|
|
Technology Industry News & Career Management information, brought to you by BrainWave Consulting Company.
November 2007 - Posts
-
Merry Squidmas. More Squidmas cards. What is Squidmas?... Share Post: Read More...
|
-
Dear Bob ...Do many companies have the policy of down-rating annual raises when the rate is close to the band cap? I understand that one part of that is to motivate the employee to do enough to get promoted (stop complacency).However, that backfires when there's no job band available to be promoted into. Read More...
|
-
Someone drove a truck through the front gate of the Guinness brewery in Dublin, loaded the trailer with 450 kegs of beer, and drove out the gate. Security presumed it was just another legitimate contractor coming to pick up beer... Share Post: Read More...
|
-
The lead paragraphs: The plot was like something from a Hollywood blockbuster: dozens of foreign terrorists working with a Mexican drug cartel to attack a Southern Arizona Army post with anti-tank missiles and grenade launchers. Paying one of Mexico's most... Share Post: Read More...
|
-
Just put up a password strength meter and encourage people to submit their passwords for testing. You might want to collect names and e-mail addresses, too. For the record, here's how to choose a secure password: So if you want... Share Post: Read More...
|
-
In the UK: In early November about 30 animal rights activists are understood to have received letters from the Crown Prosecution Service in Hampshire inviting them to provide passwords that will decrypt material held on seized computers. The letter is... Share Post: Read More...
|
-
Dear Bob ...I am interested if you know of organizations that have an IT Effectiveness manager in their organizational structure. If so, where in the org chart does it fit, who does it report to?- OrganizingDear Organizing ...Not that I know of as a separate organizational function. Personally, I figure Read More...
|
-
I've been saying this for a while now: Since the outbreak of a cybercrime epidemic that has cost the American economy billions of dollars, the federal government has failed to respond with enough resources, attention and determination to combat the... Share Post: Read More...
|
-
In yet another front in the war on the unexpected, more amateurs are joining the fight against terrorism: Unlike police, firefighters and emergency medical personnel don't need warrants to access hundreds of thousands of homes and buildings each year, putting... Share Post: Read More...
|
-
Dear Bob ...My department is being outsourced. Two people are here until April 15th. I'm not one of them. The other two, the supervisor and I, are gone December 31st.We are in the middle of a huge application upgrade that management hopes to have completed by the end of the year. (Actually, they wanted Read More...
|
-
"Practical Aspects of Modern Cryptography," taught by Josh Benaloh, Brian LaMacchia, and John Manferdelli at the University of Washington. The page includes links to lecture notes and video of the classes.... Share Post: Read More...
|
-
I don't know why anyone is surprised that investigators were able to smuggle things through airport security. Anyone who flies regularly could have told you that.... Share Post: Read More...
|
-
I didn't write about this story at first because we've seen it so many times before: a disk with lots of personal information is lost. Encryption is the simple and obvious solution, and that's the end of it. But the... Share Post: Read More...
|
-
Excellent article by John Tehranian: "Infringement Nation: Copyright Reform and the Law/Norm Gap": By the end of the day, John has infringed the copyrights of twenty emails, three legal articles, an architectural rendering, a poem, five photographs, an animated character,... Share Post: Read More...
|
-
It's in Portuguese, but the photo is good.... Share Post: Read More...
|
-
Dear Bob ...Back in February, I had written to you about struggling to maintain my position in the midst of changes brought about by a corporate buy out. Things looked pretty good back then. And then, they didn't. Biggest problem was the numbers, of course. While we made money last year, we didn't make Read More...
|
-
Clever: ...I thought it would be interesting to find out the account password. Wordpress stores raw MD5 hashes in the user database.... As with any respectable hash function, it is believed to be computationally infeasible to discover the input of... Share Post: Read More...
|
-
Makes no sense: Passengers at Liverpool's Lime Street station face airport-style searches and bag-screening, under swingeing new anti-terror measures unveiled yesterday. And security barriers, vehicle exclusion zones and blast-resistant buildings will be introduced at airports, ports and up to 250... Share Post: Read More...
|
-
No two-person control or complicated safety features: until 1998, you could arm British nukes with a bicycle lock key. To arm the weapons you just open a panel held by two captive screws -- like a battery cover on a... Share Post: Read More...
|
-
Dear Bob ...How do you review an employee who is basically good, but has some blind spots? I have one staffer who does fine, fine work - he's thorough, he's careful, he is one of the better server admins out there. Only problem is that he has some end-user client responsibilities, too. And he falls down Read More...
|
-
The "War on the Unexpected is being fought everywhere. In Australia: Bouncers kicked a Melbourne man out of a Cairns pub after paranoid patrons complained that he was reading a book called The Unknown Terrorist. At the U.S. border with... Share Post: Read More...
