Spliced feed for Security Bloggers Network |
| Stiennon says NAC is dead - I must be in heaven! [StillSecure, After All These Years] Posted: 02 May 2008 11:15 PM CDT That gadfly of the security world, Richard Stiennon says NAC is dead. In fact he says NAC actually never was and never will be. Of course, this is the same Richard Stiennon who said IDS was dead so many years ago. If NAC is only half as alive as IDS has been, I would be very happy. Why do I call Richard a gadfly? Because Richards MO is trying to find what the next hot thing is and to jump on it, then another hot thing comes by he runs to that and so on and so on. He thought anti-spyware was big and joined Web Root, after a relatively short time there he left. He than took a whirl at his own analyst firm, when a few others were forging a new breed of analyst firm and after a short time doing that moved on again. He then was CMO at Fortinet and again after a short time left there too. Now he is the CEO of an MSSP (hey, I hear SaaS is the next big thing), how long this will keep his attention or the powers that be keep him on is anybodys guess. But if past track record is any indication, Richard will hop on the next big thing sometime next year. I mention this because fundamentally I think Richard's attention span or maturation horizon is why he does not see that NAC is marching on. As you can probably guess I strongly disagree with Richard's opinion on this one. However, to understand why, some clarification is necessary: 1. Richard is mixing metaphors with Network Admission Control and Network Access Control. Both are NAC. Admission control was coined by Cisco, access control was first used by Gartner I believe. Richard seems to indicate that admission control is bad, access control or at least some definitions of it are OK. More importantly, Richard uses admission control as a code word for pre-connect health checks, access control for identity based and post-connect control. I think both are very important and as I have said many times a good NAC solution needs all of these. 2. NAC vendors being depressed, etc. Yes Richard some NAC vendors not making it are depressed and having lay offs and hard times. That is the way of capitalism and competitive markets I am afraid. There are winners and losers. I would bet that even in the $500 million /year UTM market that you spent a whole year in, there are some vendors who are just not making it and would be classified as depressed. 3. Gartner says several NAC vendors are getting traction. They recently released a marketscope on NAC and sorry Richard, but StillSecure is one of the few out of 17 vendors which was given a positive rating, the highest rating Gartner gave. BTW Richard in that same marketscope your "buddies at Gartner" estimated the NAC market at $225m for 2007 and expect 100 percent growth in 2008. In case your calculator is not handy Richard, that should put NAC around the $450m mark in 2008. Not that different than the number for the UTM space that you use in your article. Hopefully that will allow you to put your "magnifying spectacles" away, unless there is something else that you would want to make look bigger than it is. 4. NAC being created by Cisco in 2003 to solve the worm problem. Richard, perhaps that is why Cisco did NAC. BTW, they announced in like November or December, 2003. We released Safe Access in April 2004. It was under development for at least 12 months before that. We did not call it NAC of course, our working title was endpoint policy compliance. Richard today Safe Access solves that same problem, endpoint policy compliance. We have not deviated from our original plans around this from day one. It is purpose built to solve a problem that customer after customer told us was they wanted a solution to. Maybe that is why we have had success with the product. We did not jump on the latest, hottest thing bandwagon. In fact I have found that companies and people who jump on the latest big thing, inevitably fail. You cannot time the stock market or the technology market. The NAC market is a perfect example of this. Companies who have taken products that were not successful in another incarnation and morphed them into a NAC product are the companies that are failing. Maybe I am more of an EF Hutton type than you are Richard, but I believe in building a company the old fashioned way. Find a problem that customers are willing to pay for a solution for. Then build that solution and bring it to market and work hard making it the best it can be. If you did your