it seems harder. It seems entrepreneurs are stuck in two areas that they just can't seem to find their way clear of:
1. New attack methods are not caught by old security tools! No matter how many signatures you stick into an IPS, it's not going to be able to stop a C2 channel heading out your door when it's buried inside of FTP! Don't tell me about Data Loss Prevention or losing the perimeter. I've had all the sales garbage that I can stand from the likes of Vontu and Verdisys. While both good ideas, DLP is not a solution for identifying and stopping badness inside your enterprise. The solutions stop 'not so smart' people from doing stupid things but do not stop smart people from stealing information from you.
2. Entrepreneurs are so busy selling (hyping) their products, and so busy with their noses pointed squarely at their keyboard (or financials), they've lost touch with what infosec practitioners really need... and the worst part is, they're not getting it from the trade magazines either! SC Magazine has gone from a robust magazine with good information to an ad rag full of expensive ads and very little content that will give entrepreneurs information to help them focus their product lines and strategy. So here's a bit of advice folks (from a guy who gets pitched more times than most), stop pitching. Leave your marketing materials at the door. Do your homework and be ready to answer hard questions. If I visit your company, I don't want to talk to your business development people. I want the techies. I want to see the results of your product on your company network, and I want to see the demonstrated ROI realized by you. I want to talk down and dirty tech. Tell me why it works. Show me that it does. Tell me it's current limits... then, and only then, will we have more to discuss.
3. Venture capitalists continue to push offshore development because the numbers make sense. You know what though? I won't buy it if there's no way to assure the security of the product, and EAL certification isn't it. Show me something that hits a product squarely with the newest attacks and handles it well. Base certification on that. Until then, VCs, you're limiting the ability of your portfolio companies to be able to sell to government and government contractors.
There, I said it. Want to know what the market looks like? Want to know what the market is going to look like? Want to know what kinds of threats your security tools need to be able to handle? Contact me. I'll tell you.
Jeff
Wednesday, December 31, 2008
Update to the IPhone delimma
You may recall my post in May where I complained loudly about the issue of upgrades, AT&T, and Apple after having waited for four hours online to proudly upgrade to the iPhone. I should say, I'm a Mac user. There's not a Windows device in my home, save Office 2008.. I LOVE my Macs.
That said, I was enamored by the Blackberry Bold on the day it came out. I've been using it for about a month or so now, and after comparisons between the bold and the iPhone, I'm a pretty happy guy for buying the bold.
Here's why:
1. Battery life in the original iPhone wasn't so good. In the 3G model, it was worse. The Bold has the same problem. I rarely use in on WiFi only because the 3G does the trick, so I leave it off and save the battery. Regardless, I get about 8 hours of life.
2. The Bold is fast, responsive, and the keyboard is exactly what you'd come to expect from Blackberry. It works every time, and my fat thumbs don't miss the keys. Unfortunately that wasn't the case for the iPhone. I spent much time correcting typos, and then finding creative ways to vent frustration.
3. The bold works well with Exchange, and syncs nicely with my Mac.
4. I'm used to it! A Blackberry is nothing short of a must have technology for anyone that must remain connected. While I'm probably not that needed, I like to feel like I am, and the Blackberry keeps me connected.
OK.. much of it's personal preference, but.. that's my story and I'm sticking to it!
Jeff
That said, I was enamored by the Blackberry Bold on the day it came out. I've been using it for about a month or so now, and after comparisons between the bold and the iPhone, I'm a pretty happy guy for buying the bold.
Here's why:
1. Battery life in the original iPhone wasn't so good. In the 3G model, it was worse. The Bold has the same problem. I rarely use in on WiFi only because the 3G does the trick, so I leave it off and save the battery. Regardless, I get about 8 hours of life.
2. The Bold is fast, responsive, and the keyboard is exactly what you'd come to expect from Blackberry. It works every time, and my fat thumbs don't miss the keys. Unfortunately that wasn't the case for the iPhone. I spent much time correcting typos, and then finding creative ways to vent frustration.
3. The bold works well with Exchange, and syncs nicely with my Mac.
4. I'm used to it! A Blackberry is nothing short of a must have technology for anyone that must remain connected. While I'm probably not that needed, I like to feel like I am, and the Blackberry keeps me connected.
OK.. much of it's personal preference, but.. that's my story and I'm sticking to it!
Jeff
Eight Analysts' IT Predictions
http://seekingalpha.com/article/112538-eight-it-analysts-predictions-for-2009?source=feed
Short, interesting read.
I have thoughts (you knew I would!)...