|
-
I don't know if this story is true: Portable hard discs sold locally and produced by US disk-drive manufacturer Seagate Technology have been found to carry Trojan horse viruses that automatically upload to Beijing Web sites anything the computer user... Share Post: Read More...
|
-
Dear Bob ...I'm having a little trouble seeing the (IMHO subtle) difference between assessing and measuring (see "Taking the measure of IT professionals," Keep the Joint Running, 11/5/2007). It seems to me that the way you have defined assessing, it is no different than measuring.It is not as simple Read More...
|
-
A 2003 "Camp Delta Standard Operating Procedures" manual has been leaked to the Internet. This is the same manual that the ACLU has unsuccessfully sued the government to get a copy of. Others can debate the legality of some of... Share Post: Read More...
|
-
Dear Bob ...Just read your excellent Keep the Joint Running of 11/5, ("Taking the measure of IT professionals,") and your comments about teamwork reminded me of something:Why is it that so many managers confuse cheerleaders with team players? I liked your description of what team players do (align to Read More...
|
-
An instructional video. The idea is simple: prevent the machine from completing an action and place it in an error state, and then exploit that state. In this instance, the hacker prevents the machine from dispensing the drink bottle. The... Share Post: Read More...
|
-
The World War II factoring machine, Colossus, is back online. Not surprisingly, a modern PC is faster.... Share Post: Read More...
|
-
-
I previously wrote about Dan Egerstad, a security researcher who ran a Tor anonymity network and was able to sniff some pretty impressive usernames and passwords. Swedish police arrested him: About 9am Egerstad walked downstairs to move his car when... Share Post: Read More...
|
-
Oops: The case is clearly a major embarrassment for both the FBI and CIA and has already raised a host of questions. Chief among them: how did an illegal alien from Lebanon who was working as a waitress at a... Share Post: Read More...
|
-
Dan Bernstein wrote an interesting paper on the security lessons he's learned from qmail. My views of security have become increasingly ruthless over the years. I see a huge amount of money and effort being invested in security, and I... Share Post: Read More...
|
-
From the AP: ...government experts and intelligence officials say such a threat gets vastly more attention than it deserves. These officials said a true suitcase nuke would be highly complex to produce, require significant upkeep and cost a small fortune.... Share Post: Read More...
|
-
-
Random numbers are critical for cryptography: for encryption keys, random authentication challenges, initialization vectors, nonces, key-agreement schemes, generating prime numbers and so on. Break the random-number generator, and most of the time you break the entire security system. Which is... Share Post: Read More...
|
-
I've been listed as the Illuminated Site of the Week by Daily Illuminator, run by Steve Jackson Games. I'm not sure what qualifies a site for being illuminated, but here's a listing of past sites of the week.... Share Post: Read More...
|
-
This kind of thinking can do enormous damage to a free society: As Congress debates new rules for government eavesdropping, a top intelligence official says it is time that people in the United States change their definition of privacy. Privacy... Share Post: Read More...
|
-
Dear Bob ...This is "Budgeting" with a follow-up question (from "Penetrating the mysteries of IT budgeting," Advice Line, 11/7/2007).All of what you say makes sense – especially in a large organization where duties and responsibilities are separate and clear-cut.We are small, with multiple-hats, and Read More...
|
-
Malcolm Gladwell makes a convincing case that criminal profiling is nothing more than a "cold reading" magic trick. A few years ago, Alison went back to the case of the teacher who was murdered on the roof of her building... Share Post: Read More...
|
-
Dear Bob ...Over the years you have emphasized the important of a project having an executive sponsor. What do you do when you cannot find a single person who will ultimately take ownership for a project?In our recent case, we had a project with marketing and finance components. In reality, marketing Read More...
|
-
Refreshingly sensible: Stoddart told inquiry Commissioner John Major she is concerned that people could be placed on the list in error and face dire consequences if their identities are then disclosed to the RCMP or passed on to police agencies... Share Post: Read More...
|
-
Okay, so it was a stupid (and dangerous) stunt: A 17-year-old Hopewell High student was apparently acting on a dare when he did a fly-over prank at a Hopewell High football game Friday, at one point dipping below the stadium... Share Post: Read More...
|
-
-
Interesting and thoughtful article about suicide attacks in the online video game Halo 3: Whenever I find myself under attack by a wildly superior player, I stop trying to duck and avoid their fire. Instead, I turn around and run... Share Post: Read More...
|
-
The biggest problems in discussing cyberwar are the definitions. The things most often described as cyberwar are really cyberterrorism, and the things most often described as cyberterrorism are more like cybercrime, cybervandalism or cyberhooliganism--or maybe cyberespionage. At first glance there's... Share Post: Read More...
|
-
This squid has a light-producing organ on its underside powered by luminescent bacteria, possibly making it less noticeable from below.... Share Post: Read More...