research right and you built the right product, the market will come to you. It may take longer than you think, but if you keep at it, cream always rises to the top and quality always wins. You cannot win running to the next big thing, see through what you start to the finish. Richard if you want to consider that some free advice, take it! 5. NAC is only for the .edu market. Again Richard take some time to dig in here. Yes the edu market is a big adopter of NAC. But let me give you some other examples. Any network that will have a large number of unmanaged visitors or guests is going to be fertile ground for NAC. That includes the government sector, where many users are contractors or visitors. I know you have much disdain for the federal governments IT security practices Richard, but if you spend a little time (there is that phrase again) digging in to what they are doing, you will see that NAC does indeed solve a real security problem for them and is why we have had a great deal of success in the government vertical. Richard no one ever claimed that NAC is a reason to avoid other security tools. Just the opposite, NAC should work with and leverage your existing network infrastructure and security technologies. 6. NAC does not tie you down to one vendors eco-system if you don't want it to. The TCG/NAP interoperability and now the new IETF standards are bringing one standard to NAC. It does not tie you down, but frankly in case you haven't noticed with all of the moving around, Microsoft already has you pretty tied to one vendors eco-system and frankly Cisco has you pretty tied to another. Don't be so naive Richard. BTW, I notice you like what ConSentry and Nevvis do without quarantine. While neither of those companies are apparently setting the world on fire as secure switches, you should check out our white paper on a phased approach to NAC that talks about NAC being more than quarantine. You can get it here. Authors note: BTW Richard while I am chief blogger here at StillSecure, my official title is chief strategy officer and I have been working here for about 7 years now. |
| Video Interviews at Interop [Napera Networks] Posted: 02 May 2008 10:48 PM CDT Andrew Conry-Murray at InformationWeek stopped by at Interop for a video interview to talk about Napera products and NAC in the SME.
|
| React Faster; And Better With The A B Cs [securosis.com] Posted: 02 May 2008 04:59 PM CDT I’ve had a bit of a weird week. As I mentioned on Monday, I was driving to physical therapy (physio for my Australian and European friends) when there was an accident in front of me and I stopped to help out. Wednesday night I was coming home from PT and there was another accident right as I was going through the intersection. This one was far more serious. As soon as I heard the smash and saw the impact out of the corner of my eye, I pulled into the median, hit my hazard lights, and called 9-1-1. One of the advantages of working in the field for so long is that you learn an economy of words to describe a complex situation in just a sentence or two of the crucial information. My first call was:
There was a bit more jargon, but not much. The patient was unrestrained in the car with the airbag deployed, which probably meant she hit her head on passenger window or strut since it was a side impact. There were a bunch of other bystanders and one came out and identified himself as a flight nurse. Her head was slumped over, which caused her difficulty breathing. The nurse jumped in the back of the car, we tilted her head to a normal position and stabilized her neck (one of the few times you’re allowed to move the neck after an accident). Her breathing got better, and she slowly started waking up, but clearly had a head injury, which we reported to 9-1-1. The fire department showed up a few minutes later, we got out of the way, and she was being loaded into the chopper as I drove off. That might be one of the only times I’ve stopped to help at an accident where my assistance may have mattered. Truth is, unless you’re on the ambulance or have advanced equipment with you, the most useful thing you can do is calm the patient and make sure there isn’t any more damage. The kinds of injuries you sustain in a major accident are rarely something even a highly trained bystander can help with. I didn’t even bother evaluating anything more than her breathing, since nothing else mattered. All you EMTs can skip that full survey if you’re helping as a bystander in an urban area. In this case her head position was keeping her from breathing