Month: November 2010

On growing challenges in IT security

I came across an interesting article which illustrates the growing challenges in IT security.

“The IT guys have been told to do one job, so they [lock things down and] rule out the use of Google docs. And the workers are told to do another job, to get their work done, so they start using Google docs, and the power balance is moving away from the IT guys,” says Josh Klein, co-author of Hacking Work, a guide on how to “break stupid rules for smart results”.

According to a survey by networking firm Cisco, 41% of workers break corporate IT policies, saying that “they need restricted programs and applications to get the job done – they’re simply trying to be more productive and efficient”.

Judging by my personal experiences, I’d say most companies will go for the productivity and efficiency. Employee efficiency helps the company to move and adopt faster. Not only it usually means more money, but from the security point of view it makes the company a faster moving target.

Also, with this approach, a lot of security issues will be moved from a company level to an employee level. Similar to how training evolved. Companies still train employees, but a lot of skills are just expected from the employee and it’s up to him or her how and when to acquire those skills. For example, nobody really trains employees to process email, search the web, or operate a telephone. A quick display of the interface and a “you’ll figure it out, and let me know if you don’t” is usually enough.

Similarly, I think, many of the security issues will be passed on to the employee. The company will just expect him to run antivirus software, spam filters, basic firewalls, secure passwords, and such. With that, IT departments will have more resources to focus on protecting centralized resources – web servers, databases, etc.

YouTube Social

The idea of social television is not particularly new. People have been watching TV together for years. Now that a lot of entertainment is moving online, social digital TV is a cool idea. I’ve heard about a few attempts to implement it before, but I haven’t actually seen one up-close. Via Download Squad I’ve learned today about YouTube Social. I think it’s pretty cool, even though it’s definitely not perfect.

It’s really simple to try. Just go to YouTube Social and search for videos using a familiar YouTube interface. Either play them immediately or add them to the queue. If you have a Facebook account, authorize YouTube Social to use it, so that you could add friends to your session easily. If you don’t have Facebook account or don’t fancy the authorization, you can still use YouTube Social. It’s just that you and your friends will be assigned anonymous names like ‘guest123’. You can either send your friends a tiny URL to join the session or an automated Facebook chat invite.

When your friends join the session, you are all watching videos synchronized. Which means that all of you see the same video at the same time. And you can talk about it in the chat window while you are watching it. User with the remote control can pause, play, and find more videos to watch. The remote control is just a token, which can be passed around like a regular remote control. Overall, pretty awesome!

There are really only a couple of things that I didn’t enjoy – chat only works with Latin characters (Cyrillic simply don’t show at all) and the Facebook-only login option (no Twitter/Google/etc). The user interface could use some polish, and I’m sure it will get some in the near future.

Overall, a very nice execution of the idea in demand.

On airport security Israelification

I came across an excellent article which compares ways airport security is handled in Israel as opposed to USA and Canada. Instead of being a yet another whine and complain about how bad things are there and how good they are over there, it does in fact illustrate the difference in approaches, as well as some of the things that people who are responsible for protecting the public have to think about. Here is a quote to get you started:

“I once put this question to Jacques Duchesneau (the former head of the Canadian Air Transport Security Authority): say there is a bag with play-doh in it and two pens stuck in the play-doh. That is ‘Bombs 101’ to a screener. I asked Ducheneau, ‘What would you do?’ And he said, ‘Evacuate the terminal.’ And I said, ‘Oh. My. God.’

“Take Pearson. Do you know how many people are in the terminal at all times? Many thousands. Let’s say I’m (doing an evacuation) without panic — which will never happen. But let’s say this is the case. How long will it take? Nobody thought about it. I said, ‘Two days.'”

Another part that I sympathized a lot with was this:

“Do you know why Israelis are so calm? We have brutal terror attacks on our civilians and still, life in Israel is pretty good. The reason is that people trust their defence forces, their police, their response teams and the security agencies. They know they’re doing a good job. You can’t say the same thing about Americans and Canadians. They don’t trust anybody,” Sela said. “But they say, ‘So far, so good’. Then if something happens, all hell breaks loose and you’ve spent eight hours in an airport. Which is ridiculous. Not justifiable

So true! I’ve been thinking exactly the same a few times while watching fear-infested news coverages on mostly American TV (Europeans and Russians have it too, but to a lesser degree). Nobody can guarantee a 100% protection. A continuous effort should be made to ensure the best possible protection. Once everyone knows and trusts that everything that could have been done was done, they will calm down and relax. And even if something bad happens, people won’t overreact as they would know better.

Day in brief

Shared: Shortcut Manager for Chrome lets you execute JavaScript with hotkeys — and more! http://bit.ly/bVcPpw #
I favorited a YouTube video — These Gears Really Work? http://youtu.be/WYcqJ5HdxA4?a #
I favorited a YouTube video — いろいろな小さ過ぎる箱とねこ。-Many too small boxes and Maru.- http://youtu.be/2XID_W4neJo?a #
I favorited a YouTube video — A LIFE ON FACEBOOK by Alex Droner http://youtu.be/mCUCZCBso_w?a #
Apple Destroyed Products | Fubiz™ http://bit.ly/cAfETh #
I favorited a YouTube video — Gogol Bordello: Immigraniada (We Comin' Rougher) http://youtu.be/zKoQgODwveE?a #
Gotta love http://last.fm . It's been a while since I actually browsed the site. So much free candy and awesomeness! #
Can anyone recommend a good #wordpress plugin that will display amazon.co.uk wishlist (full,with pics) in a separate page? #
My blog sidebar now includes recent music that I've listened to, via last.fm . Looks more interesting with random playlist. #

Day in brief

It seems that I don't listen to music much cause I miss a good player.And my definition of good player changes every time I try to listen… #
I remember hating Rhythbox. Apparently things changed. A lot! I am only missing Last.fm love plugin now – http://bit.ly/9BV3cn #
Why You Need an Android Device This Holiday Season http://on.mash.to/9WRYDy #
Shared: Copy Fixer for Firefox and Chrome lets you easily copy the URL and page title http://bit.ly/aYrWLL #
If you need to import data from XML feeds into WordPress, here is a handy plugin: Advanced XML Reader http://bit.ly/9PUUsF #
Chicken pies and orange juice for lunch. Life is beautiful. #
I favorited a YouTube video — Crash Test http://youtu.be/-uonnoVidW8?a #
I favorited a YouTube video — iPhone and iPad in a BMW http://youtu.be/qmuLoFzZ0xw?a #
Picked up my car insurance. It's always nice to pay less than the last year. 370 EUR vs. 434 EUR and 500 EUR in previous years. #
fputcsv() function in PHP seems to be using a different end of line, depending on the OS of the server. Unexpected. #
If you want to improve #wordpress but don't know where to start – improve the API. Posting with attachments, for example. #
I favorited a YouTube video — Gogol Bordello – My Companjera http://youtu.be/yXU5zUHA1Ak?a #
I favorited a YouTube video — Gogol Bordello – "Start Wearing Purple" Side One Dummy http://youtu.be/sM1Ahn0Osjo?a #
I favorited a YouTube video — Gogol Bordello – "American Wedding" Side One Dummy http://youtu.be/o76YbAfFfJ8?a #
"Why didn't you come when I beat my drum And screamed off my head out into the night.." Gogol Bordello/When Universes Collide. Brilliant #