Earlier this week I did a presentation on ICS networks for the Oregon InfraGard chapter. Here are the slides if you are interested
Thursday, June 28, 2018
Monday, June 18, 2018
Weird Dream Alert
Very weird dream last night. I was selected to facilitate a SANS Sec660 course that was being put together at the last minute. I fly down to San Francisco and the course is being held in what looks like a high school auditorium in the back of the shoe department of a VERY rundown down department store.I get there and the it turns out my boss's boss and a couple co-workers are also attending and they aren't happy that I am there because this was supposed to be a secret session of this class, but the auditorium is packed. At least 500 people. No equipment setup except an old carousel slide projector which the instructor is using to show vacation slides not anything realted to the class. He does that then calls a break. I keep trying to get coffee and the cup keeps breaking. And when I get back there are about 600 messages at my seat all of which are nonsense. The entire dream was just an exercise in frustration.
Sunday, June 17, 2018
Reading "The Great Revolt" by Salena Zito
So today I found an article in the NY Post by CNN contributor Salena Zito - These Harvard kids got the lesson of their life in the Heartland - I knew the name but I don't watch much CNN, I usually listen to NPR for news, sometimes some Fox or CNN (never MSNBC) so I didn't realize until seeing this article that she had been traveling the country examining why Trump had won in the Rust Belt.
The result was her book The Great Revolt: Inside the Populist Coalition Reshaping American Politics I am about 25% in and honestly it's kind of an eye opener. I am one of those who believed Trump was unfit to be elected. I agreed with him on illegal immigration, disagreed on trade, and thought his temperament was completely wrong.
Turns out it was me that was wrong.
While I have been an ardent freetrader for years, that's because I was unknowingly one of the coastal elite benefiting from it to the detriment of many of my countrymen. I don't really think of myself as a member of the elite, and I am definitely opposed to most coastal politics, but really I am. That caused me to miss a lot of signs that pointed to a Trump victory.
I knew there was a lot of anger, and a lot of it I agreed with. We have been on the short end of a lot of trade deals because it's good for companies like Facebook, Google, and Boeing, with out giving consideration to American workers (that also includes H1B visas). That never sat right with me and I used to argue about it in former jobs. (moot point in the last two). Our countries culture is also being overrun and that bothers me a lot. Stuff like that. So even though I was (and am really) a Never Trumper, in the sense that I won't vote for him, I kind of got it. I even tried to explain to some of my very liberal friends that Trump and Sanders were really two sides of the same coin. Anger at the system just boiling over. They didn't believe me, but in the book there are a couple quotes from people saying they would have voted for Sanders instead of Trump if he had been on the ballot instead of Hillary.
Anyway it's been a very interesting read so far. If you think only illiterate, in-bred, mouth-breathing red-necks voted for Trump it's probably not going to change your mind, but you should still read it.
The result was her book The Great Revolt: Inside the Populist Coalition Reshaping American Politics I am about 25% in and honestly it's kind of an eye opener. I am one of those who believed Trump was unfit to be elected. I agreed with him on illegal immigration, disagreed on trade, and thought his temperament was completely wrong.
Turns out it was me that was wrong.
While I have been an ardent freetrader for years, that's because I was unknowingly one of the coastal elite benefiting from it to the detriment of many of my countrymen. I don't really think of myself as a member of the elite, and I am definitely opposed to most coastal politics, but really I am. That caused me to miss a lot of signs that pointed to a Trump victory.
I knew there was a lot of anger, and a lot of it I agreed with. We have been on the short end of a lot of trade deals because it's good for companies like Facebook, Google, and Boeing, with out giving consideration to American workers (that also includes H1B visas). That never sat right with me and I used to argue about it in former jobs. (moot point in the last two). Our countries culture is also being overrun and that bothers me a lot. Stuff like that. So even though I was (and am really) a Never Trumper, in the sense that I won't vote for him, I kind of got it. I even tried to explain to some of my very liberal friends that Trump and Sanders were really two sides of the same coin. Anger at the system just boiling over. They didn't believe me, but in the book there are a couple quotes from people saying they would have voted for Sanders instead of Trump if he had been on the ballot instead of Hillary.
