by Ross Sivertsen | Oct 28, 2010 | Blog, Uncategorized
In this Lifehacker article they cover some of most common security risks around Windows. All very common methods in the information security world; to the folks reading my post probably not so common.
Window is susceptible to attack more than any other environment not so much because if the flaws I the design (though there are plenty of those) but rather because of the fact that there is such a large installed base and such a rich knowledge domain on the subject. In fact research shows that most of the most common exploits used in computer related information theft were developed around the attacks used on Windows.
So this article is more about facilitating protecting your information, especially the information that would make you susceptible to identity theft.
Simply put, if you use Windows ( or any other environment for that matter ) consider using a couple of tools, both are free, and both will help with the 80/20 rule:
Keepass: www.keepass.info – This is a great tool to keep all of your personal information, it’s stores your information in the format of ‘index cards’ the file uses any number of strong encryption algorithms (I prefer AES). And if you use a unique strong password, there is virtually no way any one can get to the information.
There are a lot of eWallet type tools out there, but I really like this one because it’s free (free is good, we like free) and it’s open source. If fact I keep All of my personal information in Keepass on a USB stick on my key chain, and I have no problem advertising that fact, I’m that confident of its security.
Truecrypt: www.truecrypt.org – This is another tool that is always in hands reach for me, again it’s free and open source, so there are no ‘magic’ back doors. This tools isn’t a Rolodex inasmuch as it’s a virtual drive that is encrypted. The tool will create a virtual disk in the form of a file (that you can copy to a USB stick) using a strong encryption method. You use it like any other drive on your system except that when you copy or move files to it, the files are encrypted and nobody can access them without the passphrase.
Combine this with Keepass and two different passwords (one for each), and you’ll have secured your personal information to a level that the best crypto hacks can’t reach, and I don’t mean figuratively either.
So there you go, you just got the benefit of three years of graduate school, two advanced degrees in information security and tens of thousands of dollars of tuition for the price reading his blog post. Go forth and be secure.
The price of freedom is eternal vigilance.
http://pulsene.ws/cHpG
by Ross Sivertsen | Oct 27, 2010 | Blog, Uncategorized
I started reading this article this morning as I was planning my activities for the day. Delegating is a huge issue for me, in part for some of the reasons Kent states in the article, but also in part because I have prided myself at being ‘a working manager.’ I don’t ask my staff or others to do anything that I haven’t done, wouldn’t do, or couldn’t do myself.
The problem with that notion is that as a simply practical matter we can’t, despite our best intentions, do everything. I know that it seems self evident, but for me it continues to be a challenging idea in practice.
And it’s not because I’m a doer either, my wife and father in law are both doers, they can’t sit still. I think in part I fear asking for help, and thus appearing to be weak and needy.
Clearly I am neither, but fear is an interesting thing, and if we aren’t careful about it, we can be manipulated by others as a result. Kevin Mitnick made a career out of it through ‘social engineering’ his book, The Art of Deception, an excellent read, is a seminal work on the subject.
Anyway, delegating to get things done is a practice that I continue to work in and hopefully someday will master.
Read the article don’t delegate it to someone else to read.
http://pulsene.ws/cLs1
by Ross Sivertsen | Oct 26, 2010 | Uncategorized
The expert in battle seeks his victory from strategic advantage and does not demand it from his men. -Sun Tzu
by Ross Sivertsen | Oct 26, 2010 | Blog, Uncategorized
I love Lifehacker.com, and have followed their site ever since I read “Getting Things Done” by David Allen. Lifehacker comes from the same people that bring us gizmodo. Lifehacker focuses on the simple things that help tweak our lives to help things go a bit more productively (hacks in computer terms).
I follow their posts regularly and find the tips very worthwhile, e.g. How to improve your presentation skills, or the reasons why we procrastinate.
It was odd though when I started seeing a series of posts yesterday that, though informative, seemed… Well out of place. The first one was “How to crack an encrypted wi-fi network,” followed by “How to manipulate people.”
Then I went over to the site to look at their landing page (I usually read their stories on a news reader so I occasionally miss a post). And this week is “Evil Week” in tribute to Halloween this Sunday.
The interesting part of the idea of evil week, is that many of the ideas in the posts are the exact reasons I got in to the information security and assurance business.
I’d encourage you to go over to their site and take a look, not to find out how to defraud others, but rather to recognize it for yourself and help to prevent it from happening to you. Who knows you might even learn how to thumb your nose at Steve Jobs and build your own “Hackintosh.”
http://pulsene.ws/bTlw
by Ross Sivertsen | Oct 25, 2010 | Uncategorized
What would you do, what could you accomplish, if you KNEW you would not fail? So what is YOUR wildly audacious goal?
by Ross Sivertsen | Oct 25, 2010 | Blog, Uncategorized
On the surface this seems like one of the most bizarre events in the business sector. But Tom Peters wrote in The Little Big Things, about celebrating failure and not chastising it, when failure results from attempts at innovation and not apathy. Someone once told me early in my career to 'hurry up and get your failures out of the way, because that's the only way you're going to make progress.'
We learn from our mistakes, a trite comment, but true nonetheless, and more often than not, success stems from perseverance in the face of failure.
So I ask this question of all of you, what would you do if you KNEW you would not fail?
FailCon Fails to Fail, Returns for 2010 http://pulsene.ws/bOoc
