Sunday, January 15, 2017

What I'm reading 1/15/2017 - And just to let you know it's 21 degrees F and Sunny here up from 13 when I got up this morning. Spring has arrived! (Global Warming my shivering ass)

SANSCritiques of the DHS/FBI's GRIZZLY STEPPE Report -
The White House's response and combined messaging from the government agencies is well done and the technical attribution provided by private sector companies has been solid for quite some time. However, the DHS/FBI GRIZZLY STEPPE report does not meet its stated intent of helping network defenders and instead choose to focus on a confusing assortment of attribution, non-descriptive indicators, and re-hashed tradecraft. Additionally, the bulk of the report (8 of the 13 pages) is general high level recommendations not descriptive of the RIS threats mentioned and with no linking to what activity would help with what aspect of the technical data covered. It simply serves as an advertisement of documents and programs the DHS is trying to support. One recommendation for Whitelisting Applications might as well read "whitelisting is good mm'kay?" If that recommendation would have been overlaid with what it would have stopped in this campaign specifically and how defenders could then leverage that information going forward it would at least have been descriptive and useful. Instead it reads like a copy/paste of DHS' most recent documents ? at least in a vendor report you usually only get 1 page of marketing instead of 8.
We read this report at work, and while we took what action we could based on what it contained almost everyone was confused on how the attribution portions played into the conclusions.  It was not a well put together effort. 

Ars Technica - Congress will consider proposal to raise H-1B minimum wage to $100,000 -
One major change to that system is already under discussion: making it harder for companies to use H-1B workers to replace Americans by simply giving the foreign workers a raise. The "Protect and Grow American Jobs Act," introduced last week by Rep. Darrell Issa, R-Calif. and Scott Peters, D-Calif., would significantly raise the wages of workers who get H-1B visas. If the bill becomes law, the minimum wage paid to H-1B workers would rise to at least $100,000 annually, and be adjusted it for inflation. Right now, the minimum is $60,000.
The sponsors say that would go a long way toward fixing some of the abuses of the H-1B program, which critics say is currently used to simply replace American workers with cheaper, foreign workers. In 2013, the top nine companies acquiring H-1B visas were technology outsourcing firms, according to an analysis by a critic of the H-1B program. (The 10th is Microsoft.) The thinking goes that if minimum H-1B salaries are brought closer to what high-skilled tech employment really pays, the economic incentive to use it as a worker-replacement program will drop off.
This will help, but what is really needed is to a) decrease the number of slots available by 10% per year over 50 years, make employers certify that they have looked for qualified American workers, under penalty of perjury and hold the CEO personally criminally responsible, and require a bond on every H1-B that can be returned when the worker is replaced by an American.  Also make the visa follow the person after 2 years so companies can't hold workers hostage and deflate wages.

The Verge - AMC and the BBC are teaming up to adapt John le CarrĂ©’s Spy Who Came in From the Cold
The Spy Who Came in From the Cold is le CarrĂ©’s third novel. First published in 1963, it follows a British agent who is sent to Germany to try and undermine an East German intelligence official at the height of the Cold War. The novel was an immediate success, and was adapted as a film two years later.
I read the book and saw the movie.  This is not a James Bond film.  Actually it was dense enough that a multipart TV show may be the best way to do it justice. 

Backchannel - Where Weird Facebook is King: How a College Kid Does Social - not much here unless you have a teen who you want to harrass on social media.  In that case so valuable.


Two for the Marines

The head of the US Marines wants to recruit about 3,000 troops skilled in online warfare and espionage to make sure the Corps is ready for 21st-century battle.
On Thursday, General Robert Neller told the Surface Navy Association's annual convention that he was looking to raise his numbers from 182,000 to 185,000 in the next Defense Appropriations Bill – and wants to use the extra heads to beef up online and electronic warfare capabilities.

The problem here is that most of the people who are interested in stuff like this are not the type of people the military wants.  This is going to be a really hard sell on both sides.

Officers at the Marine Corps Warfighting Laboratory/Futures Directorate in Quantico, Va., came up with the idea last year to host a sci-fi contest to spur creativity, as well as get uniformed Marines to conceive of threats in a different way. A total of 84 entries were narrowed down to 18 finalists, who were paired with professional sci-fi writers—including “World War Z’s” Max Brooks—during a workshop co-hosted by the Atlantic Council. After months of editing, the top three stories were collected in “Science Fiction Futures: Marine Corps Security Environment Forecast 2030-2045″ and published online [PDF].
No comments - just thought you guys might enjoy this one.
Post a Comment

OSCP and Defcon26

First - I was thinking my OSCP course started on the 27th, nope it starts on the 19th.  I would have missed it except i decided to double ch...