Anyway it's been a very interesting read so far. If you think only illiterate, in-bred, mouth-breathing red-necks voted for Trump it's probably not going to change your mind, but you should still read it.
Thursday, June 14, 2018
What I am reading 6/14/2018
Cyberscoop - Forcepoint CEO: Stop focusing on tech and start focusing on people -
Oracle - Internet Intelligence Map - Tracks major internet outages, if that's your thing
Gizmodo - Researchers Reach Obvious Conclusion That Bitcoin's Price Was Artificially Inflated -
Forcepoint CEO Matt Moynahan says the cybersecurity industry’s focus is flawed.I don't disagree with the need to focus more on behaviors but you can't just ignore the technical side either. (Or maybe you can, what do I know, I am just a cog in the corporate machine. No one asks my opinion).
According to Moynahan, way too much time and effort has been spent on securing technology stacks. If the security paradigm is to change, there must be more effort placed on modifying people’s behavior when they use technology.
Oracle - Internet Intelligence Map - Tracks major internet outages, if that's your thing
Gizmodo - Researchers Reach Obvious Conclusion That Bitcoin's Price Was Artificially Inflated -
Specifically Amin Shams and Professor John Griffin’s 66-page paper looks at the relationship between Bitcoin and Tether, a “stablecoin” supposedly backed by and pegged to the US dollar. The paper, as summarized in the New York Times, “identified several distinct patterns that suggest that someone or some people at [Bitfinex] successfully worked to push up prices when they sagged at other exchanges,” using Tether as the mechanism to inflate those prices.Wow, what a surprise!
Tuesday, June 12, 2018
Just Registered for EnergySec 2018
Some interesting talks - one I am particularly interested in:
Demystifying ICS Cyber Risk
Michael Radigan | OT Strategy | Leidos Cyber, Inc.
plus it's in Anaheim so if I get too bored - beaches baby!
Demystifying ICS Cyber Risk
Michael Radigan | OT Strategy | Leidos Cyber, Inc.
plus it's in Anaheim so if I get too bored - beaches baby!
What I am reading 6/12/2018
Belmont Club - The Rocket Man and the Dotard -
Seattle PI - Connelly: City Hall tosses in the towel on Seattle's employee head tax -
Ars Technica - For almost 11 years, hackers could easily bypass 3rd-party macOS signature checks -
For some, 2018 has been a year of disappointing clarity. Speaking from his hotel suite by Lake Zurich, billionaire patron of liberal causes George Soros lamented the fate of the globalized world. "Everything that could go wrong has gone wrong," he said:
...
What went horribly wrong for Soros in 2018 was the future he believed in and poured his fortune into creating disappeared. The real future, to the anxious anticipation of Angela Merkel and many ordinary citizens, is about to make its appearance. What will it be?The article is an examination of globalization and the effect it has had on the world order. In general I am a free trader, but I am willing to consider the idea that I may have been wrong so I enjoy articles like this.
Seattle PI - Connelly: City Hall tosses in the towel on Seattle's employee head tax -
The Seattle City Council will meet at noon on Tuesday, and will likely vote to repeal the $275-per-full time worker "head tax" on large employers that it voted for unanimously just last month.It had to be done. Seattle is in no position to bite the Amazon hand that feeds them. Amazon is already searching for a location for a second headquarters. Further shifting of growth would greatly impact the city.
Ars Technica - For almost 11 years, hackers could easily bypass 3rd-party macOS signature checks -
For almost 11 years, hackers have had an easy way to get macOS malware past the scrutiny of a host of third-party security tools by tricking them into believing the malicious wares were signed by Apple, researchers said Tuesday.Alpha Street - Netflix suffers first massive global outage -
Digital signatures are a core security function for all modern operating systems. The cryptographically generated signatures make it possible for users to know with complete certainty that an app was digitally signed with the private key of a trusted party. But, according to the researchers, the mechanism many macOS security tools have used since 2007 to check digital signatures has been trivial to bypass. As a result, it has been possible for anyone to pass off malicious code as an app that was signed with the key Apple uses to sign its apps
Netflix acknowledged the outage on its Twitter channel that they are aware of the issue. The issue was sorted out by 7PM ET, when the company tweeted, “The streaming issues we reported earlier have now been resolved. Thank you for your patience, and as always, happy streaming!”