|
-
[The inquiry that follows is edited down from a longer version. I hope I've left its points intact. - Bob]Dear Bob ...I've been enjoying your columns on compensation ("Poor Joe" and "Comp logic," Keep the Joint Running, 10/22/2007 and 10/29/2007). I think your "4 variable" plan is great (I'm trying to Read More...
|
-
I spoke at the Educause conference this year in Seattle. There's a podcast and video of my talk available ("Ten Trends of Information Security"; I've given the talk before) as well as a podcast of an interview with me.... Share Post: Read More...
|
-
-
At least that's what they said two weeks ago: On Sunday, Nov. 11, al Qaeda's electronic experts will start attacking Western, Jewish, Israeli, Muslim apostate and Shiite Web sites. On Day One, they will test their skills against 15 targeted... Share Post: Read More...
|
-
This is a very moving story about a foreign tourist being removed from a train for taking pictures: The train is a half hour west of New Haven when the conductor, having finished her original rounds, reappears. She moves down... Share Post: Read More...
|
-
From ">Slashdot: Salesforce.com has finally acknowledged what security experts have suspected for weeks: that a Salesforce.com employee had his company credentials stolen in a phishing scam, and criminals have been using names and e-mail addresses from Salesforce's customer list to... Share Post: Read More...
|
-
Does anyone know anything about this open source encrypted cell phone? It uses Twofish.... Share Post: Read More...
|
-
Dear Bob ...OK, I like what you have said and the questions you have raised concerning employee compensation (in "Poor Joe" and "Comp logic," Keep the Joint Running, 10/22/2007 and 10/29/2007). I have a related issue you may like to consider.It is that time of year, again, in most organizations, where Read More...
|
-
Interesting study: "Identity Fraud Trends and Patterns: Building a Data-Based Foundation for Proactive Enforcement," October 2007. It's long, but at least read the executive summary. Or, even shorter, this Associated Press story: Researchers reviewed 517 cases closed by the Secret... Share Post: Read More...
|
-
This was accidental, but it could certainly be done on purpose: Some cars failed to start on Tuesday in Parrock Street car park, in Gravesend, Kent, while others would not unlock. [...] A spokesman said "weeks of sleuthing" by council... Share Post: Read More...
|
-
Mad at someone? Turn him in as a terrorist: A man in Sweden who was angry with his daughter's husband has been charged with libel for telling the FBI that the son-in-law had links to al-Qaeda, Swedish media reported on... Share Post: Read More...
|
-
Interesting GAO testimony/report: "Internet Infrastructure: Challenges in Developing a Public/Private Recovery Plan," Gregory C. Wilshusen, Director, Information Security Issues, Government Accountability Office (GAO), October 23, 2007.... Share Post: Read More...
|
-
Dear Bob ...Your compensation model is just fine (see "Poor Joe," and "Comp logic," Keep the Joint Running 10/22/2007 and 10/29/2007) ... except that some of the folks who migrate to IT see variable and spot bonuses as insults.In a firm founded by a salesman, the comp model followed your four components Read More...
|
-
Synthetic identity theft is poised to become a bigger problem than regular identity theft: Unlike traditional identity thieves, who purloin people's information to get loans or make purchases, fraudsters like Mr. Rose mix legitimate and phony data to create synthetic... Share Post: Read More...
|
-
I already blogged about these whisks, but there are now squid spreaders as well.... Share Post: Read More...
|
-
Okay, this is clever. Basically, someone arrested as a homicide suspect walked out of jail after identifying himself as someone else. The biometric system worked, but human error overrode it: But Sauceda's fingerprints, taken by a jail employee to verify... Share Post: Read More...
|
-
Joe Bennett in New Zealand: An officer frisks me with hands like questing butterflies. Up my legs they flutter, then over my buttocks, my back, my chest and along my arms, but not, I notice, over my crotch. So there's... Share Post: Read More...
|
-
Clever: Spammers have created a Windows game which shows a woman in a state of undress when people correctly type in text shown in an accompanying image. The scrambled text images come from sites which use them to stop computers... Share Post: Read More...
|
-
This is really interesting: (In)Security explores a new design vocabulary in direct response to the climate of fear and paranoia that currently drives the program and aesthetic of much contemporary urban design. The project addresses the current and future state... Share Post: Read More...
|
-
The comments posted in response to my recent Advice Line postings about the legitimacy of lying, deception, withholding information and so on cause me some concern - not because many are critical, but because of the nature of some of the criticism.So here are my concerns:Concern #1: Overstating my position. Read More...
|
-
We've opened up a new front on the war on terror. It's an attack on the unique, the unorthodox, the unexpected; it's a war on different. If you act different, you might find yourself investigated, questioned, and even arrested --... Share Post: Read More...
|
|
|
|