well, making the situation worse. Just moving it so she could breathe more normally might have oxygenated her noggin a bit more and helped her wake up. ‘ Why the heck am I talking about this on a security geek blog? Because it’s one of those times where there are direct lessons we can apply to our world, and often forget. I’m a big fan of Rothman’s philosophy of REACT FASTER. The idea is that it’s more about how you respond to an incident than having the incident in the first place. Truth is in IT, as in life, bad stuff will happen no matter what you do. Systems will crash, hard drives will die, and hackers will break in. David Mortman is one of the other major proponents of this philosophy- incident response is just as important, if not more important, than incident prevention. That’s why I’m adding REACT BETTER. Emergency services is just like programming- a series of algorithms in a structured program flow. It all comes down to the A B Cs- Airway, Breathing, Circulation in meat-space. Patient have any airway? Nope? Then nothing else matters until you fix that. Breathing? Check. Circulation okay? Then move onto spinal immobilization. It’s a recognition that you can’t jump from A to C and expect success. It’s exactly what we did to help that girl in the car, rather than focusing on the blood or other distractions. Don’t just react- have a response plan with specific steps you don’t jump over until they’re complete. Take the most critical thing first, fix it, move to the next, and so on until you’re done. Evaluation, prioritize, contain, fix, and clean. (You OODA fans should love this). And always remember the loudest patient is rarely the most important. If they’re screaming their head off, their airway is fine. It’s the quiet ones you have to watch out for. |
| WhiteHat Luncheon [Infosec Events] Posted: 02 May 2008 02:44 PM CDT Yesterday WhiteHat Security had a luncheon at Le Meridien Hotel in San Francisco. Trey Ford presented on the Payment Card Industry (PCI) Data Security Standard section 6.6. And Jeremiah Grossman presented a solution to reduce vulnerability exposure time by virtual patching with F5 Big-IP equipment.
Here is Jeremiah’s talk:
 Here is Trey’s talk:  On another note, everyone that attended got a pen and 1gb usb drive. While 1gb is a bit small to today’s standard, I did like the casing and engraved logo. Thanks WhiteHat Security!
|
| Podcast update [Random Thoughts from Joel's World] Posted: 02 May 2008 01:46 PM CDT It seems that little experiment we tried with the Internet Storm Center podcast paid off. We released Episode 3 of the Podcast yesterday, and we have already received over 5000 downloads in 24 hours. Seems we are going quite well. Thanks to all of you that listen, every episode is getting better. We are soliciting feedback, I've received about 10 emails this morning about the podcast, so if you have a suggestion, please feel free to click "contact" up above and jot me an email. Thanks.  Subscribe in a reader |
| 900 posts [Random Thoughts from Joel's World] Posted: 02 May 2008 01:39 PM CDT In true Joel Esler fashion... I've reached the 900 post point. Milestone for me I guess. See you at 1000! Subscribe in a reader |
| Product Maturation and your business [An Information Security Place] Posted: 02 May 2008 11:32 AM CDT I had a long talk with a client yesterday regarding IPS. They were setting up a nice sized extranet infrastructure to serve their clients, and they needed to build some security into the design before they implemented. They had already thought of a lot of pieces, and now they were looking at putting in IPS. They were already being courted by one IPS company, but they wanted to know about others and what the strengths and weaknesses were. So as I started into the discussion, I diverged a bit from the pure technical discussion and talked about the view of the network as a whole. Basically, I tried to get them to look at the big picture of what they were buying versus just an IPS as a single silo. What I talked about was how the one IPS they were looking at was an excellent IPS, but I also told them that they really had no big advantage over any of the other big IPS vendors in the market. If you look at the Gartner chart for IPS, there are about 5-7 vendors in the magic quadrant. Basically, the product is a commodity, just like anti-virus and other mature products. Though some boxes have advantages over others, they all really can do the job. Most are able to protect multiple segments and can handle multi-gig speeds. Most have a default set of