Monday, June 11, 2018
Two political stories
Two stories - First from the Washington Post "Why Can't We Hate All Men?" (Hint: she isn't asking permission, she already does) https://www.washingtonpost.com/opinions/why-cant-we-hate-men/2018/06/08/f1a3a8e0-6451-11e8-a69c-b944de66d9e7_story.html?noredirect=on&utm_term=.8b487fbf2999
Second from Twitter, via Ace of Spades HQ (a site I don't really frequent much anymore since he went full Trump) "Who is Jordan Peterson?" https://twitter.com/davereaboi/status/1005296433023549440
I’ve been a fan of @jordanbpeterson, and have spent a considerable amount of time watching his lectures and trying to get a handle on the JBP phenomenon—because it’s absolutely one. I saw him tonight in DC at the Warner Theater. Some thoughts: (1)
First, the big thing: smart friends who care about politics and ideas have asked me, “who is this guy?”
The best way I can respond is, “he’s a guy whose 2 hour lectures about Jung and Dostoevsky and living a good life get 800k views on YouTube.”
They’re alway stunned. (2)
What’s clear from anyone who’s ever heard JBP speak is, he says nothing someone transported from back in time as recently as 2005 would find shocking. Yes, it’s deliberately archetypal (the Jung influence), but you really don’t have to go that far back. (3)
Something happened in our culture fairly recently, though. It’s been building for decades (or longer), but it broke through pretty recently. IMO, the Kaitlyn Jenner thing will come to be seen as a colossally important event in our culture. A media class made that happen--(4)
The enormity of that change happened so quickly and, from the standpoint of the media, the New Truth was enforced on the American public with a vengeance. You really had no choice to opt out; the Social Justice Train would knock you out of polite society if you’d object. (5)
The people who made that happen in the culture felt powerful. They also felt they had the wind at their backs and the obligation to keep pushing, keep pushing--and to shame and ostracize any dissenters. Normal people started feeling like things had changed & they were right. (6)
Little by little, people started waking up. First little bits of dissent, always whispered or in hushed tones. They began to realize the divide and the hostility that greets you if you oppose the SJW orthodoxy. (7)
I don’t think it’' at all an accident that @jordanbpeterson became famous talking about his resistance to a law that would *criminalize* the use of ("wrong") pronouns. People are pretty easy-going, but it didn’t take a genius--or a conservative!--to see where this leads. (8)
Another thing the Trans issue gave us: It's becoming clear to millions of people in the West that we have (at least) two common cultures now, with contradictory understandings of the most basic human things. Even biological things. (9)
Another way to put this: we now have two divergent understandings of what it means to be human and to have fruitful and successful life.
The Progressive vision we often call, derisively, SJW. But it's as much a real culture--with all the trappings and signifiers--as any. (10)
The other vision doesn't have a name, but it's very close to our prior civilizational understanding. Classical liberalism? Enlightenment? Conservatism? It could be any of these things or a collection of some of them. But they're all more similar to each other than to SJW. (11)
Interestingly, the SJW Culture is transmitted and propagandize literally everywhere--yet few live according to its logic (outside universities).
The values of the Prior Culture is transmitted almost nowhere--but millions live or try to live according to its basic concepts. (12)
Enter @jordanbpeterson. All he's doing is very articulately making the case for the common culture. He's very bright and non-threatening. He's telling you, basically, how humans from a variety of civilizations have known how to live a good life. (13)
So why the fuss? Why the constant sniping hit-jobs from a media that nearly completely overtaken by evangelists for the SJW wing? Well, I think that question answers itself. (14)
I do think JBP is being sly in a Straussian way when he says that his lectures are "non-political.' It may be true in a literal sense, but the smarter SJW crowd understands very well that the popularity of a well-articulated Prior Culture will simply shred any SJW gains. (15)
Once a non-SJW-indoctrinated "normal" listens to JBP, the absurdity of the SJW nonsense is so apparent, it's like finally turning on the subtitles to a film in a language you don’t understand. "Oh, this movie is actually a comedy?!" (16)
What @jordanbpeterson presents in his lectures is deep, yet so basic, it's indicative of how we need to start, essentially, from scratch in putting back together the best of this Prior Culture because--other than JBP--we've got nobody else with a platform who's doing it. (17)
I have generally been staying away from the political stories (and I don't really consider stories about taxes and such political, I am talking about the driving philosophies) because a) I'm not convincing anyone of anything, b) all it does is piss off my friends. (it used to be that I felt like we were all mature enough that we could hold our own opinions and still remain friends. Anymore that isn't true. I admit to some heated moments in the past but 99% of the time it passed and life went on. More and more I feel that slipping away, so I am just avoiding the conversations.) That said, I felt like these two had something unique to say so I am posting them.
