Its a new dawn, a new blog, and I’m feelin’ good

Feels Good

Feels GoodPhoto by Patrícia Raimond

Having changed a couple of things around, I’ve re-engineered my lacunae.org into a personal blog. Hope y’all like it, more to come as I update, plagiarise and shamelessly research.

In the mean time, if you haven’t seen the most beautiful people in Information Security yet, take a look at people having fun at 44Cafe 2013. More to come in the main event in September!

Scribd: doing sensible things with iPaper

How do you keep your electronic documents? More to the point, how do you publish and distribute them?
Most people create documents using MS Office or OpenOffice. I’ve switched from Adobe Photoshop to The Gimp for all my graphics work, its a lovely little program. But when I send stuff to publishers, I am still stuck with churning out PDF’s. Its received wisdom that its a bad idea to send out the original office docs – too many comments, metadata snippets, and of course, the risk of change.
I’ve used pdfFactory from Fineprint for a while. I like it, its a nice PDF file converter that gives me little pain. However, there’s still the thorny issue of managing and distributing all those documents electronically. Wouldn’t it be nice to say “here’s a link to the document and I’ll keep it updated with the latest version?”
Enter ScribD. They provide a hosting service where your documents live, and can easily be displayed to the world, or kept private. For fun, you can even embed them in a blog post. Here’s an old presentation I did in 2006:

Read this doc on Scribd: OTR 2006 Presentation


And because RSS usually kills embedded objects, you can click on the link directly at http://www.scribd.com/doc/2149696/OTR-2006-Presentation.

I like this, and even more impressive, they responded in about 5 minutes when I asked them when they would support OpenID.

Born and raised on steel river

I started out my working life as an apprentice in the steelworks in Cardiff, and fortunately they sponsored me off to university, where I discovered the fascinating world of networked computing. In fact my first experience of InfoSec was when our Pyramid got hacked by some enterprising youth(s) calling themselves “L.E.Phant”…

Its good to see these guys have their pensions back.

http://news.bbc.co.uk/1/hi/wales/7147659.stm

A Ration of Passion

I remember in one of those tiresome discussions that seem to sweep around from subject to subject, my protagonist declaiming “You aren’t passionate about anything!”.

Douglas Adams used to claim that this was true of those of B*lg**n race (in fact, the people of Earth are not only guilty of turning the Krikkit wars into a rather dull and pointless game, but taking the worst swear word of all and making into a country name).

So, for all of those who think I’m dispassionate, cold, and a teensy bit boring, here are things I’m passionate about:

  • Cars. I could happily spend hours listening to Clarkson, and reading his writing. I love driving, and the XKR is more fun than I’ve had in years. I spent yesterday mostly driving for pleasure, met an old friend of 20 years for lunch, and we went for an explore afterward :) Many years ago I did a performance driving course at the BRDC in Silverstone, and I loved it to bits. I should really do another one.
  • Getting fit. No really. I’ve spent years being terribly, terribly unfit. 2007 is proving to be the Year It Changes. This is linked to a desire to get behind the wheel of fast cars (see point 1), and at some point, get my pilot’s license.
  • Photography. I don’t spend nearly as much time behind the camera as I’d like to. I really enjoy taking pictures, especially non-posed shots. If photography is Art, and the purpose of Art is to hold a mirror up to Life, then posed shots are not good art, although if you do it well you can thaw people out of this terribly stiff victorian poses they seem determined to adopt.
  • Music. I love listening to it, playing it, and writing it (although I don’t expect you to like the stuff I write). At home I have a rather nice Yamaha electronic piano, and the geek in me has tried to hook it up to the PC that is rather handily standing by. My father recommends me to join a choir, perhaps I should. Although what choir hall could improve on the acoustics of my shower :-)
  • Dancing. Well, I enjoy this. Its fun, its good exercise, and as someone described it, its a “three minute love affair”. I’m getting myself a little fitter before I launch back onto the scene, although I feel completely different to the man I was say, 12 months ago. I’m a little nervous about some of the people in the tango set around here, I’m thinking about Ceroc. I’m not sure I’m passionate about this though. Not yet.
  • Work. I love what I do. I feel my work is important, and makes a difference to my clients. Its intellectually stimulating, rewarding, and constantly changing.

Belgium.

A little knowledge is a dangerous thing

I know an Expert. Not a real one though. Real experts have a track record of education, followed by years in their chosen profession honing their craft, coupled with papers, books, conference speeches, and sometimes media spots (although beware the “meeja hoor”, who sad to say is an Expert with a PR agent).

Anyway, my Expert is a glib, charismatic person. She has the undoubted benefit of good looks (and who am I to say that primeval urges aren’t important decision making factors?). She’s been an Expert in Medicine (more than doctors of 40 years in practice), Law, Bodybuilding, and her latest area of expertise is apparently computer security…

I received the following email (names deleted):

From: Expert.Person@gmail.com
Subject: worthwhile knowing
>Subject: Urgent
>>
>>Dear All
>>
>>If you receive a phone call on your mobile from any person, saying that
>
>>he or she is a company engineer, or telling that they’re checking your
>>mobile line, and you have to press #90 or #09 or any other number, end
>>this call immediately without pressing any numbers.
>>
>>There is a fraud company using a device that once you press #90 or #09
>>they can access your “SIM” card and make calls at your expense.
>>
>>Forward this message to as many colleagues, relatives and friends as
>>you can, to stop it.
>>
>>Many thanks for your time regarding this matter, take care and regards.
>>
>>Phil Corris
>>Police Constable/Crime Prevention Officer Ext (Internal)
>> (External)
>>Email PhilCorris@lancashire.pnn .police.uk

What I search for, I find. What we neglect escapes us.
Sophocles

When I was doing some fraud work for a large 3G telco about six years ago, this same email was going the rounds. Furthermore, a quick Urban Legends search reveals this has been rattling around the gullible since 1998.