policies that are not very noisy and protect against the big threats. Most are HA capable. Most have fail open or fail close options. Etc, etc, etc. Some people might disagree here, and I understand that. One IPS might have a feature that another one does not that may fit a certain need. But I contend that in a general sense, none of the big ones really have a huge advantage. So in that light, what are the factors you have to consider? Well, it really comes down to the intangibles. Let’s look at a few of those: Is the company diversified in their product line? In today’s converging security market, that tells us whether the company is likely to be snatched up or simply disappear, depending on product quality and whether there is someone out there who has money and has a whole in their product line. Product diversification may also mean that the company is trying to take a look at the network as a whole versus just one piece. If they have developed or bought different products that compliment each other and are trying to bring them together in a way that gives insight into the network and allow collaboration, then that type of company is likely planning on sticking around for a while. In this light, also look at management of the product. Though this is not exactly an intangible, it is still something that many companies don’t think about. What about the learning curve for you employees? Do you already have products from this vendor? If so, does this new technology fit well into that console, thus lessening the time the your employees need to learn it? If a company fits the diversification example above, they might have a problem in this area. Of course, if they are serious about making it work, they might very well have an EXCELLENT console. Take a close look. You also have to consider the talents of your employees with this factor. Another intangible is support. How well do they support their product, keeping in mind that the company with one product may be better at this versus the big one with multiple products? There are probably many other factors to consider here, but the basic point is that when you are looking at a mature, commoditized product (this does not just apply to IPS, obviously), a decision should not be made on technical issues alone. Look at your business. Look at your risk. Look at your employees. Look at the vendor as a whole. Compare their position in the market to other vendors. How do they stack up? Do they seem to have tunnel vision, or are they trying to diversify? Make sure you don’t let your technical folks make the decision by themselves and then hand you a PO to sign. They may like the product in the short term, but you have to think long term. You might piss off the team for a bit, but you can use the decision as a lesson to help mature your staff. Vet |
| SCO CEO Fails History [The Falcon's View] Posted: 02 May 2008 10:46 AM CDT I don't know how many of you might have followed the alarmingly absurd and litigious organization that SCO became around 2001/2002, but there are some interesting examples of how to be stupid that can be identified. Case-in-point, SCO v Novell... |
| Interop vs RSA [Napera Networks] Posted: 02 May 2008 10:32 AM CDT We wrapped up at Interop last night. This was another great show for Napera, and thanks to everyone who stopped by. It was good to catch up with the folks we didn’t see at RSA! I’ll post links later to a couple of video interviews we did at the show. With RSA edging closer to Interop this year, heading to Las Vegas for Interop seemed like a repeat of what we did just a few weeks ago in San Francisco. On a personal note, I like the idea of RSA moving away from their traditional Valentines Day timing, but scheduling these two shows only weeks apart makes me wonder if RSA is trying to elbow Interop out of the picture just as Interop is making a comeback. That would be a great shame, because Interop is a unique tradeshow. The mix of attendees is very different to RSA and the Interop Labs has always been a valuable industry event that cuts through a lot of the marketing hype and gets down to packets and protocols. This year the staging for relevant portions of Interop Labs was scheduled during the RSA conference itself, making it tough for smaller companies like Napera to attend both. Essentially it came down to the choice of key engineers meeting with customers at RSA or meeting other engineers at Interop Labs, and the customers always win out. Next year I’m sure the stars will align and we look forward to participating in both.
