Meta

The Quiet Earth

Tuesday, December 23. 2008

Never attribute to malice... Posted by Axel Eble in Meta at 10:56

Comments (0)
Trackbacks (0)

Never attribute to malice...

... that which can be adequately explained by stupidity.

Hanlon's Razor

Konkret: der Fall der verlorenen Kreditkartendaten der Berliner Landesbank wurde durch zwei Kurierfahrer verursacht, die Christstollen haben wollten und daher einfach zwei Pakete austauschten...
Bookmark Never attribute to malice... at del.icio.us Digg Never attribute to malice... Mixx Never attribute to malice... Bloglines Never attribute to malice... Technorati Never attribute to malice... Fark this: Never attribute to malice... Bookmark Never attribute to malice... at YahooMyWeb Bookmark Never attribute to malice... at Furl.net Bookmark Never attribute to malice... at reddit.com Bookmark Never attribute to malice... at blinklist.com Bookmark Never attribute to malice... at Spurl.net Bookmark Never attribute to malice... at NewsVine Bookmark Never attribute to malice... at Simpy.com Bookmark Never attribute to malice... at blogmarks Bookmark Never attribute to malice... with wists Bookmark Never attribute to malice... at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Sunday, December 23. 2007

Bücher in liebevolle Hände abzugeben Posted by Axel Eble in Meta at 17:23

Comments (0)
Trackbacks (0)

Bücher in liebevolle Hände abzugeben

Hinweis in eigener Sache: Im Zusammenhang mit unserem kurz bevorstehenden Umzug habe ich eine Latte Bücher abzugeben, die ich nicht mehr umziehen werde. Die gesamte Liste liegt unter Bücherliste. Bei Interesse bitte eine Email oder Nachricht im IRC. Ansonsten fliegen die Bücher ins Altpapier. Und ja, da blutet mein Herz.
Bookmark Bücher in liebevolle Hände abzugeben at del.icio.us Digg Bücher in liebevolle Hände abzugeben Mixx Bücher in liebevolle Hände abzugeben Bloglines Bücher in liebevolle Hände abzugeben Technorati Bücher in liebevolle Hände abzugeben Fark this: Bücher in liebevolle Hände abzugeben Bookmark Bücher in liebevolle Hände abzugeben at YahooMyWeb Bookmark Bücher in liebevolle Hände abzugeben at Furl.net Bookmark Bücher in liebevolle Hände abzugeben at reddit.com Bookmark Bücher in liebevolle Hände abzugeben at blinklist.com Bookmark Bücher in liebevolle Hände abzugeben at Spurl.net Bookmark Bücher in liebevolle Hände abzugeben at NewsVine Bookmark Bücher in liebevolle Hände abzugeben at Simpy.com Bookmark Bücher in liebevolle Hände abzugeben at blogmarks Bookmark Bücher in liebevolle Hände abzugeben with wists Bookmark Bücher in liebevolle Hände abzugeben at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Tuesday, February 20. 2007

Crisis Management Posted by Axel Eble in Meta at 08:14

Comments (0)
Trackbacks (0)
Defined tags for this entry: , , , , , , ,

Crisis Management

So flickr had a hiccup yesterday. Well, truth be told, it was a major problem on their side: the image caches ran amok and delivered the wrong pics - not a few of them a bit on the more adult oriented side (as a sidenote, this proves what we all knew anyway: The Internet Is All About Porn). To the emotional outcry from lotsa lotsa users came the fact that the problem was not resolved by restarting the flaky cache server(s) but instead resurfaced once again. So finally, after quite a few hours of downtime (and I bet beet red engineers working overtime to find the bug and fix it) the system is back up.

So that's the exposition, which just about gives you an idea of the dimension of this thingy. It didn't? Well, then let me summarize: It Was BIG. However, flickr not only took down their site but pointed to their blog - in which Eric Costello did keep the users informed (if only tersely, but this is better than just a few lame marketing lines stating that all is beautiful and the system is just being enhanced yaddayaddayadda). When it was apparent that flickr would solve the problem he sat down and wrote a decent explanation of the problem - in a way to satisfy both non-technical users and the somewhat tech-savvy ones. He explains the issue without emotional overtures nor does he play it down:
To be clear, we regard this as a serious problem, but it is something that goes away as soon as we restart the malfunctioning servers (tonight we found that the servers were going insane again shortly after restarting, but we have isolated the problem and believe we have a permanent fix).