1. Shadow IT use will grow. Not called out by the analysts, but IMO, because of new infosec threat landscape, required controls, and the need for enterprise to take and maintain positive control over every computing asset, you'll see a TON of new shadow IT to skirt those requirements... I also think big enterprise will offer pseudo approval of this practice... "If we don't know about it, we don't have to report it when it gets whacked." Right?? Hmm...
2. Cloud computing. I know we're seeing a lot of hype around cloud computing, applications, and services.. IMO, it's coming fast. Companies are going to realize that paying for their own internal IT isn't as cost effective as having someone do it in the cloud, paying by the account and/or use. Additionally, if cloud computing is used, and there's a break-in, the owner of the data now has somebody to sue for damages! In a time when you can't help be get broken into, doesn't it make sense to have someone to point the finger at?
3. Cost reductions? No surprises there. The main role of a CIO is to apply current technologies to increase competitiveness through either top-line growth (sales), or bottom line growth (through cost avoidance and/or
increases in efficiencies/effectiveness).
Anyway, good stuff...
Happy New Year!
Jeff
Short, interesting read.
I have thoughts (you knew I would!)...
1. Shadow IT use will grow. Not called out by the analysts, but IMO, because of new infosec threat landscape, required controls, and the need for enterprise to take and maintain positive control over every computing asset, you'll see a TON of new shadow IT to skirt those requirements... I also think big enterprise will offer pseudo approval of this practice... "If we don't know about it, we don't have to report it when it gets whacked." Right?? Hmm...
2. Cloud computing. I know we're seeing a lot of hype around cloud computing, applications, and services.. IMO, it's coming fast. Companies are going to realize that paying for their own internal IT isn't as cost effective as having someone do it in the cloud, paying by the account and/or use. Additionally, if cloud computing is used, and there's a break-in, the owner of the data now has somebody to sue for damages! In a time when you can't help be get broken into, doesn't it make sense to have someone to point the finger at?
3. Cost reductions? No surprises there. The main role of a CIO is to apply current technologies to increase competitiveness through either top-line growth (sales), or bottom line growth (through cost avoidance and/or
increases in efficiencies/effectiveness).
Anyway, good stuff...
Happy New Year!
Jeff
Tuesday, August 12, 2008
Not all that will return from China is going to be Gold!
Originally posted on HuntBI.com.. Steve Hunt's business intelligence advisory site is a posting that I placed a few days ago regarding my concern over all of those computers connecting to the Internet in China. The posting can be viewed at http://www.securitydreamer.com/, with an exerpt shown below..
NOT ALL THAT COMES HOME FROM CHINA WILL BE GOLD!
8/8/08
J.L. Stutzman, CISSP
Hammerhead Research, LLC
What happens in Vegas stays in Vegas right?
What happens in China won’t necessarily stay in China.
What do I mean by that? In the Navy there was a sea story. It went something like this…
We pulled into. When we pulled in, the Captain came over the 1MC (the general shipboard loudspeaker system) and gave us a country brief. He told us to be careful. He told us that if we got into a fight, to win, and to be careful with the women- always. Sexually transmitted diseases ran wild in many of the ‘sailor ports’. The story I remember talked about how the hospital corpsman onboard the ship would use a Sharpie to put the name of the sailor on the pair of syringes used to rid us of whatever we picked up. The syringes were then stuck into a dartboard in the Chief’s Mess. As the story goes, the dartboard was always full.
So here’s the deal….
Chinese cyber spies WILL steal your stuff!
NOT ALL THAT COMES HOME FROM CHINA WILL BE GOLD!
8/8/08
J.L. Stutzman, CISSP
Hammerhead Research, LLC
What happens in Vegas stays in Vegas right?
What happens in China won’t necessarily stay in China.
What do I mean by that? In the Navy there was a sea story. It went something like this…
We pulled into
So here’s the deal….
Chinese cyber spies WILL steal your stuff!
Thursday, July 24, 2008
iPhone?
Read a posting from a woman today who returned her iPhone after only SIX days of use... her main complaint? Battery life (and the fact that she'd already returned it once in that six days for another problem). Amazing. I'm a LONG time Apple user, but think I'll sit this round out waiting for version 3.. Maybe it'll come packed with a fuel cell? ;)
Thursday, July 17, 2008
Sat in line for 3 1/2 hours... yet no phone :(
Yesterday was a BAAAAD day for me. Checked the Apple website. Drove from my apartment (just south of Baltimore) over to McLean, VA to stand in line at the Apple store for 3 1/2 hours. Some lady (in her sixty's, stupid, and obviously sexually frustrated as noted by her need to piss me off after 3 hours online) stopped me to ask if I thought the phone wouldn't be there tomorrow. She just wouldn't let go. Finally I told her husband that if I wanted abuse from a wife about standing in line for all that time, I could get it easily enough without having to take it from his. Jackass.
