Security – Page 17 – Maverisk / Étoiles du Nord

Vendors pitchin’ — reality’s b… moving elsewhere

Was reminded today that still, a great many vendors in the (Info)Security arena are pitching their worn-out warez to a laggerd crowd — or is it just me to see that, in particular where IAM is concerned, all eyes are still on some vault idea of data storage and systems, behind some mirage of a perimeter of the ‘data center’ (as it is presented ..!).
Luckily, I met this old friend of mine of Zscaler that see that today’s access and wider security concerns are over Cloud (storage, services) and Users (out there, anywhere). How nice would it be if not too much time would be wasted anymore on the classical, outdated (sic) model(s) and we’d all move to this new world ..?

This, for your viewing pleasure:

[Watching the ships go by, Amsterdam]

Privacy for drones, *from

Some found it odd that e.g., in Chicago, the ground floor space, the up into the air (no not that) building, and the naming rights to that building, are traded separately.
Elsewhere, one’s home comes with an expectance of Privacy, “behind one’s front door”. But not outside; that’s free game for any … usually still ..!, photographer when from public space.

But now, back gardens, previously considered safe from prying eyes, are visible from other, 3D public space: the air. Via drones.
Which takes care of the public space part, where the ‘photographer’ (?) still is without even the need to trespass ’cause the camera is unconnected to him (sic). [Apart from the argument that just about any official could claim access to the back yard as if semi-public space..?] But does it nullify the “shouldn’t have been outside” argument ..? Or is the previously invisible part of the garden also part of the interior..? As it had similar/same protection by having needed illegal means of access hence the expectance of privacy — that now, by the legality of that access not having been arranged (yet), is still in doubt and the morons “break in” regardless.

Hence the start with the above distinction: Would the air over one’s house be private property as well (How high ..? At least till levels of commercial flight, that is regulated), then possibly, flying a drone into it would be trespassing. But immediately, since camera resolutions increase so quickly, we would need protection against prying eyes from above the streets as well, looking over rooftops. Hm, we would revert to the “expectance of privacy” argument back again anyway. And the automatic ownership non-transfer would prevent shooting them down, still.

So, hopefully, I’ve made you think. Else, there’s no result … ;-[

Oh well:
20141015_132551
[Beauty exposing herself very publicly… above not under some n.rds? Voorburg]

A quantum leap

Remember, that (not) a great many days ago I posted some bits on crypto ..? There’s a new twist to it all, after the venerable Bruce noted that some agency started a new, this time ’round bit more fundamental round, on crypto algorithms. And then, some notes on the approach of quantum computing. Well, the latter is still five to ten years off (current estimates; could be three, could be twenty, as such estimates go).
But impacting. So, the following flew by:
CryptographyChart-1-482x745
Which explains a lot, hence I just wanted to pass it on. Bye for now.

Blown over — smart dust or where is it?

In all the news about IoT, where has the (admittedly far-flung) prediction about ‘smart dust’ gone ..? Where has the smart dust gone? Was it a wormhole glimpse into the future, was it some runaway brainstorm on steroids (or other stimulative substance) session’s result ..?
Where still, it looms in the background. Once information is created, will it remain in the universe, existing without a result (as it may or may not have a cause, the rebel against entropy that it is)? (Here I go in similar vein, not stimulated!)

Now, let’s first have actual working quantum computers. Similarly vague at inception and counter-intuitive — for which reason I believe it will turn out to have logical fallacies in its current models so will in the end not be feasible to realise ..! —, let that come first. In itself, already difficult enough to cope with, as a global society.

Afterwards, smart dust will look like a rough cut piece of cake, probably. But maybe the Problems of it, will stil be Hard (compute-complexity-wise), as here and elsewhere.

And this, for your blue pill:
20150911_143851
[Excellent or mundane archi; but with sublime acoustics — second (to) one in Amsterdam!]

Trivial TLA Things-Tip

If you Thought This Time Things would be easier, as the universality of plug-‘n-play has spread beyond even the wildest early dreams into the realms of the unthought-of non-thinkingness, think again. Drop the again. Think. That was IBM’s motto, and they created Watson. No surprises there.
However… It may come as a surprise to some that now, an actual TLA has some actual tips, to keep you safe(r). As in this. Who would have thought… On second thought, this agency of note might have no need for the access disabled themselves anymore, as they’ve provided themselves of sufficient other access (methods) by now and just want to hinder the (foreign) others out of their easy access ..?

Oh well, never can do well, right? And this:

[Another one from the cathedral of dry feet — only after, making sticking fingers in dykes worthwhile; at Lynden, Haarlemmermeer]

Complexity beaten by [The mechanics of Joe Average]

Yes it’s time to remind you again. And again. That the mechanics of the mindset of Joe Average (notice how that’s a he not she …?) will beat even the best laid-out strategic plans, Von Moltke-style. As can be read in this here piece; instructive both on the surface and in the sub-surface semantics, meaning. I.e., that JA is even ‘smarter’ than you thought when it comes to achieving JA’s actual objectives of GetOffMyBackWithYourStupidTargets. Through which it all reminds us, being you too, to build security around actually desired functionality — as desired by end users to get their in-tray empty. Nothing more, certainly not your lofty functionality goals, that’s just burdensome nuisance. If you hinder the former and leave space for abuse in the latter, you’ll be doomed doubly. All the pain, no gain.
Be reminded, too, that your efforts down the blind alley will result in complexity that JA will beat, but maybe, all too often, you don’t. Meaning even that, is for nothing and will leave you out to dry.