And finally, he concludes with:
We shamefacedly apologize for the inconvenience and the scare. We understand that it probably seems very, very strange and we know that many people got the impression that their photos were lost forever. But they should all be back now, safe and sound. And everyone who works on Flickr's engineering and technical operations teams are working double time to ensure that it never happens again. Thanks for your understanding and patience!


Folks, this is one of the best pieces of crisis management I have ever seen! It states the problem; it states the solution; it takes the blame where necessary and it gives a promise to the future. Now, if we could set this as mandatory teaching for all companies worldwide I would feel so much better.
Bookmark Crisis Management at del.icio.us Digg Crisis Management Mixx Crisis Management Bloglines Crisis Management Technorati Crisis Management Fark this: Crisis Management Bookmark Crisis Management at YahooMyWeb Bookmark Crisis Management at Furl.net Bookmark Crisis Management at reddit.com Bookmark Crisis Management at blinklist.com Bookmark Crisis Management at Spurl.net Bookmark Crisis Management at NewsVine Bookmark Crisis Management at Simpy.com Bookmark Crisis Management at blogmarks Bookmark Crisis Management with wists Bookmark Crisis Management at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Wednesday, December 6. 2006

Der mediale Internet-Experte und die ... Posted by Axel Eble in Meta at 16:44

Comments (0)
Trackbacks (0)
Geotagged: 47.71906, 10.33556
Defined tags for this entry: , , , , , ,

Der mediale Internet-Experte und die Berichterstattung

Heute erschien auf der Webseite von tagesschau.de ein Artikel namens "Wieviel Kontrolle braucht das Internet?"
In diesem Artikel zitiert der Autor Herr Zirpins einen Hamburger "Internet-Experten" namens Bert Weingart, der für mehr Filter und bessere Kontrolle des Netzes eintritt. Diese Meinung kann man vertreten, so man sie denn entsprechend verargumentiert. Der Artikel beschränkt sich jedoch weitgehend darauf, die Meinung Herrn Weingartens wiederzugeben. Ganz am Schluß des Artikels schließlich gesteht Weingarten die Problematik seiner Vorschläge ein:
"Die derzeitige Anarchie im Internet ist in Ordnung für Menschen, die eine Medienerziehung genossen haben und damit umgehen können. Wir müssen aber medienunerfahrene Personen schützen", sagt er, und gesteht ein Problem ein: "Internet-Filterung kann durch entsprechende Administration zur Zensur werden."

Aber genau das schlägt er ja letztlich vor.

Interessant hingegen die Meinung des Waffenexperten der Gewerkschaft der Polizei, Wolfgang Dicke:
"Wenn der Waffenkauf so einfach wäre, warum war Sebastian B. dann - zum Glück - so hundsmiserabel bewaffnet?"

Interessant, daß diese Meinung gerade von der GdP kommt, die ja sonst eher durch markige Sprüche ihres Vorsitzenden Konrad Freiberg auffällt, der stets für mehr Überwachung und mehr Kontrolle in allen Lebensbereichen eintritt.

Zusammengefaßt empfinde ich den Artikel als sehr tendenziös, weil er den massiven geschäftlichen Interessen des Bert Weingarten nach dem Mund redet. Hätte man mit Kristian Köhntopp gesprochen, der wohl genausogut als "Internet-Experte" klassifiziert werden kann (oder mit Andrea Wardzichowski vom DFN-Verein oder mit einem anderen alten Hasen), so hätte Herr Zirpins mit Sicherheit einen anderslautenden Artikel geschrieben - wohlgemerkt: mit Argumenten hinterlegt statt mit Panikmache (und: handfestem Geschäftsinteresse).

Aber das paßt natürlich gut zu der aktuellen Stern-Umfrage, daß ca. 59% der Bevölkerung a) einem Verbot von Egoshootern (gemeinhin "Killerspiele" genannt) und b) stärkerer Kontrolle und damit der Einschränkung bzw. dem Verlust von Bürgerrechten zustimmt. Ganze 72% sind danach der Meinung, daß Egoshooter zu dem Amoklauf von Emsdetten beigetragen haben - was auch immer das heißen mag.
Im ZDF-Politbarometer hingegen sind sogar 72% der Befragten für ein Verbot von "Killerspielen" (Frage 9 von 11); allerdings sind nur 16% der Meinung, daß durch ein solches Verbot die Zahl gewaltbereiter Jugendlicher stark zurückginge, 49% weniger stark und immerhin 32% sind der Meinung, daß ein Verbot keinen Unterschied bewirkte. Diese Umfragewerte halte ich für bedenklich, zeigen sie doch, daß für komplexe Zusammenhänge nur einfache Lösungsansätze gefragt zu sein scheinen.