Back to the point.. after 3 1/2 hours, and several announcements by the Apple Store manager that there would be plenty of black 8G phones, an AT&T rep came out. He announced that you must be the primary account holder (no problem there), the phone couldn't be on a business account (again, not a problem), and you MUST be eligible for an upgrade... meaning, if you purchased a phone last May (like I did), even if you took a full two year contract, you weren't eligible to buy the iPhone at the advertised price --which is subsidized by AT&T. Only those who enter into NEW contracts, or were previously iPhone purchasers were eligible... I was not one of them.
So listen here Apple! I've been an Apple customer forever. I own seven Macs including a MacBook Air, three Intel MacBooks, a G3 that one of my kids now uses, a Mini, and an old tower G3. Additionally, I've given two iPhones as gifts... you'd think Apple would offer some kind of customer appreciation... maybe advanced purchase for those of us who are dedicated solely to Apple?? Guess that's to much to ask.
ATT? You're not off the hook. I pay for two phones on ATT, and have since before you were Cingular.. almost 10 years! You can bet that I would have not carried my obligatory two year contract.. I'm a high turnover customer. Yes, you too... Jackass.
So where do I stand? No phone for me! At least not until October 3, when ATT says I'm eligible for an upgrade. Until then, I'll lick my wounds, and consider carefully if it's worth the money. My previous plan had been to retire my blackberry, but I'm kinda likin the new version now.
Ciao!
J
Back to the point.. after 3 1/2 hours, and several announcements by the Apple Store manager that there would be plenty of black 8G phones, an AT&T rep came out. He announced that you must be the primary account holder (no problem there), the phone couldn't be on a business account (again, not a problem), and you MUST be eligible for an upgrade... meaning, if you purchased a phone last May (like I did), even if you took a full two year contract, you weren't eligible to buy the iPhone at the advertised price --which is subsidized by AT&T. Only those who enter into NEW contracts, or were previously iPhone purchasers were eligible... I was not one of them.
So listen here Apple! I've been an Apple customer forever. I own seven Macs including a MacBook Air, three Intel MacBooks, a G3 that one of my kids now uses, a Mini, and an old tower G3. Additionally, I've given two iPhones as gifts... you'd think Apple would offer some kind of customer appreciation... maybe advanced purchase for those of us who are dedicated solely to Apple?? Guess that's to much to ask.
ATT? You're not off the hook. I pay for two phones on ATT, and have since before you were Cingular.. almost 10 years! You can bet that I would have not carried my obligatory two year contract.. I'm a high turnover customer. Yes, you too... Jackass.
So where do I stand? No phone for me! At least not until October 3, when ATT says I'm eligible for an upgrade. Until then, I'll lick my wounds, and consider carefully if it's worth the money. My previous plan had been to retire my blackberry, but I'm kinda likin the new version now.
Ciao!
J
Monday, July 14, 2008
iPhone 3G
Today marks the third day I've driven to either an Apple Store or an ATT Store... on all three occasions, as Maxwell Smart would say "Missed it by THIS much!"
I gotta tell you.. Apple is getting buzz off of the release, but today, on this third day, after driving into the Apple Store in the mall in Columbia, MD, I'm just pissed. Upon arrival I (like the rest of the lemmings) stood in line. The folks in front of me told me they'd been there for two hours, and the guy behind me said he'd done the same yesterday. Today, the number 29 person in line found he'd get a phone (a white 16G model), but the rest of us should try back tomorrow. The grumbling in the line from person 29 and beyond was not pleasant. I think we all felt the same way.
Now here's the deal... Apple should have figure this out. The damn thing can't be ordered online, and while ATT is willing to order one, you have to do it from the store. On top of that, I'm not willing to shell out an extra hundred bucks for the 16G model (let alone a WHITE one! Who the hell wants a white one?!) when the battery (as reported by WSJ) has a significantly lower battery life... I'll pay $200 to send my Blackberry to Blackberry heaven, but not for a white 16G model. I'm also not willing to spend an extra hundred bucks for a product that I just don't want...
I'll wait, and stew.
More tomorrow.. assuming I actually get one.
