Monday, November 9, 2009 by Revdark.

Walter Mitty-gation

In Thurber’s short story ‘The Secret Life of Walter Mitty’ we are introduced to the titular character, who lives his life caught up in his dreams and fantasies.  When dealing with our computers and other digital devices, we often find ourselves living out the role of Walter Mitty.  Our in place mitigations against data loss exist more in the realm of fantasy than that of cold, hard, reality.

Simply put, we do not so much have mitigation as Walter Mitty-gation.

Many of you have purchased an external USB storage device; an excellent first step;  with the intention of regularly backing up your data.  This is where the fantasy kicks in; as chances are the data on the drive is now more than six months old.  The author hangs his own head in chagrin; as the data on his external USB backup drive is now some four months old.  Most external USB drives come bundled with backup software, but somehow it never gets installed, and when it is installed, the backup process is not run as often as perhaps it should be.

Music, audio books, software, contact lists, tax returns; e-mail archives, movies, programs, school assignments, and family photos that exist only as digital images, are all one virus, hardware failure, or system crash away from vanishing.  Sure recovery is possible, manned space flight is also possible, but in most cases, the costs for doing so are far in excess of the value of the data, and the digital resources remain lost.

These days, most operating systems have a native backup and restore function and if not, there are several excellent freeware backup software packages that are easy to set up, easy to maintain, and easy to automate, so your backups are run while you are at work, or asleep.  Isn’t that a wonderful thought?  It sounds so easy… Like a beautiful dream…

Don’t you wish you had a backup rather than an imagined Walter Mitty-gation?  When the inevitable data loss does occur, the Reality Fairy will soon appear to drag you from your beautiful dream and kick you appropriately.  You will also be kicking yourself.  Others may well be lining up to kick you to.  The line forms on the left.  No cleats please.

Oh, and before I forget; your computer is not the only device you should be worried about; MP3 players, phones, and  portable game consoles, could all benefit from some real data loss mitigation.

Shayne Dark

CISSP

Posted in Security | No Comments »

Friday, July 17, 2009 by Revdark.

What’s Up Dark

Itsy Bitsy Spider.  No.  Huge Freaking Spider.

Halloween is always ‘The Big Show’ at the Dark household.  I put a lot of time into creating the sort of Halloween experience that I enjoyed as child.  I set up pavilions, which are spookily lit and populated with a variety of strange and creepy, ghoulish, denizens, which I build in my shop.  This year, my wife, in a heartwarming display of accommodation, gave me permission to build a giant spider.  She doesn’t like spiders.  She also doesn’t remember giving me permission in regards to a honking great arachnid, but is willing to allow me the benefit of the doubt in this case.

Currently my wife and I are very busy preparing for our first child, due before Halloween, and this leaves me with a conundrum in regards to my giant spider intentions.  Build or buy.  Yes, thanks to the internet, home to things other than those sung about in Avenue Q, you can have delivered to your home, a prebuilt, ready to deploy, giant spider; at a cost comparable to building one yourself.  It might not be exactly the spider I want, but it will be adaptable to my spider needs.

Software solutions, especially security software solutions are much the same.  They have eight legs, inject venom and spin webs.  No wait, that is spiders again.  You can purchase a software solution that will, while not necessarily fit your organization perfectly, meet enough of your requirements to warrant its use.  You might be able to build one that is a better fit, but in doing so tie up resources, time, and funds that might be better deployed elsewhere in the organization.  There is no perfect solution, build or buy; both are reliant on the balance between resources, time and money.  For many security software solutions, buy is often the faster, less expensive and less resource intensive solution.  This is especially true of intrusion detection, anti-virus and vulnerability management software, all of which are dependent on up to the minute updates for emerging threats.  You can certainly write the software in house; but unless your house is in the business of providing these services, you are likely better off purchasing the software.

There is one more factor that is not part of the resources-time-money tripod.  Desire.

I want to build a giant spider.  So I am not going to buy one over the internet.

My mail carrier is likely happy about this.

My wife less so.

Shayne Dark

CISSP

Posted in Security | No Comments »

Wednesday, May 27, 2009 by admin.