Zum Abschluß zitiere ich nochmals Herrn Weingarten:
"Die derzeitige Anarchie im Internet ist in Ordnung für Menschen, die eine Medienerziehung genossen haben und damit umgehen können. Wir müssen aber medienunerfahrene Personen schützen"

Ich stimmt dieser Aussage zu - allerdings sehe ich das Heil hier nicht in technischen Lösungen: wir sehen derzeit an vielen Beispielen der USA, daß Technologie nur begrenzt helfen kann. Die eigentliche Herausforderung liegt in der Medienerziehung, insbesondere der heranwachsenden Generationen. Viele Eltern, Erzieher und Lehrer sind damit schlichtweg überfordert, weil sie selbst keine entsprechende Medienkompetenz besitzen.
Bookmark Der mediale Internet-Experte und die Berichterstattung at del.icio.us Digg Der mediale Internet-Experte und die Berichterstattung Mixx Der mediale Internet-Experte und die Berichterstattung Bloglines Der mediale Internet-Experte und die Berichterstattung Technorati Der mediale Internet-Experte und die Berichterstattung Fark this: Der mediale Internet-Experte und die Berichterstattung Bookmark Der mediale Internet-Experte und die Berichterstattung at YahooMyWeb Bookmark Der mediale Internet-Experte und die Berichterstattung at Furl.net Bookmark Der mediale Internet-Experte und die Berichterstattung at reddit.com Bookmark Der mediale Internet-Experte und die Berichterstattung at blinklist.com Bookmark Der mediale Internet-Experte und die Berichterstattung at Spurl.net Bookmark Der mediale Internet-Experte und die Berichterstattung at NewsVine Bookmark Der mediale Internet-Experte und die Berichterstattung at Simpy.com Bookmark Der mediale Internet-Experte und die Berichterstattung at blogmarks Bookmark Der mediale Internet-Experte und die Berichterstattung with wists Bookmark Der mediale Internet-Experte und die Berichterstattung at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Tuesday, August 22. 2006

Language Log: Translating ... Posted by Axel Eble in Experiences, Meta, Off-Topic at 12:37

Comments (0)
Trackbacks (0)

Language Log: Translating leadership, creating verbiage

Language Log: Translating leadership, creating verbiage
"Translating thought leadership...creating business results"

Wonderful, just wonderful! I've nothing to add to it, actually.
Bookmark Language Log: Translating leadership, creating verbiage at del.icio.us Digg Language Log: Translating leadership, creating verbiage Mixx Language Log: Translating leadership, creating verbiage Bloglines Language Log: Translating leadership, creating verbiage Technorati Language Log: Translating leadership, creating verbiage Fark this: Language Log: Translating leadership, creating verbiage Bookmark Language Log: Translating leadership, creating verbiage at YahooMyWeb Bookmark Language Log: Translating leadership, creating verbiage at Furl.net Bookmark Language Log: Translating leadership, creating verbiage at reddit.com Bookmark Language Log: Translating leadership, creating verbiage at blinklist.com Bookmark Language Log: Translating leadership, creating verbiage at Spurl.net Bookmark Language Log: Translating leadership, creating verbiage at NewsVine Bookmark Language Log: Translating leadership, creating verbiage at Simpy.com Bookmark Language Log: Translating leadership, creating verbiage at blogmarks Bookmark Language Log: Translating leadership, creating verbiage with wists Bookmark Language Log: Translating leadership, creating verbiage at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Monday, June 26. 2006

Germany: Greens Urge Goverment To ... Posted by Axel Eble in Meta at 12:12

Comments (0)
Trackbacks (0)

Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches

The German Party Bündnis 90/Die Grünen filed an application to the legislative body (the Bundestag) to enact a law along California State Act 1836 to require companies to disclose breaches of information.
The representatives are concerned about what they call "identity theft" - however, what they mean by it is the growing number of credit card information abuse. In Germany and, with the exception of the United Kingdom, in Europe in general there is nothing that resembles what in the US is known as "identity theft". Credit card (data) abuse over here has practically no risk for the client as the credit card companies refund you for money lost. And there is no such thing as your credit rating going bonkers because you can identify yourself with an official government-issued identity document (either your identity card or your passport).