Jeff
I gotta tell you.. Apple is getting buzz off of the release, but today, on this third day, after driving into the Apple Store in the mall in Columbia, MD, I'm just pissed. Upon arrival I (like the rest of the lemmings) stood in line. The folks in front of me told me they'd been there for two hours, and the guy behind me said he'd done the same yesterday. Today, the number 29 person in line found he'd get a phone (a white 16G model), but the rest of us should try back tomorrow. The grumbling in the line from person 29 and beyond was not pleasant. I think we all felt the same way.
Now here's the deal... Apple should have figure this out. The damn thing can't be ordered online, and while ATT is willing to order one, you have to do it from the store. On top of that, I'm not willing to shell out an extra hundred bucks for the 16G model (let alone a WHITE one! Who the hell wants a white one?!) when the battery (as reported by WSJ) has a significantly lower battery life... I'll pay $200 to send my Blackberry to Blackberry heaven, but not for a white 16G model. I'm also not willing to spend an extra hundred bucks for a product that I just don't want...
I'll wait, and stew.
More tomorrow.. assuming I actually get one.
Jeff
Sunday, September 02, 2007
Bill and Hillary go to State Fair
It almost sounds like something out of Green Acres, and an old Lucy-Desie movie -- the long trailer, except in this case, Bill and Hillary DID go to the state fair. I gotta tell ya though... I was totally underwhelmed. It's not that I'm not a fan of Bill or Hillary.. that's not it at all. I was underwhelmed because my kids were SOOOOOOO excited to be able to catch a glimpse of the former president and possible new one. In the end, we were able to squeeze them through the crowd. My ten year old was beside herself and can't wait to tell her teacher on Tuesday morning. My six year old has a hard core Bill fan for a teacher, who will as well be beside herself.
Why was I underwhelmed? Well, here's how the story goes...
My wife and two daughters went to the NH State Fair. It was a nice day.. 75ish, dry, sunny. What more could you ask for in NH? Great day.
We'd walked the fair, rode the rides, played the games, and me, in melancholy moments from my youth like to walk through the agricultural and 4H barns. I especially have a soft spot for the Polled Herefords, Black Angus, and Jerseys. As you might imagine, my girls, just being girls, don't care about the animals and hate the thought of stepping in something unsightly.
When we got through the last barn, they spotted a restroom and decided to brave the line that seemed to wrap around the building and head for the Canadian border. Anyway, I grabbed a seat off to the side, on a cattle scale, under the shade of the open-walled barn, where I enjoyed the company of a mug of home-brew root beer and partook in one of my favorite activities -- people watching.
About 10 minutes into the wait for the girls to get back, two FBI agents drive up in an SUV, park in front of me, and head for the closest sausage stand, where out of nowhere a crowd gathers. I figured it was some local politician, or maybe someone stumping.. it IS NH after all, and this is the season for heavy wind and hot air.
So I'm talking to the guy sitting to my left, and all of the sudden his wife comes back from the ladies lieu, screaming that Bill and Hillary are in front of the sausage stand. Ok, we could make a lot of jokes about Monica here, but I'll refrain and stick to the story.... As I watch the crowd, all of the sudden I get a glimpse of that unmistakable head of hair on Bill. I'm not sure he's changed his hair style since he first ran, but it's pure white now.
Just about now, the girls come back from the restroom and ask what the commotion is all about. I tell my wife that Bill and Hillary are just about 50 yards away and the kids go crazy. So I take my oldest daughter by the hand, and my youngest goes with my wife to try and get a closer look.
Here's where the underwhelmed part comes in.. so far I'm doing pretty good, but... the closer we get, the more secret service we find around the former President. Not only that, but they were using police from many of the local towns to keep the locals away from the couple while reporters push their way through the crowd to be allowed access! One, a large man carrying a camera likely making up for other shortcomings, knocked into my daughter without so much as the courtesy of an 'excuse me'. This goes on for nearly an hour... we try to get a glimpse through the line of secret service, local police, and reporters.
In the end, my youngest daughter ran through the crowd, stuck her head and hand in, and shook hands with Bill. My oldest wasn't so bold. I think she tried about ten times before the local police chief spotted her, saw her frustration, and told her to stand in a certain spot, and he'd guide Mr. Clinton to her. Sure enough, within a minute after us getting to the spot, the chief did as he promised and my daughter got to shake Bill's hand... Hillary was nowhere to be found.
Bill is far more popular, but besides that, when did it come to pass that reporters are more important than politicians meeting locals and delivering good messaging? I've come to the conclusion that reporters report the bad, and if it bleeds it leads. Bill and Hillary got to say they were in NH. Reporters documented it. Unfortunately they had no message other than what Hillary probably told the press in a off-line conversation of sound bites orchestrated by the party while Bill kept the crowd happy. It was funny.. my wife said Hillary didn't look anything like what she does on TV.. She appeared to have plastered on the makeup. I think she was camera-ready.
