Random musings on whatever subject strikes my fancy, published every other day.

Category: InfoSec and IT Page 1 of 29

Single Point of Failure

By now you have seen this image all over.

Check out the coverage of this story in The Hacker News. It’s better than most, but still doesn’t get it quite right… in my opinion.

Here’s the thing: Not Obama nor Gates nor Bezos nor any of these prominent figures “got hacked.” What they did was, they trusted their identity and part of their public face to a single entity: Twitter. Twitter is the only one in this story that “got hacked.” The Hacker News article details why they did, but it’s the fact that it matters so much that I find so distressing.

To me, the problem is not that Twitter got hacked, the problem is what a gigantic vulnerability for everyone this points up. I can think of one particular moron who could literally start World War III via his Twitter account. In fact, he damn near did.

Is this what humanity needs as a single point of failure for… all of civilization? Twitter?

Always Ask Why

Feature this scene: I am on my LinkedIn page and I have private messages from two people within minutes of each other.

In window #1, a friend of several years– and a co-worker of several jobs– who’s just been laid off due to COVID-19. They’re a star performer but only began their current job about 10 months ago. And their company followed a strict Last-In-First-Out method for making cuts. (Abysmally stupid but that is a rant for another day.)

In window #2, a recruiter looking for someone just like my friend in window #1. “In NYC”. My friend in window #1 would blow the doors off this gig, and it would be amazing to hook them up with the gig in window #2. But they are on the Left Coast.

My BS alarm goes off right away. Why “in NYC?” Are they going to an office next Monday if they get the gig? Hell, no! So they will start as a remote worker, right? Why can’t they just BE a remote worker?

But that’s just the line I got from window #2: they can start remotely but “after the lock-down” they must be onsite. I tried to get window #2 to poke at this. If a client tells you it has to be onsite, ask WHY. Especially if they are willing to onboard remotely but then switch to the onsite requirement “after lock-down ends.”

First off, I promise you, they have NO IDEA when– or if– the lock-down will end. Second, what is it about the job’s requirements that allows working from home now but magically changes if the lock-down ends? If the job’s information security requirements aren’t compatible with WFH after lock-down, they aren’t compatible with it now, either.

Recruiters, you are missing out on a lot of good prospects. People are already in enough uncertainty, THEY can’t be sure if they will be able to move. Make your clients break their old useless mental habits.

The world is changing about this issue
right freakin’ now

Working from Home

Working from home today and for the duration of the COVID-19 pandemic in my area. For me, this is a comfortable thing – I have worked from home for a large part of the last several years. But many people don’t have much experience with it. It was a slow process of discovering what helped me pull it off smoothly. One of the less-obvious items I never would have predicted I would need: this A/B switch.

By hooking my two monitors and all my peripherals (including keyboard and mouse) through this gem, I have a quick and easy way to use my already-comfortable desk setup for my personal PC for my work PC, which can be humming away on the side of my desk, connected to all the “2” hookups.

I found that the disruption to my desktop arrangement was too great if I tried to shoehorn in even a laptop. And the comfort of a full-sized keyboard and two big monitors that I afford myself for my personal rig need not be sacrificed if I am on the work machine 9 hours a day.

Other arrangements like dining-room tables and so on seem to be to be guaranteed to be quite uncomfortable in the long run, not to mention generating considerable resentment among other household members.

Surveillance Society

The entire economy is moving from oil to data.

Click Click Click!

What data? Data about you. Data they can use to get you to buy crap.

Are you OK with this?

Really Happy About This

My new workplace, come March.

Page 1 of 29

Powered by WordPress & Theme by Anders Norén