Yours truly spreading the word about Napera in the Microsoft Partner Pavilion |
| Interesting Bits - May 2nd, 2008 [Infosec Ramblings] Posted: 02 May 2008 08:52 AM CDT Here we go: /dev/random » Blog Archive » Anonymous Packet Capture Best Practices For DLP Content Discovery: Use Cases | securosis.com Rafal Los : Security and Compliance - Strange Bedfellows Indeed Alert Logic » Seeking security superstring Your Turn at The Bar Again? Security Costs in a Pay Per Drink Cloud | Cloud Security Andrew Hay » Blog Archive » Kraken Botnet Infiltration Triggers Ethics Debate - Quoted in eWeek Back from Washington D.C. (No thanks to SuperShuttle) | securosis.com Uncommon Sense Security: Defense in Depth? Hacking Store Credit Card Readers « Amrit Williams Blog StillSecure, After All These Years: Is NAC clawing its way up the slope of enlightenment? I, Cringely . The Pulpit . If we build it they will come | PBS Have a great day! Kevin         |
| Brightening up the day from an unexpected place [Emergent Chaos] Posted: 01 May 2008 07:29 PM CDT  I would estimate that 2/3 of the calls I get are from people trying to sell me things I neither need nor want. Of those, over half are outsourcing services. Of the remainder, recruiters are over half. There are also people who call me for their services once a week. There's one particular outsourcing firm whose name is burned into my brain because of the number of times I've been subjected to it. I don't know how to spell their name, but I can sure pronounce it. There's also a recruiting firm that I know well, too. Each of these people I have asked to take me off their list, asked to talk to supervisors, talked to supervisors, yelled at them, ranted at them, and finally sworn at them, and yet I still get my weekly call. As I was doing office stuff a few moments ago, I played a voicemail, and it was from my friends at Hadron Infotech, letting me know about their services just in case I have (a) developed a need I didn't have last week and (b) forgot their name. (One of my rants included telling them that when I do need such services, they will be the last people I call and sadly for them, I have no trouble remembering their name.) Since I was doing office stuff, I let the message drone on, and got the litany of things they can do for me including, Java, Jay-mumble-E, Dot-Net, Pee-Haitch-Pee, AJAX, Perl, Ruby on Trains, updating your web site, .... Wait a minute. Did he say what I thought he said? Ruby on what? I ran over to my computer, backed up the player, and ... Yes! Ruby on Trains! How delightful! I'm still laughing. I hope you are, too. Maybe I'll get another laugh next week. Photo "Ruby on Train" by theresa_l_reed. |
| Back from Washington D.C. (No thanks to SuperShuttle) [securosis.com] Posted: 01 May 2008 06:53 PM CDT This past Monday, I had the privilege of speaking (along with several peers) to the Commission on Cyber Security for the 44th Presidency about issues on identity theft, breach disclosure and personal privacy in general. It was an honor to present with such a great group of folks. There were some great discussions/debates and I look forward to the opportunity to present again as the Commission works to streamline its recommendations. My written testimony is below. A special thanks to the folks at Emergent Chaos and to Rich for their comments, which made this a much better piece. Any errors or logical fallacies are, of course, my own. Thank you for the opportunity to present to you today on the issue of identity theft. Since the advent of CA1386, we have seen 41 other states pass similar legislation mandating to some degree or another that companies must notify customers or the government when they believe they have suffered a loss of personal data. Unfortunately, each and every state has created slightly different criteria for what constitutes personal information, what a loss is, when notification needs be sent and, to whom it must be sent. As a result there are huge disparities among companies on what they do when they discover they’ve suffered a breach. As much as I prefer to not have even more legislation, I believe that the only solution to this dilemma is to have a uniform federal law that covers the loss of personal information. Rather than preempt state laws, this law should set baseline requirements of: a) Notification to all customers in a timely fashion. This last point is key. One of the great weaknesses of CA1386 (and several other states’ legislation as well) is that companies don’t have to notify in case the information was encrypted. Unfortunately, the mere use of encryption does not mean the data was actually obfuscated at the time it was stolen, for instance in cases where a laptop is stolen while the user is logged in. Don’t get me wrong- encryption is important. A well-written law will provide a safe harbor for a company that has lost data. If they can establish that it was encrypted following best practices and that key material was not also lost, the company should be protected from litigation as a result of the breach disclosure. Similarly, many state laws allow companies to choose to not disclose if they believe the data has not been misused. Given that the companies lost the data to begin with, should we really trust their assessment of the risk of misuse, especially when many executives believe it is not in their best interest to not disclose? It is worth noting that following a breach, stock prices do not suffer in the long run and customer loss is approximately 2%. On the other side of the coin from breach disclosure, we have the problem that people don’t know what personal information companies have about them. Part of the outrage behind the ChoicePoint debacle of several years ago was that people didn’t know that this data was even being collected about them to begin with, and had no real way to find out what ChoicePoint might or might not have collected. In Europe as well as in Australia and parts of Asia such as Japan, companies have to both tell customers what data they have and allow them the opportunity to correct any errors. Additionally, there are strict restrictions on what collected personal information may be used for. I believe that it is time that similar protections be available to Americans as well. |
