Google+ will not be very useful to me until I can interact with it outside of a browser.
Google+ will not be very useful to me until I can interact with it outside of a browser.
Posted: 11th July 2011 by John in PersonalTags: wordpress
0
The Evolution of a Cyclist
Posted: 8th July 2011 by John in PersonalTags: 2011, Biking, clothing, cycling, Exercise
I’ve always enjoyed riding a bicycle, but it had always been approached very casually. As a kid I would ride around our neighborhood all the time in my various bikes. Even after suffering a horrific bike accident in 2nd grade (one which saw the majority of the skin on my face removed by pavement, as well as a tooth) I continued to enjoy biking.
Last August, as the summer was slowly winding down, Ann convinced me to start biking with her. The Eagle Creek Greenway, a walking/biking path that led to Eagle Creek Park, was next to our neighborhood and gave us a nice path to ride to the park. It wasn’t very long before we were regularly doing 8-10 mile rides after work and on weekends. I also found that I lost a lot of weight doing it.
I was hooked.
Back in those days we were riding $200 mountain bikes – the kind you can buy at any sporting goods stores – which were steel framed and heavy. And slow. Our attire consisted of whatever shorts we could find and a t-shirt. We would regularly comment on the other riders out on their road bikes wearing the spandex stretchy bike shorts and jerseys and how they looked a bit silly.
Then, earlier this year we bought new bikes. Road bikes. Read the rest of this entry »
John Whelan changed his profile photo.
Sometime around late summer or early fall of 2010, Ann and I decided we should start biking more. We lived in our first house at the time, and it was conveniently located on a greenway walking/biking trail that led into Eagle Creek State Park, where we had a membership. We started out with short trips up the greenway and back, but quickly graduated to longer trips between 8 and 12 miles. We really enjoyed ourselves and had a lot of fun riding through the park.
The only downside as we saw it was that our bikes of choice at the time were comparatively cheap $200 steel frame mountain bikes. My shifter was horribly messed , as was the rear derailleur, which caused my bike to randomly jump gears and made the riding experience… less than optimal. The bikes were heavy, the tires bulky, and the ride anything but smooth (or fast). If we REALLY pushed ourselves we could maybe get up to 14MPH, but we’d quickly find ourselves quite winded.
My twitter friend Mike Grace (cool guy, follow him @mikegrace), got me to start using an iphone app called Endomondo to track my exercising. The geek-factor of having data and tracking and all kinds of other stuff got me even more interested in exercising – and drove me to go farther, faster, and more often. As a result – I started losing weight. Fast. Read the rest of this entry »
There has been a lot of news coverage in recent weeks on high profile data breaches across a variety of organizations. The two that stick out perhaps more than others (if for nothing other than the sheer volume of news about them) are the breaches at RSA and Epsilon.
Data breaches are a serious matter, regardless of what data was gleaned in the breach. Even innocuous things such as name and email address are serious losses that could have a high potential damages, and when you get into trade secrets and sensitive data around a massively deployed strong two-factor authentication scheme the ramifications are far reaching indeed.
Working in the AppSec space in infosec I am frequently asked how things like this can happen? Is it that the companies themselves are lazy, complacent – or worse – negligent?
No.
Nobody* wants to see data lost, least of all the company whose systems become compromised. That’s a worst case nightmare scenario that keep us up at night. Except in some rare cases, I wouldn’t consider these organizations negligent. As RSA proved – you can have some of the best perimeter security in the world, but that won’t necessarily protect you should you become a target. The weakest link in the security chain has moved from the infrastructure to the people, and attackers will almost invariably attack the weakest link. Spear phishing and clever social engineering are two of the most serious threats facing businesses today – and recent news reports are showing why.
So, where do we go from here? We learn. We improve. We teach.
Much can be learned by everyone from these breaches. As we learn more details about how these breaches occurred we can improve our security to protect against these new attack vectors. Newer and better controls can be added to our applications and services which can help mitigate these new threats. We can – and should – educate our employees about the dangers of social engineering and spear phishing. We can use this opportunity to increase and refresh their security knowledge.
What we shouldn’t do is point fingers, ridicule, or otherwise blast these vendors (at least with regards to the fact that they got hacked – their PR handling of the incident is open to criticism, should you feel the need). Instead – lets learn from the mistakes made. Let’s collectively improve.
We can do better. We should do better. Let’s take this opportunity to do so.
* Obviously the attacker does want to see data lost. They don’t count 