Second from Twitter, via Ace of Spades HQ (a site I don't really frequent much anymore since he went full Trump) "Who is Jordan Peterson?" https://twitter.com/davereaboi/status/1005296433023549440
I’ve been a fan of @jordanbpeterson, and have spent a considerable amount of time watching his lectures and trying to get a handle on the JBP phenomenon—because it’s absolutely one. I saw him tonight in DC at the Warner Theater. Some thoughts: (1)
First, the big thing: smart friends who care about politics and ideas have asked me, “who is this guy?”
The best way I can respond is, “he’s a guy whose 2 hour lectures about Jung and Dostoevsky and living a good life get 800k views on YouTube.”
They’re alway stunned. (2)
What’s clear from anyone who’s ever heard JBP speak is, he says nothing someone transported from back in time as recently as 2005 would find shocking. Yes, it’s deliberately archetypal (the Jung influence), but you really don’t have to go that far back. (3)
Something happened in our culture fairly recently, though. It’s been building for decades (or longer), but it broke through pretty recently. IMO, the Kaitlyn Jenner thing will come to be seen as a colossally important event in our culture. A media class made that happen--(4)
The enormity of that change happened so quickly and, from the standpoint of the media, the New Truth was enforced on the American public with a vengeance. You really had no choice to opt out; the Social Justice Train would knock you out of polite society if you’d object. (5)
The people who made that happen in the culture felt powerful. They also felt they had the wind at their backs and the obligation to keep pushing, keep pushing--and to shame and ostracize any dissenters. Normal people started feeling like things had changed & they were right. (6)
Little by little, people started waking up. First little bits of dissent, always whispered or in hushed tones. They began to realize the divide and the hostility that greets you if you oppose the SJW orthodoxy. (7)
I don’t think it’' at all an accident that @jordanbpeterson became famous talking about his resistance to a law that would *criminalize* the use of ("wrong") pronouns. People are pretty easy-going, but it didn’t take a genius--or a conservative!--to see where this leads. (8)
Another thing the Trans issue gave us: It's becoming clear to millions of people in the West that we have (at least) two common cultures now, with contradictory understandings of the most basic human things. Even biological things. (9)
Another way to put this: we now have two divergent understandings of what it means to be human and to have fruitful and successful life.
The Progressive vision we often call, derisively, SJW. But it's as much a real culture--with all the trappings and signifiers--as any. (10)
The other vision doesn't have a name, but it's very close to our prior civilizational understanding. Classical liberalism? Enlightenment? Conservatism? It could be any of these things or a collection of some of them. But they're all more similar to each other than to SJW. (11)
Interestingly, the SJW Culture is transmitted and propagandize literally everywhere--yet few live according to its logic (outside universities).
The values of the Prior Culture is transmitted almost nowhere--but millions live or try to live according to its basic concepts. (12)
Enter @jordanbpeterson. All he's doing is very articulately making the case for the common culture. He's very bright and non-threatening. He's telling you, basically, how humans from a variety of civilizations have known how to live a good life. (13)
So why the fuss? Why the constant sniping hit-jobs from a media that nearly completely overtaken by evangelists for the SJW wing? Well, I think that question answers itself. (14)
I do think JBP is being sly in a Straussian way when he says that his lectures are "non-political.' It may be true in a literal sense, but the smarter SJW crowd understands very well that the popularity of a well-articulated Prior Culture will simply shred any SJW gains. (15)
Once a non-SJW-indoctrinated "normal" listens to JBP, the absurdity of the SJW nonsense is so apparent, it's like finally turning on the subtitles to a film in a language you don’t understand. "Oh, this movie is actually a comedy?!" (16)
What @jordanbpeterson presents in his lectures is deep, yet so basic, it's indicative of how we need to start, essentially, from scratch in putting back together the best of this Prior Culture because--other than JBP--we've got nobody else with a platform who's doing it. (17)
I have generally been staying away from the political stories (and I don't really consider stories about taxes and such political, I am talking about the driving philosophies) because a) I'm not convincing anyone of anything, b) all it does is piss off my friends. (it used to be that I felt like we were all mature enough that we could hold our own opinions and still remain friends. Anymore that isn't true. I admit to some heated moments in the past but 99% of the time it passed and life went on. More and more I feel that slipping away, so I am just avoiding the conversations.) That said, I felt like these two had something unique to say so I am posting them.
