Archive for February, 2007

Feb 28 2007

And finally, some pictures before I go to sleep

Published by under General

No, not of me in my PJ’s, but of Pints Pub and the folks I had beer with last night.  It was great to meet folks I’d only IM’d or Skype’d in the past. 

Trusted Catalyst Meetup Flickr pool

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

No responses yet

Feb 28 2007

Thank you

Published by under Blogging

I’m humbled by all of the wonderful things people have been saying about my move to StillSecure.  I knew I had a lot of friends out there in the blogging community, but it’s still a great feeling to see what they’re writing about me.  It’s also a huge responsibility to try to live up to the picture they paint of me.  I’m a nice guy, but I’m still human.  Let’s hope I can live up to the image they’re portraying. 

Here’s the posts I know about so far, not including the welcomes from Alan and Mitchell.  Many thanks to all of you.

And in case you’re wondering what I’m doing at StillSecure, you can check out the Cobia site.  We’re looking for Alpha testers for the project, but don’t feel pressured to sign up.  There’s going to be a lot more information available in the near future, but for now you have to sign up to get the whole scoop.  You can get an idea of what we have planned from what’s there now.

Technorati Tags: , , ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

Feb 28 2007

Watching “Identity Theft” by the State of Colorado

Published by under Privacy,Simple Security

I saw the very end of this program earlier today and got lucky enough to catch a second showing this evening.  I’m impressed by this program, it’s not just a fluff piece, it offers very good advice on how to avoid identity theft.  They didn’t try to blame all identity theft on computers, but did list them as one of the places people are vulnerable.  They state that protecting your identity is an inconvenience, but a lot less so than getting your identity stolen.

The main thrust of the program was the three steps you should take to avoid identity theft, “D E P”. 

  • Destroy: Get a shredder and destroy all credit offers and other mail that you receive.  Also, destroy old documents that you no longer need, such as old bills.  The host, Mason Fink, also suggested home owners pay for a document destruction service, but it’s much cheaper and easier to buy a crosscut shredder.
  • Eliminate:  Tell the credit card companies to stop sending you offers, convenience checks and other mail.  If you’re not being sent these pieces of mail, that can’t be stolen.  And quit carrying around so many credit cards.
  • Prevent:  Don’t click on suspicious links or emails, don’t go to suspicious sites, and monitor your own credit records. In other words, be conscious of what you’re doing with credit cards and where you’re using them. 

I couldn’t find a link to a site associated with this program, but I’d appreciate it if you can help me find it.  I wish California had a program like this.  Or maybe someone could create a program like this for a PBS station and get it syndicated.

Technorati Tags: , , ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

Feb 28 2007

Thursday night in Boulder at the Walnut Brewery

Published by under Blogging

Joshua has done me a big favor and scouted out the Walnut Brewery in downtown Boulder for drinks and dinner tomorrow night.  If you’re in the area, join us for a beer or two.  I hear they have a beer sampler platter I’m going to give a try.  Before you know it, I’m going to have to set up another blog to compare the beers I have around the country.  I can think of worse things to do with my time.

Just so you can find me, here’s a picture taken of me last year by Thomas Hawk, nice guy and awesome photographer.  He even made me look good.

Technorati Tags: , , ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

Feb 28 2007

Suppressing information rarely works

Published by under Hacking

The HID Corporation has threatened legal action against the folks organizing Black Hat and security researcher Chris Paget.  They think that suing Chris will put the cat back in the bag and hide the security holes he’s found.  Instead they’ve taken what would have been an interesting but quickly forgotten talk and made it newsworthy, something picked up by the blogosphere.  As Robert David Graham says, they’ve done the wrong thing for the wrong reasons and are going to get exactly the opposite results from what they really wanted.  More people will know know about cloning RFID tags and problems with HID technology than ever would have heard of it if they’d just let the presentation happen.

Good move folks.

Edit:  Additional information on HID’s actions

Technorati Tags: , , ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

No responses yet

Feb 27 2007

Dinner with the Trusted Catalysts

Published by under Podcast

Sorry, but no podcast tonight.  I’m going to have to seriously rethink my podcasting schedule given the new job.  I may have to switch from a weekly podcast to ‘as I can’ podcast, or get a lot better at doing it on the road.  Which means I actually have to learn how to use my H4 Zoom and Garage Band.  But not tonight.