How do you in the US prove you are who you claim to be? How do you get yourself off the no-fly list? Exactly: you can't - at least not without severe hassle. So, in my eyes, the application by the Greens is a smoke screen, aimed at gaining votes. The proposed law will not be effective in reducing credit card data abuse.
Bookmark Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches at del.icio.us Digg Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches Mixx Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches Bloglines Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches Technorati Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches Fark this: Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches Bookmark Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches at YahooMyWeb Bookmark Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches at Furl.net Bookmark Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches at reddit.com Bookmark Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches at blinklist.com Bookmark Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches at Spurl.net Bookmark Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches at NewsVine Bookmark Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches at Simpy.com Bookmark Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches at blogmarks Bookmark Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches with wists Bookmark Germany: Greens Urge Goverment To Force Companies To Disclose Information Breaches at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Monday, June 12. 2006

WTF - Apple's OS X is NOT As Secure ... Posted by Axel Eble in General, Meta at 14:18

Comments (0)
Trackbacks (0)

WTF - Apple's OS X is NOT As Secure As a Fortress?!

Oh holy Guacamole! OS X has lots of heap and buffer overflows! Quick, buy Vista and all will be well again! Oh, right. Vista isn't out yet. You've just switched to Apple because of all the exploits and dangers of running XP or some *gasp* older version of Windows. And now you're still insecure?!

Why, yes, of course. There is no such thing as a free lunch 100% security. Every reasonably complex piece or suite of software will. be. buggy - to some extent at least. Granted, there's lots of talk out there about how secure OS X is - and, actually, it still is. It's just not invincible, as it's cracked up to be. But, when Apple says it's products are the best, why would you believe them when you don't believe Microsoft? All vendors are alike in that regard.

And let's not forget that OS X is a revamped version of NeXTSTEP, the OS of the famous NeXT computer. That one was said to be riddled with local exploits, so don't expect OS X to be much better. As OS X is gaining market share, it will become more and more the target of choice for malware programmers.

What is different, though, is the use of administrative accounts (like on Windows where accounts by default are administrator accounts). On OS X, the only administrator account, root, is disabled, and to run administrative tasks one has to enter the password (this is a better-working equivalent to the runas command in Windows).

Moral of this? If someone tells you they are offering perfect security, chances are they are lying and only want your money. Be careful, always - it's a dangerous world out there.
Bookmark WTF - Apple's OS X is NOT As Secure As a Fortress?! at del.icio.us Digg WTF - Apple's OS X is NOT As Secure As a Fortress?! Mixx WTF - Apple's OS X is NOT As Secure As a Fortress?! Bloglines WTF - Apple's OS X is NOT As Secure As a Fortress?! Technorati WTF - Apple's OS X is NOT As Secure As a Fortress?! Fark this: WTF - Apple's OS X is NOT As Secure As a Fortress?! Bookmark WTF - Apple's OS X is NOT As Secure As a Fortress?! at YahooMyWeb Bookmark WTF - Apple's OS X is NOT As Secure As a Fortress?! at Furl.net Bookmark WTF - Apple's OS X is NOT As Secure As a Fortress?! at reddit.com Bookmark WTF - Apple's OS X is NOT As Secure As a Fortress?! at blinklist.com Bookmark WTF - Apple's OS X is NOT As Secure As a Fortress?! at Spurl.net Bookmark WTF - Apple's OS X is NOT As Secure As a Fortress?! at NewsVine Bookmark WTF - Apple's OS X is NOT As Secure As a Fortress?! at Simpy.com Bookmark WTF - Apple's OS X is NOT As Secure As a Fortress?! at blogmarks Bookmark WTF - Apple's OS X is NOT As Secure As a Fortress?! with wists Bookmark WTF - Apple's OS X is NOT As Secure As a Fortress?! at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Monday, June 12. 2006

Flight Data Transmission from EU to ... Posted by Axel Eble in Meta at 13:13

Comments (0)
Trackbacks (0)

Flight Data Transmission from EU to US illegal

The European Court of Justice has declared the treaty between the European Commission and the US Federal Government for the transmission of passenger data to US officials as illegal. That sounds like a big win for data protection and privacy at a first glance - but is it really?

Well, no, it's not. The original intention of the complainants was to have the European Court of Law state that the treaty does not conform to European Data Protection Legislation. However, all the Court did was rule that there was no legal basis for the treaty at all.
The European Commission had signed the treaty because they claimed that they were responsible because the data concerned was collected by private organizations and companies. The Court in turn clarified that the EU Directive did not cover Penal uses of data and since the data would only be collected for purposes of criminal prosecution the directive does not apply. Thus, the Court carefully managed to avoid the trickier side of politics and navigated around those particular rapids.

