Windows Cash Machine = Bad Idea
This is why I cringed a few years ago when I first heard our new ATM machines would be windows XP based.
There was some cheap ATM machine touch screen thing at Cinema 9, but it was blank cept for a gray line at the bottom. Touch. Taskbar. Start menu. Programs. Accessories. Paint.
The Shadow IT Department
Over the last few years I've found I'm becoming more and more sensitive of the ever-widening gap between what we as IT/Security people do to protect the user from themselves, and giving the end user the freedom and support to use the best tools available to get real work done. There are a lot of great apps and other tech out there that corporations tend to quickly dismiss as "non-approved", unneeded and/or frivolous toys. So I was pleasantly surprised when I noticed this excellent article over at the CIO Magazine website about corporate users ever-increasing knowledge and use of consumer technology to get things done, regardless of corporate IT Policy.
These are your employees, and their message couldn’t be clearer: Technology, at least in their eyes, has made them significantly more productive. But CIOs shouldn’t be patting themselves on the back just yet. For this productivity boost the study credits the Internet, not enterprise IT, not the technology you provide, not, in short, you. And while Pew’s finding undoubtedly includes people who use the Internet to access your corporate applications, Lee Rainie, the Pew project director, says the research is not pointing to what a good job CIOs have been doing.
The author has some great tips on how to harness that "Shadow IT" and use it to advance your goals instead of rallying against it. I would love to hear how other IT/security folks deal with this. I always try to balance security needs along with giving the users the tools needed to help them get work done. After all, that is why we are there in the first place. =)
Professor questioned on Tor Usage
A member of the campuses' IT security team and 2 campus police officers showed up on a Bowling Green State University Professor's doorstep after discovering he was using TOR.
I recognized the speaker as a network-security technician in my university's office of information-technology services. The other men were not familiar, but a quick glance at their cards told me they were detectives on our campus police force. They closed my office door behind them, sat down, took out notepads and pens, and asked if I had a few minutes to speak with them about Tor.
Catching Cacti: Network Admin Guide
I stumbled across this great beginner's admin manual on the care and feeding of Cacti, a wonderful RRD-based graphing tool. While Cacti is relatively easy to setup, this little guide would have made the path a little smoother back when I first discovered this gem of an app.
See it here.
Diggin’ a hole…
Ever feel like digging a hole and crawling in? What if you didn't stop, where would you end up? Find out! In one of the more creative uses of Google Maps I've seen lately, you just choose your location and see where you would end up if you were really productive with your digging efforts.
SANS Top 20 Vulnerabilities 2006 update
This marks the 7th year of the SANS top 20 vulnerabilities list, and it is interesting to see the progression through the years. The usual batch of hotfixes and patches abound, but there are a lot of more general technology vulnerabilities discussed such as Phishing, etc.
Check out the list at the SANS website.
How to setup WPA authentication in Ubuntu
DebianAdmin.com has an excellent short How-To article on setting up WPA authentication in Ubuntu. It's a must read as EVERYONE should be using WPA at a minimum, and until recently it's been a real pain in the backside to setup easily on Ubuntu. Jump over and take a look!
Oh yeah, I have a blog?!
Wow, talk about neglect. Yet another blog site started and then abandoned for long periods of time. It's been a busy summer and fall for me and my family as I'm in a new job and geographical location. However, the neglect will be stopping as of now.
I'll be using this blog as a personal dumping ground for my random thoughts and observations moving forward and hope to add something of interest to the blogosphere. Of course, it will probably just be interesting to me and the assorted crazy and comment spambot... 
It’s only a model….
Over 100,000 parts were used in this model, many of them fabricated under a microscope to ensure accuracy.
Complete accuracy is followed right down to the rivets and screws whose diameter and separation are kept to scale.
Introduction to Kismet
A nice introduction to Kismet. Kismet can sniff for available wireless networks, troubleshoot wireless networks, optimize signal strength for access points and clients, and detect network intrusions.
Pages
Categories
Blogroll
- Church of WiFi
- Killer List of Video Games
- Network Security Blog
- Offensive-Security.com
- PaulDotCom
- Schneier on Security
- Security Catalyst