| The Internet is of the Devil [The Falcon's View] Posted: 01 May 2008 05:20 PM CDT Gloss over the fact that the story I'm linking to right here is for a political site, and click through to some of the reports referenced. Apparently the Internet is a threat to national security and will be the downfall... |
| More Bad Math: Gas Tax "Holiday" [The Falcon's View] Posted: 01 May 2008 04:55 PM CDT Emotional issues make for interesting debates. Take the impact of rising (dare I say skyrocketing?) fuel prices on people and the economy. Now, take all that emotional complexity and throw it out the window and look at the cold hard... |
| Best Practices For DLP Content Discovery: Use Cases [securosis.com] Posted: 01 May 2008 12:32 PM CDT In our last post we finished our review of DLP content discovery best practices by discussion rolling out and maintaining your deployment. Today we’re going to focus on a couple of use cases that illustrate how it all works together. I’m writing these as fake case studies, which is probably really obvious considering my lack of creativity in the names. DLP Content Discovery for Risk Reduction and to Support PCI Audit RetailSportsCo is a mid-sized online and brick-and-mortar sporting goods retailer, with about 4,000 headquarters employees and another 2,000 retail employees, across 50 locations. They classify as a Level 2 merchant due to their credit card transaction volume and are currently PCI complaint, but struggled through the process and ended up getting a series of compensating controls approved by their auditor, but only for their first year. During the audit it was discovered that credit card information had proliferated uncontrolled throughout the organization. It was scattered through hundreds of files on dozens of servers; mostly Excel spreadsheets and Access databases used, and later ignored, by different business units. Since storage of unencrypted credit card numbers is prohibited by PCI, their auditor required them to remove or secure these files. Audit costs for the first year increased significantly due to the time spent by the auditor validating that the information was destroyed or secured. RetailSportsCo purchased a DLP solution and created a discovery policy to locate credit card information across all storage repositories and employee systems. The policy was initially deployed against the customer relations business unit servers, where over 75 files containing credit card numbers were discovered. After consultation with the manager of the department and employee notification, the tool was switched into enforcement mode and all these files were quarantined back into an encrypted repository. In phase 2 of the project, DLP endpoint agents were installed on the laptops of sales and customer relations employees (about 100 employees). Users and managers were educated, and the tool discovered and removed approximately 150 additional files. Phase 3 added coverage of all known storage repositories at corporate headquarters. Phase 4 expanded scanning to storage at retail locations, over a period of 5 months. The final phase will add coverage of all employee systems in the first few months of the coming year, leveraging their workstation configuration management system for a scaled deployment. Audit reports were generated showing exactly which systems were scanned, what was found, and how it was removed or protected. Their auditor accepted the report, which reduced audit time and costs materially (more than the total cost of the DLP solution). One goal of the project is to scan the entire enterprise at least once a quarter, with critical systems scanned on either a daily or weekly basis. RetailSportsCo has improved security and reduced risk by reducing the potential number of targets, and reduced compliance costs by being able to provide auditors with acceptable reports demonstrating compliance. DLP Content Discovery to Reduce Competitive Risk (Industrial Espionage) EngineeringCo is a large high-technology manufacturer of consumer goods with 51,000 employees. In the past they’ve suffered from industrial espionage, when the engineering plans for new and existing products were stolen. They also suffered a rash of unintentional exposures and product plans were accidentally placed in public locations, including the corporate website. EngineeringCo acquired a DLP content discovery solution to reduce these exposure risks and protect their intellectual property. Their initial goal was to reduce the risk of exposure of engineering and product plans. Unlike RetailSportsCo, they decided to start with endpoints, then move into scanning enterprise storage repositories. Since copies of all engineering and product plans reside in the enterprise content management system, they chose a DLP solution that could integrate and continuously monitor selected locations and automatically build partial-document