So, what does this ruling mean? First of all: the EU has until the end of September 2006 to come up with a new treaty. So far it looks like the Commission will try to push through new legislation to create the legal grounds for the treaty with the US Administration. Mind you, this is not easy because Criminal Legislation is still in the courts of the individual States - there is nothing like a common criminal legislation in Europe. EU law would have to be changed - unanimously by 25 member States. You can bet that political issues (both European politics and local politics) will greatly influence the stance of each State. If the change does not happen, each State would have to negotiate a separate deal with the US.

Ah, so finally we have our rights back and have full control over our data! No, unfortunately not. If the airlines don't transmit the passenger data to the US, they will experience heavy sanctions by the United States of America.

The best way to keep control about your data is by not going to the USA for now.
Bookmark Flight Data Transmission from EU to US illegal at del.icio.us Digg Flight Data Transmission from EU to US illegal Mixx Flight Data Transmission from EU to US illegal Bloglines Flight Data Transmission from EU to US illegal Technorati Flight Data Transmission from EU to US illegal Fark this: Flight Data Transmission from EU to US illegal Bookmark Flight Data Transmission from EU to US illegal at YahooMyWeb Bookmark Flight Data Transmission from EU to US illegal at Furl.net Bookmark Flight Data Transmission from EU to US illegal at reddit.com Bookmark Flight Data Transmission from EU to US illegal at blinklist.com Bookmark Flight Data Transmission from EU to US illegal at Spurl.net Bookmark Flight Data Transmission from EU to US illegal at NewsVine Bookmark Flight Data Transmission from EU to US illegal at Simpy.com Bookmark Flight Data Transmission from EU to US illegal at blogmarks Bookmark Flight Data Transmission from EU to US illegal with wists Bookmark Flight Data Transmission from EU to US illegal at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Wednesday, November 23. 2005

Fachsimpler-Test Posted by Axel Eble in Meta, Off-Topic at 19:03

Comments (0)
Trackbacks (0)

Fachsimpler-Test

The Fachsimpler-Test is a test by one of Germany's larger political (?) magazines, Der Spiegel (or rather their online counterpart, Spiegel Online). It is a test aimed at helping school students to find out what subject they should take at University.

ToJe, Zugschlus and Thildkröte all took the test and found large differences between their field of interest/work and the suggested subject of their studies. The test should be taken with a grain of salt as we all are slightly older and experienced than we were right after school, but, well, it's quite interesting to see the discrepancies.

Fachsimpler-Test-Ergebnis

Thinking about it the result is not that far off: I am a generalist with a broad spectrum of interests after all.
Bookmark Fachsimpler-Test at del.icio.us Digg Fachsimpler-Test Mixx Fachsimpler-Test Bloglines Fachsimpler-Test Technorati Fachsimpler-Test Fark this: Fachsimpler-Test Bookmark Fachsimpler-Test at YahooMyWeb Bookmark Fachsimpler-Test at Furl.net Bookmark Fachsimpler-Test at reddit.com Bookmark Fachsimpler-Test at blinklist.com Bookmark Fachsimpler-Test at Spurl.net Bookmark Fachsimpler-Test at NewsVine Bookmark Fachsimpler-Test at Simpy.com Bookmark Fachsimpler-Test at blogmarks Bookmark Fachsimpler-Test with wists Bookmark Fachsimpler-Test at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Wednesday, November 23. 2005

Airline Passenger Data Transmission ... Posted by Axel Eble in General, Meta at 10:28

Comment (1)
Trackbacks (0)

Airline Passenger Data Transmission To US May End

In 2003 the US ordered airlines to transmit flight passenger data for all flights ending in, stopping over in or just crossing US American territory. It was made clear that all data was to be stored in raw form and would be subject to further analysis, leading to profiling of passengers, all, of course, in the name of fighting terrorism. It is completely unclear what sort of profiling will be done and what else the US government will be doing with the data (e. g. handing it over to some commercial data brokers like gasp ChoicePoint for analysis). The Washington Post has a good summary as well.

The EU Commission and the EU Council caved in instead of taking a strong position against this practice and declared the US data handling processes as equivalent to European processes and, in general, good enough. This led to a huge outcry from the EU Parliament and several Civil Rights organizations (like the European Digital Rights Initiative) but both the Commission and the Council wouldn't budge.

