So, I’m perusing the job sites the other day and my 13-year old son walks in, looks at the screen and says “Why is the S-word on there?!” I didn’t catch it until he pointed it out, at which point I busted up laughing.
Pretty much sums up the job market at the moment…
Great article by Charlie O’Donnell on attracting a talented CTO to your fledgling startup venture at that important early stage. I particularly like the opening sentence:
Businesspeople ask me all the time how to find a technical partner for a startup. When they ask, it often sounds like they’re asking for a product off the shelf–like, “Where can I get some cheap folding chairs?”
Need a little getaway to bask in the glow of monitors for 12 days straight while taking 15 certification tests? Then look no further!
Microsoft MCITP Server and Enterprise Administrator Combo Boot Camp at Global Knowledge.
Sounds like the Bataan Death March to me… =)
Please excuse the mess, I’m currently cleaning house and doing some major remodeling of the site. The theme will be a mess for a few days as do some customization and add some things. Please let me know if you notice anything really out of whack…
The always excellent Backtrack security distro has released beta 4 today and the servers are swamped! I was lucky enough to get a completed download and have been testing it today. So far it’s been very stable.
That was easy! Please let me know if you notice anything “hinkey” on the site after the upgrade.
I have to say as someone who didn’t look at the new feature list at all before the release, first glance has me absolutely loving the new interface.
Man, the past 5-6 months since my last post have flown by much too quickly. I have a stack of topics I’ve been meaning to write about and now the majority are old news. Well, no more of that! I’m setting a new goal of writing at least a small post every week. Let’s see what happens. =)
I think my first topic will be a discussion of some of the open-source network monitoring tools out there, as I’ve been heavily testing Hyperic in the past month and have been fairly impressed with the feature set.
Stay tuned!
After a short 10 year build time (I kid…), one of the best security tools out has reached the v1.0 milestone. Wireshark 1.0.0. was released this weekend! You can read more about it in this news item as well as grabbing the file from the Wireshark site. I’ve used Ethereal since the early days and it’s always been one of my staple network/security tools. I big congrats to the team! Here’s the news release:
I’m proud to announce the release of Wireshark 1.0. This is the culmination of nearly ten years of hard work by a team of brilliant and talented developers. It is an honor to be able to work with these people.
On behalf of the development team, I would like to thank Wireshark’s user community for all of your enthusiasm and support over the years. Wireshark development will continue, and we have lots of great features to offer in the coming years.In this release
Security-related vulnerabilities in the X.509sat, Roofnet, LDAP, and SCCP dissectors have been fixed. See the advisory for details.
This release includes an experimental package for Mac OSX Intel. For a complete list of changes, please refer to the 1.0.0 release notes.
Official releases are available right now from the download page.
During my daily RSS scan this morning I noticed this article on DarkReading that is sure to spark a lot of debate over the next few days.
Computer Forensics Show 2008 — Peter Tippett thinks it’s time for security professionals to wake up and stop wasting their energy.
In a presentation here yesterday, Tippett — who is vice president of risk intelligence for Verizon Business, chief scientist at ICSA Labs, and the inventor of the program that became Norton AntiVirus — said that about one third of today’s security practices are based on outmoded or outdated concepts that don’t apply to today’s computing environments.
Once you get past the incendiary statements, it seems to me like Peter is discussing getting back to basics with our security thinking. Nothing is 100% safe, but in the rush to try and secure everything, many tend to forget about the basics. It seems the past two years many companies (and many in the netsec field) have gone overboard in trying to manage every risk to the point of CYA insanity, instead of using a more holistic approach of basic security best-practice and prudent risk assessment/management. As anyone that has worked in the security field knows, we netsec folk have to get a million things right to keep the bad guys out, but the bad guys only have to get one thing right to get in. Of course, that’s why the argument for defense-in-depth is so important.
Yet, while I do …
The Register reports on a new UK guideline that makes it illegal to create or distribute so-called hacking” security tools.
The controversial measure is among amendments to the Computer Misuse Act included in the Police and Justice Act 2006. However, the ban along with measures to increase the maximum penalty for hacking offences to ten years and make denial of service offences clearly illegal, are still not in force and probably won’t be until May 2008 in order not to create overlap with the Serious Crime Bill, currently making its way through the House of Commons.
I was amazed when the German computer crime laws came into effect in August 2007, but it looks like the insanity is spreading to other parts of Europe as well.