Gotta wonder. If Hillary gets the nod, who's really going to run the country? Somehow I don't think she has the charisma to do it herself.
Why was I underwhelmed? Well, here's how the story goes...
My wife and two daughters went to the NH State Fair. It was a nice day.. 75ish, dry, sunny. What more could you ask for in NH? Great day.
We'd walked the fair, rode the rides, played the games, and me, in melancholy moments from my youth like to walk through the agricultural and 4H barns. I especially have a soft spot for the Polled Herefords, Black Angus, and Jerseys. As you might imagine, my girls, just being girls, don't care about the animals and hate the thought of stepping in something unsightly.
When we got through the last barn, they spotted a restroom and decided to brave the line that seemed to wrap around the building and head for the Canadian border. Anyway, I grabbed a seat off to the side, on a cattle scale, under the shade of the open-walled barn, where I enjoyed the company of a mug of home-brew root beer and partook in one of my favorite activities -- people watching.
About 10 minutes into the wait for the girls to get back, two FBI agents drive up in an SUV, park in front of me, and head for the closest sausage stand, where out of nowhere a crowd gathers. I figured it was some local politician, or maybe someone stumping.. it IS NH after all, and this is the season for heavy wind and hot air.
So I'm talking to the guy sitting to my left, and all of the sudden his wife comes back from the ladies lieu, screaming that Bill and Hillary are in front of the sausage stand. Ok, we could make a lot of jokes about Monica here, but I'll refrain and stick to the story.... As I watch the crowd, all of the sudden I get a glimpse of that unmistakable head of hair on Bill. I'm not sure he's changed his hair style since he first ran, but it's pure white now.
Just about now, the girls come back from the restroom and ask what the commotion is all about. I tell my wife that Bill and Hillary are just about 50 yards away and the kids go crazy. So I take my oldest daughter by the hand, and my youngest goes with my wife to try and get a closer look.
Here's where the underwhelmed part comes in.. so far I'm doing pretty good, but... the closer we get, the more secret service we find around the former President. Not only that, but they were using police from many of the local towns to keep the locals away from the couple while reporters push their way through the crowd to be allowed access! One, a large man carrying a camera likely making up for other shortcomings, knocked into my daughter without so much as the courtesy of an 'excuse me'. This goes on for nearly an hour... we try to get a glimpse through the line of secret service, local police, and reporters.
In the end, my youngest daughter ran through the crowd, stuck her head and hand in, and shook hands with Bill. My oldest wasn't so bold. I think she tried about ten times before the local police chief spotted her, saw her frustration, and told her to stand in a certain spot, and he'd guide Mr. Clinton to her. Sure enough, within a minute after us getting to the spot, the chief did as he promised and my daughter got to shake Bill's hand... Hillary was nowhere to be found.
Bill is far more popular, but besides that, when did it come to pass that reporters are more important than politicians meeting locals and delivering good messaging? I've come to the conclusion that reporters report the bad, and if it bleeds it leads. Bill and Hillary got to say they were in NH. Reporters documented it. Unfortunately they had no message other than what Hillary probably told the press in a off-line conversation of sound bites orchestrated by the party while Bill kept the crowd happy. It was funny.. my wife said Hillary didn't look anything like what she does on TV.. She appeared to have plastered on the makeup. I think she was camera-ready.
Gotta wonder. If Hillary gets the nod, who's really going to run the country? Somehow I don't think she has the charisma to do it herself.
Thursday, August 23, 2007
Be aware. Be afraid... DVT is real
It's been a while since I've posted. While the Hammerhead Research domain still exists, and the email is still active, I've not done active competitive intelligence research in about two years. Since then I've run a Cyber Threat Intelligence group for Northrop Grumman where my team and I chase very skilled attackers, attempt to understand/mitigate new threats and trends, and in general, keep a team of free-range thinkers producing really cool analysis products.
As you might imagine, a job like this requires travel -- not long distance, just a lot. I live in NH, work in MD, and fly to just about anywhere in the US that houses a Northrop Grumman location, partner, or customer. I'm not necessarily a million mile flier, but my card is Gold and the trips might range from a simple 2 hour flight to four or more.