Now, however, things start to look a bit brighter: the Advocate General at the Court of Justice at the European Communities recommends to annul the Council decision about the agreement. The Court will have to rule about a law suit by the Parliament against the Commission and the Council decisions. The recommendation of the General Attorney are not binding but in most cases the Court will follow advisory opinions.

References:
Heise Newsticker (German)
Washington Post
Bookmark Airline Passenger Data Transmission To US May End at del.icio.us Digg Airline Passenger Data Transmission To US May End Mixx Airline Passenger Data Transmission To US May End Bloglines Airline Passenger Data Transmission To US May End Technorati Airline Passenger Data Transmission To US May End Fark this: Airline Passenger Data Transmission To US May End Bookmark Airline Passenger Data Transmission To US May End at YahooMyWeb Bookmark Airline Passenger Data Transmission To US May End at Furl.net Bookmark Airline Passenger Data Transmission To US May End at reddit.com Bookmark Airline Passenger Data Transmission To US May End at blinklist.com Bookmark Airline Passenger Data Transmission To US May End at Spurl.net Bookmark Airline Passenger Data Transmission To US May End at NewsVine Bookmark Airline Passenger Data Transmission To US May End at Simpy.com Bookmark Airline Passenger Data Transmission To US May End at blogmarks Bookmark Airline Passenger Data Transmission To US May End with wists Bookmark Airline Passenger Data Transmission To US May End at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Thursday, November 17. 2005

Security Convergence Posted by Axel Eble in General, ISSA, Meta, Organizations at 20:30

Comments (2)
Trackbacks (0)

Security Convergence

"Security Convergence" is the subject of The Alliance between ISACA, ISSA and ASIS. Seeing what the focus of all the three groups is it really does make sense: ISACAs main operational field is Governance, especially IT governance; ISSA is "the global voice of information security" and ASIS is primarily concerned with physical security.
It's pretty clear that those three fields do converge more and more, so The Alliance is an important step in the right direction. It will help to open the eyes of security professionals worldwide to the other fields. It will, thus, help to raise a more business oriented security program in enterprises. We shouldn't expect too much in too little time, however: I don't believe that many companies understand at the moment that security is something that needs to be considered in a (I hate to use the term, but it does fit so nicely) wholistic way.
So, at the Network Security Conference/Security Management Conference of ISACA in Amsterdam last Monday the panel discussion was just about this: "Security Convergence". I was invited to represent ISSA at the panel. It was rather interesting to see the different points of view on the panel - and in the audience. Another member of the panel, Carl Thorp, stayed on for the day (I had to get back unfortunately) and reported that there were quite a few interesting discussions about the convergence thing. However, it seems to be of prime import to define what "Convergence" really means.
It will be interesting to see the discussions around the term in the near future.
Bookmark Security Convergence at del.icio.us Digg Security Convergence Mixx Security Convergence Bloglines Security Convergence Technorati Security Convergence Fark this: Security Convergence Bookmark Security Convergence at YahooMyWeb Bookmark Security Convergence at Furl.net Bookmark Security Convergence at reddit.com Bookmark Security Convergence at blinklist.com Bookmark Security Convergence at Spurl.net Bookmark Security Convergence at NewsVine Bookmark Security Convergence at Simpy.com Bookmark Security Convergence at blogmarks Bookmark Security Convergence with wists Bookmark Security Convergence at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Thursday, November 3. 2005

The Dangers of Inference Posted by Axel Eble in General, Meta, Off-Topic at 01:47

Comments (0)
Trackbacks (0)

The Dangers of Inference

Here I am, taking a strong stance about government agencies that collect data and use inference to think about what it might possibly mean. There's no lack of wrong inferring to be done that way, starting from false assumptions about coherence of incoherent data or by simply interpreting too much into too little data.

And suddenly I find myself here, doing exactly the same: thinking F-Secure jumped on the bandwagon of Mark Russinovich's posting at sysinternals for their excellent work of analyzing the Sony DRM Rootkit. Independently, I should say, because that is what they did. They did not, however, manage to make it clear how they got wind of the thing (which they did earlier than Russinovich and were in contact with Sony to discuss the issue). After Mark published his findings, F-Secure thought it was now time to publish theirs, too.