Don’t pass these things on to all your friends, folks. Promoting a wave of uninformed hysteria does not make us more secure.

This blog entry was brought to you by the Campaign for Real Experts, which are nothing like the fizzy keg experts you get nowadays.

Good morning world

In somewhat of a change from recent habits, I got 8 hours sleep last night. I hit the sack about 11, and rolled out at 7 this morning to the dulcet tones of Sarah Kennedy. I’m currently enjoying some Tchibo coffee which when put through the filter is frankly turbo-charged. Oh Yes. I listened to Johnnie Walker’s Steve Earle interview last night, and I was fascinated to hear someone actually holding a mirror up to Life – the purpose of being an artist. A lot of people in the music business don’t want to comment on the world around them – mind you, I’m not sure I care much what The Cheeky Girls think of the current world situation.

This week promises to be a busy one – I am off to Prague tomorrow, and on Friday I got a new case in. Fortunately I have brilliant colleagues who will be able to cover – just need to get some paperwork signed by the client.

On the way home last night, I paused to look in the window of HA Fox, and spotted the rather nice XK jaguar convertibles. I think I have fallen in love.

Time for another cup of turbo coffee. Va-va-voom, all.

Pecha Kucha: Get to the PowerPoint in 20 Slides Then Sit the Hell Down

Pecha Kucha: Get to the PowerPoint in 20 Slides Then Sit the Hell Down

This is rather groovy. We’ve all suffered “Death by Powerpoint”, where the presenter painstakingly reads the slides he’s prepared to us, oblivious of the slack-jawed faces, and drool accumulating in our laps. (Euch)

The idea behind Pecha-Kucha is simple.

  • Make your slides interesting.
  • Make your words to the point.
  • Sit Down when you are done.

I feel like I just glimpsed a better world.

Job post of the day

This was sent to me by a friend in the Recruitment business:


Pussy Drinks is a young entrepreneurial business with backing from an impressive array of investors. The company is growing quickly and offers its employees a dynamic environment where creativity and ingenuity are encouraged. The launch of Pussy onto the London bar and club scene this summer has introduced a uniquely new and refreshing product to the market. With 100% natural ingredients, the drink tastes great on its own but it is also perfect in cocktails a fact which has led to Pussy being endorsed by some of Londons top mixologists. The unique mix of a great tasting product and innovative marketing has already led to Pussy being enjoyed by discerning drinkers and celebrities around the world.

What can one say, it’s a living I suppose!

Useful tools

I’m fed up with backups. Its unarguably true that they are one of the most important linchpins in computer security – providing support for integrity, availability and (if done correctly), not compromising confidentiality. However, no one likes to do them, and without the kind services of a small army of people to backup my data for me, I know I’ll forget.

Carbonite appears to provide that function. I’ve been using it for about a month now, to back up files on my PC, and it sits in my system tray, and copies anything changed to my own private vaultspace in their datacentre. They assure me its encrypted – not strongly, admittedly, as the keys are my email address, and a password, but in a risk reduction scenario, I’m happier having my stuff safe somewhere else, especially as the drive in the PC is showing S.M.A.R.T. failure, and I’m waiting for the new one to arrive from dabs.

I’m also a fan of Outlook (although many people aren’t). I like it because its flexible, simple to use, and I’m fairly confident that with the addition of Avast antivirus and spamfighter, that not too many nasties get into my inbox. Mail to me goes through AV services at Versatilia, then Google, and then finally gets to my Outlook inbox. However, one thing I would like is to be able to check my google calendar, and have that automatically sync’d up with my Outlook calendar.

I tried RemoteCalendars, but to be frank, its got a lot of bugs in it. It crashed frequently, and stubbornly refused to talk to the Google Calendar API (which is still in beta, but still). The only success I had was wiping out my Google calendar, which then gave me an opportunity to test the restore feature on my mobile. I have found SyncMyCal, which just works, and is available in a freebie or pay-for version, for only $25, which seems well worth it for such a handy little tool.

Music is handled by Last.FM, which yesterday was tricking Coltrane jazz over my ears like warm oil. Actually, it was a lot nicer than having warm oil trickled over my ears. Please don’t do that. I’m also trying the potentially quite amazing Jajah, which trunks VOIP calls between me and the other person, without requiring me to have a (yuk!) BT Softphone, SkypeIn/SkypeOut services, or other complicated animals. And yes, the pricing is equivalent to what you get from Skype, or possibly even a little better.

And finally, for when my family call me up for PC support[1], I’ve got a LogMeIn connection so I can jump onto her laptop without her trying to navigate Messenger to send me a remote assistance request.

[1] If you discover how to make a career in IT without people calling you asking you to fix their computers, let me know how.