So, on to the main subject of the story... Two weeks ago I flew round trip to LA, then home to MHT, to BWI a day later, New Orleans, drove to Mississippi, and then flew home. Three days later I flew back to BWI for meetings in the DC/BWI area and realized I had a low grade leg cramp in my lower right calf. I had no other symptoms other than the leg cramp and gave it no thought. I'm a black belt in karate. My legs are generally sore, sometimes with cramps. I figured with a couple of Tylenol the cramps would go away, so down go two Tylenol, followed by a quart or so of water and a One-a-day. The cramps went away.
Three days later the cramp reemerged.. no in two places. Again, no other symptoms other than the cramps, so back to the Tylenol, water, and multi. This time the cramp didn't go away. Just after noon I headed to lunch... two flights of stairs down, cross the street to another building, down one more to the cafeteria. The return trip to my office nearly cost me my life. After twenty minutes to recover and catch my breath, I packed up my laptop and headed to the emergency room. The CT scan revealed multiple blood clots had left my right leg moved north to the heart, passed through the pulmonary artery, and ended up in both of my lungs. I spent three days in the hospital on heavy blood thinners, followed by a re-admittance two days after release for another 48 hours. I'm told most people don't survive multiple pulmonary embolii. I'm lucky.
Why would I post this here? I found out that a colleague at another Aerospace company left a meeting we both attending (the week before I went into the ER). He left half way through to go the the ER with leg cramps. His never hit his lungs, but did pose a heck of a risk.. it was his second time.
I'm married to, and know several RNs. They tell me that most people die from this because they don't recognize the signs early enough. For me it was a cramp on the lower calf at the sock line and another behind the knee. For my colleague it was a cramp on the surface, painful to the touch, also behind the knee.
This is real stuff guys. Don't ignore the leg cramps if you're sitting or traveling for periods longer than an hour.
For more information, please take a look at:
http://en.wikipedia.org/wiki/DVT
http://en.wikipedia.org/wiki/Pulmonary_embolism
Jeff
As you might imagine, a job like this requires travel -- not long distance, just a lot. I live in NH, work in MD, and fly to just about anywhere in the US that houses a Northrop Grumman location, partner, or customer. I'm not necessarily a million mile flier, but my card is Gold and the trips might range from a simple 2 hour flight to four or more.
So, on to the main subject of the story... Two weeks ago I flew round trip to LA, then home to MHT, to BWI a day later, New Orleans, drove to Mississippi, and then flew home. Three days later I flew back to BWI for meetings in the DC/BWI area and realized I had a low grade leg cramp in my lower right calf. I had no other symptoms other than the leg cramp and gave it no thought. I'm a black belt in karate. My legs are generally sore, sometimes with cramps. I figured with a couple of Tylenol the cramps would go away, so down go two Tylenol, followed by a quart or so of water and a One-a-day. The cramps went away.
Three days later the cramp reemerged.. no in two places. Again, no other symptoms other than the cramps, so back to the Tylenol, water, and multi. This time the cramp didn't go away. Just after noon I headed to lunch... two flights of stairs down, cross the street to another building, down one more to the cafeteria. The return trip to my office nearly cost me my life. After twenty minutes to recover and catch my breath, I packed up my laptop and headed to the emergency room. The CT scan revealed multiple blood clots had left my right leg moved north to the heart, passed through the pulmonary artery, and ended up in both of my lungs. I spent three days in the hospital on heavy blood thinners, followed by a re-admittance two days after release for another 48 hours. I'm told most people don't survive multiple pulmonary embolii. I'm lucky.
Why would I post this here? I found out that a colleague at another Aerospace company left a meeting we both attending (the week before I went into the ER). He left half way through to go the the ER with leg cramps. His never hit his lungs, but did pose a heck of a risk.. it was his second time.
I'm married to, and know several RNs. They tell me that most people die from this because they don't recognize the signs early enough. For me it was a cramp on the lower calf at the sock line and another behind the knee. For my colleague it was a cramp on the surface, painful to the touch, also behind the knee.
This is real stuff guys. Don't ignore the leg cramps if you're sitting or traveling for periods longer than an hour.
For more information, please take a look at:
http://en.wikipedia.org/wiki/DVT
http://en.wikipedia.org/wiki/Pulmonary_embolism
Jeff
Tuesday, July 12, 2005
MacWorld Expo -Totally Underwhelmed!
Yesterday I sat through part of a program on advanced functionality in OS X, and as a result posted my notes on my thoughts of OS X not being ready for enterprise. I stand by that. OS X still needs work in the remote administration of both clients and servers.
Today I had the (mis)fortune of spending my time wandering (aimlessly) through the exhibit floor looking for that one thing that would make me reach down, grab my nuts, screaming damn the wife and her stinkin checkbook, and just buy the thing.