Can't blame them, really. I blame myself, however, for jumping to unjustified conclusions. Ah well, as I said: inference is bad.
Bookmark The Dangers of Inference at del.icio.us Digg The Dangers of Inference Mixx The Dangers of Inference Bloglines The Dangers of Inference Technorati The Dangers of Inference Fark this: The Dangers of Inference Bookmark The Dangers of Inference at YahooMyWeb Bookmark The Dangers of Inference at Furl.net Bookmark The Dangers of Inference at reddit.com Bookmark The Dangers of Inference at blinklist.com Bookmark The Dangers of Inference at Spurl.net Bookmark The Dangers of Inference at NewsVine Bookmark The Dangers of Inference at Simpy.com Bookmark The Dangers of Inference at blogmarks Bookmark The Dangers of Inference with wists Bookmark The Dangers of Inference at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Tuesday, November 1. 2005

Ch-ch-ch-changes Posted by Axel Eble in General, Meta, Technology at 00:03

Comments (5)
Trackbacks (0)

Ch-ch-ch-changes

Jon Toigo is annoyed at the lack of progress the information security field has made since the Medieval. I feel his pain, too. But what are the alternatives? Or rather, why are we still using the same concepts? Are we just too stupid to come up with something new or are the concepts just so basic and so sound that there is no better way? Let's take a look at the items Jon mentions.

  1. Access Control: moats and stockades then, firewalls now. Access control is still one of the soundest principles of information security. Control who may access information when and how and you have removed several vulnerabilities and reduced your risk dramatically. However, the technologies being used for access control change considerably over time. Up until the 1980s to 1990s access control meant control of physical access. Computers were large and heavy and access to them could be controlled pretty strictly and fairly easily. Enter The Network - and things shift completely. Or, to be fair, they get expanded. Physical access control is by then pretty much a commodity: people just do it anyway. What's new is that access to the computers is not only available by physical access but by network access as well. While the Light Side had control for an enjoyable while it was only a matter of time until the Dark Side jumped on the bandwagon and started to use the Net for their sinister purposes. So well, Marcus Ranum writes the DEC SEAL and it starts to get a success quite fast: companies hire firewall administrators to take care of these arcane beasts that are tough to tame (alliteration not intended but gladly taken). Fast forward to today: every simple DSL router for home use has a NAT firewall included; the network guys do the firewalls on the side and up come web services with the nice side effect of tunneling "stuff" across HTTP (yes, and other protocols, but HTTP really is ubiquitous by now and a nice example of the ever changing technologies, thank you). So now we have web application firewalls which really are nothing else than application layer proxies. And so it goes, goes round again. (Kudos to Joe Jackson)

  2. Signet Rings and Trusted Certificates - now there you've hit a sore spot, Jon. I don't trust the PKI model with a commercial head - much less even if said head is Verisign. The last piece in the puzzle was their Sitefinder "service" which accidentally broke half the Internet. But really, why do we trust signatures, signets or certificates at all? Chances are, the signature is illegibile anyway so a cursory glance of similarity is all we get. Same with certificates (without even the added benefit of Verisign). No solution there, I'm afraid.

  3. Edicts and Policies - good point, Jon. However, I consider them to lay out the rules by which we play. We agree upon a set of rules to be able to note deviant behaviour and sanction it. Thus, policies and edits are rather useful tools as they prepare the ground for legal skirmishes or, in some cases, provide the opportunity to find out unwanted behaviour in the first place. I wouldn't want to live without them.

  4. Codes and Encryption are powerful tools, too. Unfortunately, many people tend to forget that encryption is a temporary safeguard at best. Even if the encryption algorithm has no known weaknesses it still will fall given enough time. There's the rise in computing power and the change to other technologies (can you say Quantum Encryption? I knew you could!). As long as people recognize this, they are quite secure. All they have to do is select an algorithm that will possibly keep the information secure as long as it has to be classified.



Interestingly enough, the bad guys don't seem to have learned either how to circumvent the safeguards we set up. Either they are as caught in our ways of thinking or there simply Is No Better Way at the moment.

What do you think?