matching policies for all documents. The policy was tested and refined to ignore common language in the files, such as corporate headers and footers, which initially caused every document using the corporate template to register in the DLP tool. EngineeringCo started with a phased deployment to install the DLP endpoint discovery agent on all corporate systems. In phase 1, the tool was rolled out to 100 systems per week, starting with product development teams. The initial policy allowed those teams access to the sensitive information, but documented what was on their systems. Those reports were later mated to their encryption tool to ensure that no unencrypted laptops hold the sensitive data. Phase 2 expanded deployment to the broader enterprise, initially in alerting mode. After 90 days the product was switched into enforcement mode and any identified content outside of the product development teams was quarantined with an alert sent to the user, who could request an exemption. Initial alert rates were high, but user education reduced levels to only a dozen or so “violations” a week during the 90-day grace period. In the coming year EngineeringCo plans to refine their policy to restrict product development employees from placing registered documents onto portable storage. The network component of their DLP tool already restricts emailing and other file transfers outside of the enterprise. They also plan on adding policies to protect employee healthcare information and customer account information. These are, of course, fictional best practices examples, but they’re drawn from discussions with dozens of DLP clients. The key takeaways are:
|
| Italy Posts Tax Return Data on Official Website [Emergent Chaos] Posted: 01 May 2008 12:14 PM CDT How much do you make? How surprised would you be to learn that your magic number had been posted on the Internet by the government? And that it was not by mistake, as in other recent breaches of privacy.How Much Do You Make? The Nation Already Knows. The data has already been removed from easy web access at the official site. Bloomberg's report indicates that it wasn't simply posted to the web, but offered up as spreadsheets: A ministry Web site was bombarded by Italians curious to see what their neighbors or favorite actors declared as income, making it often impossible later in the day to download spreadsheets with the name, date of birth, total income and amount each taxpayer paid. If anyone knows where the mirrors are, please share. I ask not out of prurient interest, but because it's not so easy as taking data off the website. |
| Apple's Safari Market Share on Windows Tripled! [Random Thoughts from Joel's World] Posted: 01 May 2008 09:52 AM CDT Normally I'd be excited about this, but I am not. Not really. Since the way that Apple went about was slightly shady. I wrote about it here. And Apple did exactly as I thought they were going to do and trumpet the fact that they now have three times the market share that they used to, but they did it in kind of a shady way. I called it! Subscribe in a reader |
| What went wrong with the Podcast? [Random Thoughts from Joel's World] Posted: 01 May 2008 09:50 AM CDT This morning we had a reader write into the Internet Storm Center telling us that the intro music and the outro music was there but there was no vocal track on the podcast. Turns out what happened was, when I copied and pasted the vocals from the track that I recorded the podcast on into the template I have set up for music and what not, it overwrote the vocal track. It's hard to describe, but basically Garageband overwrote itself, so the vocal track ceased to exist. What a pain. So, here I am this morning panicking to myself saying 'oh crap I erased the vocal, we'll have to re-record, blah blah'. Then I thought about it, I have Time Machine. I know my laptop backed up to Time Machine after I recorded the podcast right? So I went to my ~/Music/Garageband folder, and hit the Time machine button, went back in time till yesterday at 7 pm between the time when we got done recording the podcast and I saved it, to when I edited the podcast and put music in it at about 830 pm. There was the original recording, I clicked restore and Time Machine asked me if I wanted to keep the old one, the new one, or both. I clicked both. Then I was able to get the audio from one session to another successfully, then mix it down to mp3. Worked great. Thank you Apple. Thank you Time Machine. If I didn't have time machine we would have had to re-record the podcast, because of a stupid copy and paste error that I made. Saved me about 3 hours worth of work. Awesome. Subscribe in a reader |
| ISC Podcast Episode 3 [Random Thoughts from Joel's World] Posted: 01 May 2008 07:15 AM CDT Hey all, we just put out Episode Number 3 for the Internet Storm Center Podcast. Available via iTunes here, and for you non-iTunes users, here. Subscribe in a reader |
| Security Poetry... [The Falcon's View] Posted: 30 Apr 2008 09:05 PM CDT Love the Hoff You know you want to Unconvinced? His poetry will sway you... |
| Quantum Debate [Emergent Chaos] Posted: 30 Apr 2008 07:40 PM CDT The debate about Shor's Algorithm (which I blogged about a couple days ago) continues. Rod Van Meter has a good blog post about it here. While there are plenty of people who have just wholesale dismissed the Hill/Viamontes paper outright, apparently because they know Shor's algorithm works and that building a working quantum computer is obviously merely a matter of making some qubits, Van Meter is more to my thinking about the whole thing.
