Sunday, August 29, 2004

The Globe and Mail

The Globe and Mail

Maybe instead of searching for finger-nail clippers, security agents at airports should check vacationing travellers for carring work-related paraphernalia. If found they should confiscate.

I can see it now. instead of those plexi-glas boxes holding oodles of nail clippers, safety razors, etc., we'll have boxes full of mobil phones, laptop computers, PDAs, pens, pencils, paper, ...

Op Ed: How Long Can the Country Stay Scared?

Op Ed: How Long Can the Country Stay Scared?

Worth careful reading and consideration.

Saturday, August 28, 2004

C-SPAN.org: Search Results

C-SPAN.org: Search Results

Short 10-minute interview with John Kerry in 1971 where he talks about throwing away his medals. Interesting he felt that minority veterans were a menace as they were "taught to kill".

Friday, August 27, 2004

NEWS.com.au | Plane crash a terror attack: authorities (August 27, 2004)

NEWS.com.au | Plane crash a terror attack: authorities (August 27, 2004)

It appears as though the dual plane crashes in Russia were caused by explosives.

Security by Obscurity Leads to Safety Risk

Jimmy Breslin writes in Newsday about the diachotomy of security in New York City in preparation for the Republican Convention. While hoards of police check people for hidden finger nail clippers, they cause a real and serious safety risk, which could result in death, by practicing "security by obscurity". Next, I guess, will be to emulate cold-war Moscow where published city maps were just plain wrong so as to confuse invading armies. Golly gee.

"At 75th Street yesterday, behind an empty park bench, were two posts that always held the sign that had been there for years and which stated: "Warning. Do Not Anchor or Dredge, Gas Pipelines Crossing, Continental Gas Pipeline Corp." As an act of homeland security, the sign has been taken down. This meant that nobody would know anymore that the pipeline was right under their feet. The sign at the 175th Street site also has been removed. This is bureaucratic voodoo: You take something everybody knows and say it is a secret."



Sunday, August 22, 2004

Scobleizer: Microsoft Geek Blogger

Scobleizer: Microsoft Geek Blogger

Bob Scoble writes eloquently about computer security. I especially like his description of how his wife's heirloom jewlery is protected and uses that to make the point about layered security in computing.

I think a large component of the computer security "problem" is that this is really the first time that "normal people" have to contend with and understand security if they wish to be more secure. This is the first time in history that huge numbers of "normal" people have important "assets" that are under continued "attack"--computers on the internet.

Before now, people knew to have, or consider having, locks on their front door. They watch their wallet and handbag when walking through big cities. They lock their car doors when going into the grocery store even if only for a few minutes. Despite this, the vast majority of people hae never been "attacked". Security incidents, even though worried about, just didn't happen (to most people).

"Designed" security, say for heirloom jewelry, was designed by others. While normal people recognise that security exists, understood the need for that security, and even sought it (e.g. for jewelry or cash money) they didn't really need to understand it. They don't know how to establish an understanding of risk and controls. (They haven't read Bruce Schneir's books http://www.rmschneider.com/writing/Schneier_5steps.html).

In today's world, "normal people" are now forced for the first time to really understand security on their internet connected computer. They feel they are under attack. They see evidence they are under attack. But they don't know, and in general are not interested, knowing how to design a security system in defence.

They just want it taken care of, preferably by Microsoft.

Sunday, August 15, 2004

The New York Times > National > Uranium Reactors on Campus Raise Security Concerns

The New York Times > National > Uranium Reactors on Campus Raise Security Concerns

Funny how things change over time. As a student at Purdue in the early 1970's I would often walk across the Mall heading towards the Electrical Engineering building and forget there was a nuclear reactor under ground ... or at least that was what was understood by most. I now agree that it makes no sense to have reactors as described in this NY Times articles on university campuses due to security issues that we now recognise.

Thursday, August 12, 2004

:: Xinhuanet - English ::

:: Xinhuanet - English ::

Now this is interesting....

"Russian scientists said they have discovered the wreck of an alien device at the site of an unexplained explosion in Siberia almost a hundred years ago, China Daily reported today, citing the Interfax news agency as the source".

Monday, August 09, 2004

Overview to the Antivirus Defense-in-Depth Guide

Overview to the Antivirus Defense-in-Depth Guide

A welcome addition to the literature.

"The Antivirus Defense-in-Depth Guide provides an easy to understand overview of different types of malware, or malicious software, including information about the risks they pose, malware characteristics, means of replication, and payloads. The guide details considerations for planning and implementing a comprehensive antivirus defense for your organization, and provides information on defense-in-depth planning and related tools that you can use to help reduce your risk of infection. The final chapter of the guide provides a comprehensive methodology to help you quickly and effectively respond to and recover from malware outbreaks or incidents."

Sunday, August 08, 2004