Sunday, June 10, 2018
Saturday, June 09, 2018
Working on a very basic linux guide
I have been taking some SANS course lately and they build a number of tools, like the SIFT Forensics Toolkit, and REMnux, that are based on Linux. I also have to use Kali, Metasploit and Security Onion, for work. Finally, I am trying to compete in NetWars, also Linux intensive. My Linux knowledge is kind of intermediate, I can do most tasks, but it's not natural to me like Windows. so I am trying to put together a guide based on users of my approximate skill level that deals with common tasks I encounter. SANS does a 1 hour Intro to Linux at some of their conferences / events, but that isn't quite enough, and spending hours pouring thru books and videos to accomplish tasks in netwars or for class is not in the cards, so I am writing my little guide. It will be really basic stuff but a little more in-depth in some areas than the SANS Intro and maybe a little more broad ranging. Since most of the SANS Tools are based on Ubuntu I will probably concentrate there.
Thursday, June 07, 2018
What I'm reading 6/7/2018
Art of Manliness - 21 Western Novels Every Man Should Read -
I love Western novels. I have read most of the ones on this list and a huge number of Louis Lamour, Will Johstone, and Zane Grey novels beside. In my opinion they are highly underrated, the stories are usually at least as good as most fantasy / science fiction novels, but, more than that, they tell a story about America. About who we are and want to be. One of the reasons that I love America is our vision of ourselves. I know we don't always live up to it, but most actually try. That vision of ourselves is incorporated in most westerns. Another place that it pops up is in Heinlein's works as the Competent Man, although I disagree with the wikipedia assertion that the competent man can do things perfectly. As I see it it's that they can do a myriad of things competently and can use those skills to develop other skills.
Business Insider - Google is staring down the barrel of another massive fine and a crackdown that could rip the company apart -
As Western writer Jack Schaefer notes above, the cowboy embodied strains of the ancient chivalric code, but he wasn’t the aristocratic knight-in-shining-armor of England or even the pious, settled farmer of early America; rather, he was a kind of everyman hero: a regular man who yet was more autonomous, independent, and free than an ordinary fellow. Riding atop his trusty steed, he knew both how to protect others and how to survive himself, and evinced a taciturn, brass tacks, self-made nobility.
I love Western novels. I have read most of the ones on this list and a huge number of Louis Lamour, Will Johstone, and Zane Grey novels beside. In my opinion they are highly underrated, the stories are usually at least as good as most fantasy / science fiction novels, but, more than that, they tell a story about America. About who we are and want to be. One of the reasons that I love America is our vision of ourselves. I know we don't always live up to it, but most actually try. That vision of ourselves is incorporated in most westerns. Another place that it pops up is in Heinlein's works as the Competent Man, although I disagree with the wikipedia assertion that the competent man can do things perfectly. As I see it it's that they can do a myriad of things competently and can use those skills to develop other skills.
Business Insider - Google is staring down the barrel of another massive fine and a crackdown that could rip the company apart -
There is a growing awareness of the ways in which big technology companies have grown horizontally and spread into multiple areas, redefining traditional thinking about what constitutes a monopoly. Should the EU win this fight, it may eventually result in Google having to unbundle Android from search.Ars Technica - Machines that suck CO₂ from the air might be cheaper than we thought -
Reforestation is an obvious option, but its potential impact is probably smaller than you think. Other biological schemes could include growing biofuels to burn in power plants that capture emissions and store them underground. Recently, we’ve also seen a couple of working pilot projects that look like a power plant run in reverse—they suck in air and harvest concentrated CO2, ready for storage.I have long maintained that if Carbon Dioxide is truly an existential issue we would engineer a way to deal with it.