Unfortunately, my nuts went ungrabbed and my voice never went above a moderate tone - barely audible enough to get over the crowd noise as I spoke with a truly unimpressive selection of vendors with as many new ideas as a stop sign.
I guess I should mention, one of the things I look for are security vendors, of which I could count on one hand. One cool item I saw was a tracking system for lost (stolen) computers, but after taking a few minutes became bored by the conversation which revolved around the owners thoughts on working with local law enforcement (yawn). I'm getting tired just thinking about it.
Some of the Apple tools were kinda fun though. I saw through piece of a program called "Geeks and Gadgets" in which I viewed a great demo of GarageBand -Apples computer-based music system. Unfortunately I was a Tuba player in High School and they didn't have the interface for a Tuba, nor do I have a Tuba..
Bottom line: Wanna buy a colored iPod holder? Colored earphones? A new case for your PowerBook? You could get them here. Want enterprise tools that offer solid administration? Nope, no chance. Come on guys. Innovation is a good thing!
Today I had the (mis)fortune of spending my time wandering (aimlessly) through the exhibit floor looking for that one thing that would make me reach down, grab my nuts, screaming damn the wife and her stinkin checkbook, and just buy the thing.
Unfortunately, my nuts went ungrabbed and my voice never went above a moderate tone - barely audible enough to get over the crowd noise as I spoke with a truly unimpressive selection of vendors with as many new ideas as a stop sign.
I guess I should mention, one of the things I look for are security vendors, of which I could count on one hand. One cool item I saw was a tracking system for lost (stolen) computers, but after taking a few minutes became bored by the conversation which revolved around the owners thoughts on working with local law enforcement (yawn). I'm getting tired just thinking about it.
Some of the Apple tools were kinda fun though. I saw through piece of a program called "Geeks and Gadgets" in which I viewed a great demo of GarageBand -Apples computer-based music system. Unfortunately I was a Tuba player in High School and they didn't have the interface for a Tuba, nor do I have a Tuba..
Bottom line: Wanna buy a colored iPod holder? Colored earphones? A new case for your PowerBook? You could get them here. Want enterprise tools that offer solid administration? Nope, no chance. Come on guys. Innovation is a good thing!
Monday, July 11, 2005
MacWorld Expo Boston
3:00:
Sat in the Mac OS X Advanced Topics program for much of the morning and part of the afternoon. I keep wanting (desperately) to believe OS X can and should replace many of the servers in the datacenter today. They seem to have most of the required functions needed, but just can't seem to pull it together. It may be the need for more decision-maker OS X training, or it may just be the fact that most admins are well over the Windows learning curve, but as it stands, OS X just isn't making it to prime time enterprise.
Why would I say such a thing? Those of you who know me know I've been a Mac user for many years, and infact am writing this blog on my trusty old 15" G3 Powerbook. The problem is, as I look around the room and have conversations with the admins there, most of the users are small to medium sized enterprises, and the one medium size enterprise admin I talked to didn't have very much to say about OS X's ability to scale to true enterprise requirements. Although the servers have the ability to do all of the networking, functions, and do role based access quite well, there's still a delta in the remote management functionality.
Two sysadmins were used as examples -one operates a medium sized publishing company, with 1000 servers located across the country. The other is a small advertising agency with fifty users.
The first admin in the medium sized company offered two speedbumps, that in my security mind, would make the hair on my neck stand up screaming. First, all backups are local, to local RAID. OK, I'll buy that. How then do you do business contuity planning with local data stored locally? Answer? They don't. Second, with over 1000 servers in his network, he states they have no centralized management of all 1000! I know there's something wrong here. I asked about this because I was curious about how they handle things like updating antivirus signatures, firewall rules, and typically associated Mac functionality. The only centralized control is in the Mac networking capability, but security features are handled locally... ouch.
Interestingly enough the instructor was talking about remove managegment of config files. He recommended keeping text files on a local (client) firewire drive, and pushing them out to the servers are needed. His answer to remote administration was to simply keep one configuration, and modify the computer name and IP address as needed. Ouch again. This would be fine in a network with five servers, but what about the enterprise with 5000?
The second admin told me that he has fifty users, mostly running OS 9, and one OS X server, where he maintains 3Tb of storage for the images his users generate for clients. After a period of time, the images are moved from the 3Tb storage system to a DVD, and distributed back to the users.
I asked him 'What keeps you from moving to OS X enterprise wide?'..his answer, not surprisingly was the lack of ability to manage everything (including his 50 OS 9 users) remotely.