He also says:
Here's where I think I need to rant a bit. I'm certainly not calling for anyone to be burned in effigy or reality. I can't testify to how sweet Peter Shor is, but I agree that he's brilliant and I admire him. However, Leibniz was also smart and worked in the forefront of calculation as well. His calculator had issues with propagating carry with two-digit or three-digit multipliers. That doesn't make Leibniz any less brilliant or his achievements any less. Peter Shor is brilliant, and his algorithms are marvelous works. If no one implements them, for whatever reasons, they won't be any less marvelous, and he won't be any less brilliant. And for that matter, Hill and Viamonthes may turn out to be wrong, too. Or they may inspire someone to a tweak that makes Shor's algorithm work (or work better). The present spectator sport is how science works. It's what makes it exciting. |
| Your Reputation in Peril: Use Outbound Spam Filtering [Richi Jennings] Posted: 30 Apr 2008 01:21 PM CDT  Whether or not you or I believe Borderware's amazing claim that it filters 98% of spam using reputation alone, it's clear that reputation is increasingly important.No surprise there, but what's the implication on legitimate email users? As more and more spam filtering relies on your reputation as an email sender, your reputation gets more and more important. Lest we forget, most spam is sent by malware-infected zombies, some of which could be on your network. That's why outbound spam filtering is increasingly important. It's not just about being a good 'net citizen -- you need it to protect your reputation. If you don't keep a lid on spam exiting your network, your reputation will be trashed. In crude terms, your outbound IP addresses will be blacklisted, meaning your ability to send email to your legitimate business contacts will be severely limited. If a few of your users are unwittingly sending spam, then all of your users will have serious trouble sending legitimate email. Of course, an outbound spam filter can't, by definition, use sender reputation. It has to rely primarily on content filtering. Those that claim that reputation is the be-all-and-end-all of spam filtering are missing an important point. With thanks to Proofpoint's Andrew Lochart and David Stanley, for a stimulating conversation last week. |
| Update To The iPhone Security Tip [securosis.com] Posted: 30 Apr 2008 11:56 AM CDT Chris Pepper, Master Editor, pointed out something I missed. If you memorize an encrypted network, your iPhone won’t connect to an unencrypted one with the same name, or one with a different password. Thus unless the bad guy knows your WPA passphrase (you’re not dumb enough to use WEP, are you?), you can memorize your home network and not worry about accidently connecting while wandering around, even if it’s still called “tsunami”. |
| Fortify: The New Face of Cybercrime [Security-Protocols] Posted: 30 Apr 2008 10:24 AM CDT [[ This is a content summary only. Visit my website for full links, other content, and more! ]] |
Any other places that I should try?
| You are subscribed to email updates from Security Bloggers Network To stop receiving these emails, you may unsubscribe now. | Email Delivery powered by FeedBurner |
| Inbox too full? Subscribe to the feed version of Security Bloggers Network in a feed reader. | |
| If you prefer to unsubscribe via postal mail, write to: Security Bloggers Network, c/o FeedBurner, 20 W Kinzie, 9th Floor, Chicago IL USA 60610 | |
1 comment:
Found you guys from Extra Pepperoni blog. You guys have a great blog :)
Cheers!
http://www.FreeBundles.com
Post a Comment