Scared yet?  Does the thought of H1N1 keep you up at night?  Have you given up any association with Kermit the Frog for fear of cross contamination from his porcine paramour?  Does every cough, sneeze, or sniffle around you bring a fear-fuelled murmur of ‘oink’?  Do you eye the sausages resting in the supermarket cooler with suspicion?  Well more suspicion than people normally eye sausages with.

So what does this have to do with Information Technology?  Risk Management.  Risk Management is a funny business.  You have to compare the threats marshaled against your IT resources; evaluate the impacts of those threats against your organization; the value of the resources; and determine what protections can be put in place, without placing an operational or financial burden on the organization in excess of the value of what you are protecting.

We practice Risk Management on a regular basis.  When you cross the street, you check for  signage, and then look both ways before proceeding.  There is a threat.  Traffic.  There is a value.  Keeping you from becoming a screaming hood ornament.  There is a protection.  Looking both ways and consulting any applicable signage.  You don’t, as a rule, check for sharks, ninjas or falling Soviet Satellites when crossing the street.  The threats presented by sharks, ninjas or falling Soviet Satellites are so small while crossing the street that there is no real benefit to be derived from checking for them.  The ninjas out there may choose to disagree, but my only response is that you are welcome to try.

In IT environments examples of protections include regular maintenance of applications and operating systems, software such as firewalls and anti-virus, robust policy, enforcement of that policy and even external audit and penetration testing to determine if unknown vulnerabilities exist.  You will never be able to reduce your risk to zero, but then again you can’t do that crossing the street either, even if you look out for the aforementioned sharks and ninjas; or other threats such as Mary Poppins descending from on high to give you a Supercalifragilisticexpialidocious smackdown with her umbrella.

So back to H1N1 and the Hundred Acre Wood; yes H1N1 is a threat.  It has a potentially large impact.  Fortunately the protections against it are, for the individual, relatively inexpensive in time and resources.  You can find excellent information and suggestions at www.fightflu.ca

Shayne Dark

CISSP

Posted in Security, Uncategorized | No Comments »

Tuesday, April 21, 2009 by Revdark.

So I have a dead goose in my office.

The aforementioned dead goose is dressed as the Easter Bunny.

Perhaps I have been living with this large lump of strange so long that I have forgotten how large a lump of strange it is. Branta Canadensis Mortis Lepus.

His name is Wobbles; or to be more accurate, Wobbles the Dead Stuffed Goose. Some of you will smile at the name, others will merely scratch your collective heads. Wobbles is named for a Kliban cartoon, with the captions Honk! Honk! It is Wobbles the Goose. The cartoon does not have anything to do with geese.

Wobbles was a wedding present, given to my post wedding by my twin brother.

I am normally the evil twin, but my brother occasionally likes to show that it was not as cut and dried a contest as everyone seems to think.

Wobbles was obtained second hand from a garage sale, sold by a woman whose husband had taken to the hobby of taxidermy. Or if Wobbles is the work by which his skills are to be judged taxi-demolition-derby. He is posed as if in flight, on the downstroke, and is, if one is to butcher the language ‘orrible; with a capital O.

Now, Dark tradition is such that something this capital O ‘orrible cannot be binned and never mentioned again. You have to pass it on, or more accurately, inflict it on someone else. So Wobbles lived in the back of the basement for a year, wrapped in a bin-bag to keep my lovely wife from having to gaze on his glassy eyed contenance.

A year passed. We got older. Wobbles just grew dusty.

Then an event at work was requesting prizes for a tournament. I attached a festive ribbon to Wobbles, stuffed his dead goose arse in a box and hauled him into the office, plopping his cardboard coffin triumphantly on the prize pile.

Mystery Prize. A-number-one!

Foiled. The box did not make it to the tournament table. Wobbles stayed where he was, but he was not longer under my care so I considered the matter closed.

Then some six months later we required a mascot for a fund raising event. At the last minute - and I do mean last minute. We had assembled some scant feet from the empty cubicle where Wobbles lay in state like a feathered Eva Peron. I reluctantly fished him out, holiday ribbon and all, and declared him the mascot.

We won best mascot.
Unanimously.

Three years in a row.