Tuesday, June 05, 2018
What I'm reading 6/5/2018
Ars Technica - Researchers predict economic downturn if fossil fuel investment goes unchecked -
An economic downturn on the level of the 2008 recession is coming if we keep investing in fossil fuels, researchers say. If fossil fuel-producing countries like the US, Canada, and Russia don't guide their economies away from oil, gas, and coal, then low-carbon technology could render at least some of those investments worthless. According to a paper in Nature Climate Change, approximately $1 trillion to $4 trillion could be lost from the global economy, even taking into account the fact that the Trump administration has hit the brakes on a lot of climate change policy in the US.Information Security Buzz -One Third Of Business Decision Makers Would Pay Hacker’s Ransom Demands Rather Than Invest In More Security, NTT Security Risk:Value Report Reveals -
One third of global business decision makers report that their organisation would try to cut costs by considering paying a ransom demand from a hacker rather than invest in information security. In the UK, this figure drops to a fifth (21 per cent) of respondents. The findings from the 2018 Risk:Value Report, commissioned by NTT Security, the specialised security company of NTT Group, show that another 30 per cent in the UK are not sure if they would pay or not, suggesting that only around half are prepared to invest in security to proactively protect the business.
Monday, June 04, 2018
Riot Season Begins in Portland - What I am reading 6/4/2018
Fox News - Portland rallies turn violent as Antifa members clash with Patriot Prayer rally, four arrested
Not much to say, I've lived here 6 years now and this seems to be an annual occurrence.
MSNBC - California's GOP is collapsing. Is that a sign for Republicans nationwide? -
They have been saying this since Pete Wilson was Governor. The answer is no, it's a sign that California is collapsing.
Fox News - Aliens are real, but humans will probably kill them all, new paper says -
I'll just refer you here
Gizmodo - Microsoft Reportedly Set to Acquire GitHub, Deal Could Happen Monday -
Economist - American tech giants are making life tough for startups -
The Register - 'Tesco probably knows more about me than GCHQ': Infosec boffins on surveillance capitalism -
Not much to say, I've lived here 6 years now and this seems to be an annual occurrence.
MSNBC - California's GOP is collapsing. Is that a sign for Republicans nationwide? -
They have been saying this since Pete Wilson was Governor. The answer is no, it's a sign that California is collapsing.
Fox News - Aliens are real, but humans will probably kill them all, new paper says -
I'll just refer you here
Gizmodo - Microsoft Reportedly Set to Acquire GitHub, Deal Could Happen Monday -
Despite Microsoft’s recent decision to open its arms to open source, there are plenty of skeptics, especially within the GitHub community. The response on the GitHub subreddit is overwhelmingly negative, with many commenting that they plan to jump ship to GitLab, an alternative code repository service.Man, I can just hear the developer heads popping.
Economist - American tech giants are making life tough for startups -
Anything having to do with the consumer internet is perceived as dangerous, because of the dominance of Amazon, Facebook and Google (owned by Alphabet). Venture capitalists are wary of backing startups in online search, social media, mobile and e-commerce. It has become harder for startups to secure a first financing round. According to Pitchbook, a research company, in 2017 the number of these rounds were down by around 22% from 2012.I keep saying it's notthe Comcast's we have to worry about strangling startups and innovation it's the other Silicon Valley companies but people keep huffing about Net Neutrality.
The Register - 'Tesco probably knows more about me than GCHQ': Infosec boffins on surveillance capitalism -
The systematic data collection by intel agencies has been facilitated by the business models of companies like Facebook and Google. The internet habits of hundreds of millions are collected by these firms in the interests of targeting ads and this data also provides a high source of intelligence for governments as well as presenting a privacy risk in its own right.
"Tesco probably knows more about me than GCHQ," as one delegate put it.
There was little appetite among speakers, who took a generally libertarian view, for tighter regulation against the likes of Facebook, much less dismemberment of the privacy-chaffing social network.
Sunday, June 03, 2018
I want to get this blog active again
I say this all the time I know, but I really do. Suggestions welcome.
Subscribe to:
Comments (Atom)