All of this, however, has nothing to do with vendors coming up with new products all along instead of listening to what the customers want - just like in the storage market. Thanks for the eye-opener, Jon!
Bookmark Ch-ch-ch-changes at del.icio.us Digg Ch-ch-ch-changes Mixx Ch-ch-ch-changes Bloglines Ch-ch-ch-changes Technorati Ch-ch-ch-changes Fark this: Ch-ch-ch-changes Bookmark Ch-ch-ch-changes at YahooMyWeb Bookmark Ch-ch-ch-changes at Furl.net Bookmark Ch-ch-ch-changes at reddit.com Bookmark Ch-ch-ch-changes at blinklist.com Bookmark Ch-ch-ch-changes at Spurl.net Bookmark Ch-ch-ch-changes at NewsVine Bookmark Ch-ch-ch-changes at Simpy.com Bookmark Ch-ch-ch-changes at blogmarks Bookmark Ch-ch-ch-changes with wists Bookmark Ch-ch-ch-changes at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Wednesday, October 26. 2005

Conservatives going off the deep end Posted by Axel Eble in General, Meta at 12:52

Comments (0)
Trackbacks (0)

Conservatives going off the deep end

heise reports that the CDU/CSU parties warn of potential terrorist threats to IT infrastructure. Yawn yawn. I just love it how terrorists are responsible for anything and dangerous for everything. And, being the conservatives, one could expect them to scream for direct data exchange between governmental, law enforcement and intelligence agencies. Why, sure enough that is exactly what they want.


"International terrorism and information technology are related in a multitude of ways," Mr. Koschyk explained today. The information infrastructure was a potential target for international terrorism, he observed.


Oh yes, bringing the Internet down will strike terror in the hearts of the people like nothing we have seen before. Tell that to the people in Pakistan, to the people in Far East caught by the Tsunami, the people in New Orleans, to the people in Florida and whoever else has been struck lately by nature's catastrophes.
Bookmark Conservatives going off the deep end at del.icio.us Digg Conservatives going off the deep end Mixx Conservatives going off the deep end Bloglines Conservatives going off the deep end Technorati Conservatives going off the deep end Fark this: Conservatives going off the deep end Bookmark Conservatives going off the deep end at YahooMyWeb Bookmark Conservatives going off the deep end at Furl.net Bookmark Conservatives going off the deep end at reddit.com Bookmark Conservatives going off the deep end at blinklist.com Bookmark Conservatives going off the deep end at Spurl.net Bookmark Conservatives going off the deep end at NewsVine Bookmark Conservatives going off the deep end at Simpy.com Bookmark Conservatives going off the deep end at blogmarks Bookmark Conservatives going off the deep end with wists Bookmark Conservatives going off the deep end at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!

Thursday, October 6. 2005

Another One Bites The Dust™ Posted by Axel Eble in Meta at 22:42

Comments (0)
Trackbacks (0)

Another One Bites The Dust™

Martin pointed me to Sourcefire being bought by Check Point. I'm annoyed at that because Check Point is like any big player in any field: they buy a company and suck them dry. I am very apprehensive what they are going to do to Snort and how Marty Roesch will get along.

If I were to look in the crystal ball I'd predict that Check Point will kill the GPL and open source version of Snort or at the very least will try to squash it or drop support.

Of course, we'll see what pans out. I'd really love to be wrong on this account. Oh, and for the record: I hope Marty Roesch got a good deal out of it.
Bookmark Another One Bites The Dust™ at del.icio.us Digg Another One Bites The Dust™ Mixx Another One Bites The Dust™ Bloglines Another One Bites The Dust™ Technorati Another One Bites The Dust™ Fark this: Another One Bites The Dust™ Bookmark Another One Bites The Dust™ at YahooMyWeb Bookmark Another One Bites The Dust™ at Furl.net Bookmark Another One Bites The Dust™ at reddit.com Bookmark Another One Bites The Dust™ at blinklist.com Bookmark Another One Bites The Dust™ at Spurl.net Bookmark Another One Bites The Dust™ at NewsVine Bookmark Another One Bites The Dust™ at Simpy.com Bookmark Another One Bites The Dust™ at blogmarks Bookmark Another One Bites The Dust™ with wists Bookmark Another One Bites The Dust™ at Ma.gnolia.com wong it! Bookmark using any bookmark manager! Stumble It!
« previous page   (Page 1 of 5, totaling 66 entries)   next page »
Frontpage
View as PDF: Category Meta | This month | Full blog

Calendar

Back September '10
Mon Tue Wed Thu Fri Sat Sun
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30      

Quicksearch

Statische Seiten

Blog Administration

Open login screen

Archives

Kategorien



All categories

links



Getaggte Artikel

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Top Exits

Blog abonnieren

Map

flickr photostream

Wohnzimmer OG
14.12.07 20:26
Wohnzimmer OG
14.12.07 20:26
Wohnzimmer OG
14.12.07 20:25
Wohnzimmer OG
14.12.07 20:25
Bad OG
14.12.07 20:25
Flur OG
14.12.07 20:24

Powered by