Wobbles was the center of our advertising and fundraising; appearing in a number of film parody pictures (Fear Loathing and Dead Geese in Las Vegas - as Honker S. Thompson) and Bravehonk (Every goose dies, not every goose takes the hint).

He became the mascot for our group.

He is still in my office.

Crap!

Posted in Uncategorized | 1 Comment »

Friday, April 17, 2009 by Revdark.

So I am 39 today.

I have beaten Jesus by six years and have the added bonus that I am verifiable as a historical figure. So I have that going for me.

One more year and my lovely wife gets to paint the back of my gorilla suit silver. I have that going for me too.

So far this birthday has been so much better than my last one. Which sucked, for a lot of reasons, for a lot of people. So I have that going for me to.

I am in good health, with a solid career, active, interesting hobbies (which also pay me reasonable money), and a wide and varied skill set. So I have that going for me to.

I feel challenged and rewarded professionally, physically, and artistically. In regularly indulge my mind and body in a myriad of interesting ways. So I have that going for me to.

Am I happy? That is a trickier question. No. Being happy, at least to my mind would be floating through every single moment on a blissful cloud of pleasure. I am not happy, at least not in that context.

I am content.

And that is enough.
Shayne

Posted in Uncategorized | No Comments »

Monday, April 6, 2009 by Revdark.

So, in case it has not been thoroughly communicated.

We are pregnant, just zooming past the 14 week mark. I should clarify that my lovely wife is the pregnant one, while I am pregnant by proxy. I spent much of Saturday clearing out the accumulated muck in the spare room to get it ready for painting and migration. The computer room is moving 12 feet to the left, and the space formerly known as the computer room is to be the nursery.

First things first. Paint. The spare room has been for storage/the treadmill and is not what I would call a living space. It will be now, as we spend a lot of time in the computer room. It is currently yellow. It is a warm and friendly yellow, a colour chosen to draw homebuyers to the room like so many moths to the flame.

I dislike yellow as a home colour – while I appreciate the psychology of the colour, I am not spending a lot of time in a yellow room. Time to paint.

After that, it will be the computer room. Which is going to be done in an underwater theme, as the Darkling will be brought up to appreciate the aquatic mammal trait of the Dark side of the DNA.

Well, that is it for now.
Shayne

Posted in Uncategorized | No Comments »

Wednesday, April 1, 2009 by Revdark.

Your Inner Phish?

There are two great fossil discoveries of late. Okay. That is a gross understatement. The great fossil discoveries of late are legion; but two in particular are extremely compelling. Tiktaalik Roseae, uncovered in our own frozen north and Maiacetus Inuss, an important whale transitional species involved in the return to the life aquatic.

While separated by a span of some 335 Million years it is amusing to picture the two meeting up (Prey envelope notwithstanding) and comparing intentions with expectations. Tiktaalik doing tetrapod pushups while Maiacetus is getting back into the swim of things.

“Hey, how’s it going? That land thing looks really cool.”
“Don’t bother… Just don’t. It’s not worth it.”

It’s not worth it. I seem to be using that phrase a lot lately. Mostly with things not concerned with tetrapod pushups, transitional fossils or the orientation of proto-cetacean birth canals.

More is the pity.

These days I am using the phrase “It’s not worth it” to answer the question brought on by browser based software pop-ups that state that my computer is infected with everything from the latest ad-ware to scrofula. Lacking the touch of a monarch (to deal with the scrofula), the helpful-in-a-snake-oil-salesman-kind-of-way ad states that it can install software that will detect all viruses and clean them. Whether they are there or not.

They are not.

Know what anti-virus program you are running on your computer (You are running an anti-virus software package aren’t you…). If the message was not generated by your local anti-virus program, the message should be considered spurious, malicious, and potentially hazardous to your computer.

Be careful when you close these windows to. Look carefully. Often they will have a close button along with the small X in the upper right corner. It’s not worth it. The close button is a clever ploy to convince you to click on it, starting the install that you do not want to do. Why do you not want to do it? It’s not worth it.

The names associated with these fake infection reports include Sysprotect, Winfixer, and Antivirus 2008/2009 and there are more appearing every day. Once on your computer they are extremely difficult to remove entirely and a more practical solution is to rebuild the operating system entirely, rather than try to erase all traces of the virus.