OK Apple. Two doesn't make a sample, but when I hear from two different admins that the speedbump in their path to enterprise-wide deployment is the ability to easily manage users and servers centrally and remotely, it makes me believe we're missing something.
-js
Sat in the Mac OS X Advanced Topics program for much of the morning and part of the afternoon. I keep wanting (desperately) to believe OS X can and should replace many of the servers in the datacenter today. They seem to have most of the required functions needed, but just can't seem to pull it together. It may be the need for more decision-maker OS X training, or it may just be the fact that most admins are well over the Windows learning curve, but as it stands, OS X just isn't making it to prime time enterprise.
Why would I say such a thing? Those of you who know me know I've been a Mac user for many years, and infact am writing this blog on my trusty old 15" G3 Powerbook. The problem is, as I look around the room and have conversations with the admins there, most of the users are small to medium sized enterprises, and the one medium size enterprise admin I talked to didn't have very much to say about OS X's ability to scale to true enterprise requirements. Although the servers have the ability to do all of the networking, functions, and do role based access quite well, there's still a delta in the remote management functionality.
Two sysadmins were used as examples -one operates a medium sized publishing company, with 1000 servers located across the country. The other is a small advertising agency with fifty users.
The first admin in the medium sized company offered two speedbumps, that in my security mind, would make the hair on my neck stand up screaming. First, all backups are local, to local RAID. OK, I'll buy that. How then do you do business contuity planning with local data stored locally? Answer? They don't. Second, with over 1000 servers in his network, he states they have no centralized management of all 1000! I know there's something wrong here. I asked about this because I was curious about how they handle things like updating antivirus signatures, firewall rules, and typically associated Mac functionality. The only centralized control is in the Mac networking capability, but security features are handled locally... ouch.
Interestingly enough the instructor was talking about remove managegment of config files. He recommended keeping text files on a local (client) firewire drive, and pushing them out to the servers are needed. His answer to remote administration was to simply keep one configuration, and modify the computer name and IP address as needed. Ouch again. This would be fine in a network with five servers, but what about the enterprise with 5000?
The second admin told me that he has fifty users, mostly running OS 9, and one OS X server, where he maintains 3Tb of storage for the images his users generate for clients. After a period of time, the images are moved from the 3Tb storage system to a DVD, and distributed back to the users.
I asked him 'What keeps you from moving to OS X enterprise wide?'..his answer, not surprisingly was the lack of ability to manage everything (including his 50 OS 9 users) remotely.
OK Apple. Two doesn't make a sample, but when I hear from two different admins that the speedbump in their path to enterprise-wide deployment is the ability to easily manage users and servers centrally and remotely, it makes me believe we're missing something.
-js
MacWorld Expo Boston
10:45: Arrived at MacWorld Expo about an hour or so ago and checked in for my Media Pass. I've signed up for tomorrows Mac OS X Server session on Advanced Concepts and Administration, to take advantage of the session on Security and Mac OS X Server. Should be a good session.
The schedule loooke interesting, although I'm a bit disappointed to not see a keynote from Jobs. I guess Boston just isn't that important. I'll let you know as the day progresses.
Jeff
The schedule loooke interesting, although I'm a bit disappointed to not see a keynote from Jobs. I guess Boston just isn't that important. I'll let you know as the day progresses.
Jeff
Thursday, July 01, 2004
Usenix Technical conference: Day 5 (Thursday)
The crowds seem to be slimming a bit today, presumably due to the happy hour hosted by the vendors last night, and the gameshow excitement generated by Mr. T during the followon hours. BOF sessions are numerous, and I would expect they're taking there toll on the attendees, who seem to want nothing more than sleep this morning. Unfortunately I missed the morning session due to heavy traffic coming into Boston (I've been commuting in from New Hampshire each day), but did have the opportunity to catch one of the more interesting topics of the week --Open Source Flight Simulator. Having had experience looking at both arial and satalite imagery, I was amazed at the level of detail provided by this package. OK, it had nothing to do with information security or system administration, but was none-the-less, a fun topic. This afternoon is a set of UseLinux Refereed Papers, followed by a session on "System Administration/General" or "Deploying the Luster Cluster File System". It actually makes me happy I've got a con call scheduled during that exact timeslot. This evenings session however looks to be fun --the Super User Linux Group --Usenix took the opportunity to invite any of the Linux folks in the local area to participate. All of the local user groups got invitations. Should be a blast. It'll be followed by a Linux BOF led by Mad Dog (can you imagine a guy calling himself Mad Dog, simply because he runs Linux?? There's gotta be more!)
Standby, more to follow.
Standby, more to follow.
Subscribe to:
Posts (Atom)