Hm, as a pointer, this point needs both much more elaborate thought, in your heads, and is depleted for write-up here. Go and do well.

[In the Cathedral of Pump; Lynden, Haarlemmermeer]

Gaming comms is deadly serious

I was reading up a bit (again) in Eric Berne’s masterpiece Games People Play, and realized a great many of the Child moves in just about every game, approached how some nefarious organisations seeking sub-animal-level absolute tyrannical power under the sometimes literally completely wrong, oppositional guise of (true) religion. One thinks Middle East, and elsewhere.
Would it be possible to counterattack, apart from head-on obliteration through military force, with anti-game moves in the global and local/individual comms contra/pro these movements..? If these address the core sources of discontent, as explained here, it could work, couldn’t it ..? Sufficient experts available, one would think, on the Good (?) side.

Just a thought. This:
Keep 'em flying!
[Should be kept available…]

Upping crypto

Lukewarm protests against Free Crypto, and trawling the oceans completely empty for metadata if not more … Seems like a two-faced two-front ‘battle’ that may even be tiring to uphold (face): Once one is into meta because it gives so much more information (sic) than mere data (content), one would need much less access to actual data, wouldn’t one? And, if then publicly having postured to not be able to break into crypto stuff (where one can with near-certainty break into all stack levels below it, down to the BIOS if not chip level!) almost meaning that for sure one can, why would one push too hard to make it illegal ..?
The only thing one can think of, is that declaring it illegal somehow block another’s access to plausible deniability or to Fifth Amendment claims (that are fundamental for any decent human society). So… that’s what’s going on. …?

And this points to countering TLAs by working with crypto at a higher level; producing encrypted content that looks pretty darn innocuous until decrypted; not seeing scrambled info but at a higher-to-lower-to-transport-and-back-to-higher avenue, transferring Information over seemingly white noise Data signals. Clever… Stego. How’s things on that front (?) ..!?

Also:

[Relevant: Pic may not exist. …]

Let’s celebrate (with) a contest for the dumbest security

On this celebration day (for me/us), let’s instate an annual contest — over the most precise prediction of the dumbest information security breach of the upcoming year.
So, the following:

Your prediction, storified (½ – 1 page, at most slightly formatted);
Realistic, i.e., a combination of dumb and dumber, and stupid and worse, of (non)actions and responses, on the attack and ‘defense’ sides. Realistic, but keep it realistic…;
Hence, do include lots of cyberhere, cyberthere, cybereverywhere and only a little bit of #ditchcyber …;
Deadline: 1 January 2016;
The predictive element means that no sign of the thing actually occuring yet, may be found in the (whatever medium) press already;
Prize… ah, there you go. I’ll try to figure out a way to ship a bottle of the finest champagne to the winner;
No discussions about my judgement.

Well, off for now. Have fun:

[Shaky ground (huh, just photographer’s lack of proper alignment due to hurry);
somewhat relevant, in the opposite (of today)]

Drones are the new tablets

It’s obvious once you think about it (which admittedly may or may not be obvious in your case) —

Desktop sales rebound a bit, on new (‘large’, expensive-)chip performance;
Tablet sales a sagging as they turn out to be too slow, and the ‘keyboard’ size and control pads turn out to be insufficient for all but casual browsing. Though highest-end specs may suffice, almost;
But at the lower end they’re overtaken by notephones;
And, at the higher end, 2-in-1 laptops shrink with all their convenience and power on board (SSD mem…) to (better) serve the nomads (than till now);
Unexplored newness (post-retro-hipster, though a lot of ppl around may have missed a couple of trend switches probably due to being sheeple anyway) is now in Drones. Of all sorts:
- Not just cam pics/vids of the casual kind,
- We’ll see an array of submarkets springing up,
- E.g., photography: Think about all the much-better tilt-shifted [No. No. NO! Not the crapcam idiot-filter kind!] pics of any environment, including cityscapes and high(sic)rise architecture,
- Or the pro-am sports event coverage that can improve so much (except for the actual pros — they may lose their margin),
- And industrial inspection may be much easier if done right; replacing bulky dangerous man-manned choppers etc. — see the text of this!
- Lots of variants are out there, still; no market rationalisation in action (yet),
- No easy Eple version being in sight. That could only have the functionality that sheeple can handle; two simple push buttons: ‘Take-off’ and ‘Crash’,
- All this, especially since safety issues (and privacy maybe, huh) may mean full freedom may not be feasible in the end — leaving the drone thing to techies (those that have a developed feel for tech, not the weaklings that have grown up thinking math was hard b/c they didn’t want to put in any effort into anything let alone hard learning stuff and were left free by their ‘I live like my kids are an accessory’ too stupid to should have been allowed to be parents). Where techies just don’t grow the market into early adoptor/early majority sizes quickly.

Oh well, I made my point. I hope. Anything to add ..? Like:

[This is a test: If you don’t know what that is, you’re disallowed to operate a drone for obnoxious ignorance]