In short.
Don’t bother…. Just don’t… It’s not worth it.

If you get a report of a virus on your computer, verify the source of the message before taking any further steps.

Shayne Dark
CISSP

PS. For those of you wanting to read more about Tiktaalik, try reading Neil Shubin’s excellent book, Your Inner Fish. You can also rock out with Tiktaalik at http://www.youtube.com/watch?v=B9h1tR42QYA

Posted in Security, Uncategorized | No Comments »

Wednesday, March 11, 2009 by Revdark.

Cindy took another shot at the reef this morning.

We started out by feeding Charlie and his buddies.  Chubs - they can strip the bread from a white guy in no time.  Then we walked down the beach thirty feet so Cindy could have a chub free swim.

Cindy is not comfortable with sharing the water with a lot of fish, or at least fish with personal space issues.  That would be Charlie the chub and his many friends.  Cindy made a valiant effort at it, out past the sea grass and to the coral.  She saw squid and even a small baracuda that had come in to check things out.  Cindy had a lot less trouble with the baracuda than the chubs.  Baracuda do not get in your personal space.

 Hey Sailor? Who’s the lovely bit of rough?

After Cindy had her fill of the water, she headed back to the resort.  I swam the reef from the wall to Henry Morgan, including buzzing the glass bottomed boat.  I did not moon them though.

Charlie drops by to say hi and meet another friend.  Then it was archery - Cindy, Brett and I are the range masters at this point.  The resort has range safety for a change.

Posted in Uncategorized | No Comments »

Tuesday, March 10, 2009 by Revdark.

So yesterday was our great adventure with the Dolphin training program at Anthony’s Keys.

Things did not start well.  The cab we ordered for 7:00 in the morning did not show up and had to be roused from bed, and eventually got us there.  After that frustration - magic.

We start with a lecture and then it is off to the dolphin pens.  We are paired with David, a local who has been a trainer for almost four years now.  We start with observation of him working with Ritchie, a wild dolphin who has been with the institute some years now.  After working with Ritchie and another dolphin - Anthony who was born at the facility, we are off to the fish kitchen to prepare dolphin din-dins.  Fish are brought out, sorted (to remove ones with broken skin that might harbour bacteria) and then weighed and measured into coolers for the individual dolphins.  Brett, Angela and I did our bit in the sorting/weighing/cleaning side, but Cindy stayed with ice.  She was feeling a little squeamish about handling el-fisho-deado.

After a lecture on training methodology and hand signals it was back to the dolphin pens for some training with Kenny and Mr. French.  The males were all in a bit of a state that day, but we were given the opportunity to train with the dolphins, including giving signals, celebrating a trick well done with praise, tummy rubs, and dumping fish down the throat.  The dolphins continued to train the bipeds to give them praise, tummy rubs and dump fish down their throats.

We offered to buy our guide lunch and headed off to one of the snack bars at Anthony’s Key.  The food at Henry Morgan is good, but rich - and the lure at the key was the simple, sublime, hamburger and fries.  It was just what all four of us needed.  Brett ordered two hot-dogs, unaware that the local hot dog contains 3/4 of a piglet.  He made a valiant effort.

The final dolphin session was in the lagoon, where we swam out to interact with them.  This included fin rides, pushes, and even a boogie board run.  We were working with Gracie and older female dolphin of impressive size.

It was an incredible day, and we got back with a bit too much sun, but happy.

Dances with Dolphins

Shayne

Posted in Uncategorized | No Comments »

Monday, March 9, 2009 by Revdark.

Two dives ago Angela and I spotted a moray eel.  I found him again today and was able to spend some time around him.

The picture does not do justice to how green he is, though you do get a sense of the size.  This is a honking great fishy.  At least six feet long.  I followed him around several coral formations, before he turned around and gave me a look that said.  Okay fun’s over.  Fun was indeed over and we went our separate ways.

That’s A Moray

Cindy held Shanti again today, and is getting much better with the  birdies.  Tomorrow is the dolphins.  Eh-eh-eh-eh!

Posted in Uncategorized | No Comments »