I spent this evening in Denver at a great brew pub, Pints Pub.  Michael Henry, Acr0nym, Jonathan Squire and Johan Hybinette joined me for a beer or two.  I didn’t try the scotch, but Michael tells me that this pub has the biggest selection of scotch outside of the UK.  I can’t tell you about the scotch, but the fish and chips were pretty darn good.

These gentlemen are all members or potential members of the Trusted Catalyst Community.  Michael Santarcangelo is pulling together security professionals and people all over the country, to create a community dedicated to promoting security.  I’m part of the group, so these guys offered to join me for beers and companionship tonight.  It’s not often I feel like the dumb guy at the table, but this was one of those times.

I tried to capture some of it on my H4, but I now know I don’t know enough about my equipment.  I got a little of it, but the background noise was way to much for it to handle.   And by the time I got back to the room, it’s just too late to try to record.  Oh, and I forgot the driver disk for the H4 at home, adding one more excuse for not having a podcast. 

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

2 responses so far

Feb 27 2007

Feeling welcome at StillSecure

Published by under Blogging

Today marks my second day at StillSecure, and the first time I’ve ever had a job where they issued a press release to announce my being hired.  The recognition feels good, but is nothing compared to the feelings of welcome and excitement  that greeted me when I walked in the door.  I’ve never worked for a company where everyone knew my name, if not my face, before I even arrived.  To say this makes me certain I made the right decision in joining the team at StillSecure is an understatement.

I’ve never heard the term beshert (edited to fix spelling) before, but I think Alan’s right, this is a partnership that was meant to be.  I took a leap of faith when I left my previous employer, without a job to go to and a limited amount of savings, but the confidence that something awesome would turn up.  My wife didn’t quite understand at first, but she had faith in me, which is one of the reasons I love her. And less than three weeks after leaving my landed on solid ground.

It’s still percolating through my skull that I’m now paid to be blogging, podcasting and just getting out there meeting people.  Alan said something about ‘marketing chops’ but my job isn’t marketing.  Marketing is about getting a message out, my job is going to revolve more around listening to what StillSecure’s customers and users (different people in the same organization very often) have to say about our products.  I’m responsible for taking that feedback and helping everyone in the company make StillSecure products.  I’m primarily working on a research project under Mitchell Ashley right now, but I’ll listen to feedback on any StillSecure product and make sure the right people hear it. 

There’s a lot I plan on contributing to StillSecure and I expect to learn a lot from Mitchell and Alan over the next few years.  Six months ago I posted an entry that I wanted to be a Security Evangelist, and now I am one.  Sometimes if you want something hard enough, it can come true.  I’m not sure if the stars aligned in just the right pattern or if this is the culmination of a lot of hard work and conscious though on my part, but this is an opportunity that was meant to be.

By the way, Alan’s closing comment about hiring bloggers isn’t just hot air.  Brad Feld is one of the backers of StillSecure and a blogger, Alan and Mitchell both blog, I obviously blog and we’ll be encouraging others at StillSecure to blog and podcast in the near future.  Knowing that my blogging was going to be an asset to my new job instead of a possible problem was definitely in the forefront of my mind when I accepted this position. 

Technorati Tags: , , ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

4 responses so far

Feb 26 2007

Invitation to Windows Home Server Beta

Published by under Microsoft

I just got my invitation to the Windows Home Server Beta test.  Now I just have to find some hardware and time to play with it.  Mostly the time, since I started my new job today.  Maybe I’ll set it up as a VMware image on my main desktop at home, when I finally get home.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

Feb 25 2007

Locking my MBP

Published by under Apple/Mac

Thanks to Michael Santarcangelo for showing me how to quickly lock my laptop and for pointing me to a new site to get addicted to.  Like I don’t have enough RSS feeds already.  I got so used to giving my Windows the 3-fingered salute every time I walked away and was wondering how to do the same on the Mac Book Pro. 

Technorati Tags: , ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

3 responses so far

Feb 25 2007

Michael’s speaking at TRISC 2007

Published by under Blogging

I just wanted to congratulate Michael Farnum on getting a chance to speak at the Texas Regional Infrastructure Conference.  Michael will be talking about using blogs for security research, one of my favorite subjects.  With a little luck I might even get a chance to attend the event.  After RSA, Michael should have enough contacts in the security blogosphere to make this a very interesting talk.  After all, he can say he’s now met  a large number of the most influential security bloggers thanks to his own blogging.

Technorati Tags: , , ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

No responses yet

Next »