Change is good
Think of this as Volume 16, Number 32 of A-Clue.com, the online newsletter I've written since 1997. Enjoy.
The whole “cloud problem” FUD being sold by the media and Steve Wozniak over Apple's so-called iCloud service comes down to one word.
Identity.
It's a simple word, one we use every day. And it is a real problem.
But only because we choose to make it one.
Think of this as Volume 16, Number 23 of A-Clue.com, the online newsletter I've written since 1997. Enjoy.
In writing about Ipv6 Day, which was Wednesday, reporters struggled to offer a sense of what it means.
We're about to run out of Internet addresses, they said. (Well, there's a workaround, but...) Remaining Ipv4 addresses are rising in price, and we're going to run out of new ones in 2014. (True, but...) Ipv6 is better – more efficient, more secure, inevitable. (As to the last, well, sorta...)
The fact, we've been kicking the can on this for a decade. Ipv6 was actually proposed in 1996, the idea being to expand the address space from four sets of three hexadecimal numbers each – xxx.xxx.xxx.xxx – to eight sets of four – xxxx.xxxx.xxxx.xxxx.xxxx.xxxx.xxxx.xxxx. Instead of having 32 bits – 4.3 billion addresses – you have 128 bits – 3.4 x 10 to the 38th power addresses. You convert from one to the other by putting zeroes in front of the Ipv4 number.
Continue reading "Last Roadblock to A New World is Removed" »
Advocates of the old enterprise computing model are trying every type of Fear, Uncertainty and Doubt (FUD) in order to slow the progress of cloud computing.
In a Financial Times story (behind their firewall – get it through Google News) Gartner executives Drue Reeves and Daryl Plummer go on-and-on about the unlimited liability of cloud computing, acting as though if someone pulled out a plug somewhere your whole business could go down.
Reeves, according to his biography, previously worked at the Burton Group, acquired by Gartner in 2010, and before that at Dell and at Compaq. His background is in server computing and security.
Well you may be a big Gartner wheel, Mr. Reeves, and I may be just a reporter, but I got a very simple response to your FUD.
Al Gore feels passionately about the environment and the climate crisis.
So do I. So do a lot of people.
But Al Gore's words aren't helping solve the climate crisis. In fact, they're hurting. His allies aren't covering him any more, and his allies are using him as the butt of jokes. Yes, Gore-o-phobia is unfair. But it's real, and he needs to deal with it.
We all need to, by taking Al Gore from the field of political battle. Bodily, if need be.
Some headlines from his latest outburst. “Climate change skeptics are like racists” – TG Daily. The same headline is on the Daily Caller. “Meat = Global Warming” – Consumer Freedom. “You Knew This Was Coming” – PowerLine.
Now I know these are not friendly outlets. But Al Gore has become on the environment what Fonda became on Vietnam. Always the enemy, and always the excuse for ignoring anything not only they say but anyone they know says.
Jonathan Moorman of “Ology” was pretty calm about it. “When you start comparing your opponents to racists, you know what that does? End the conversation outright and force everyone away from the middle.”
Al Gore needs a nice big cup of STFU.
Continue reading "Al Gore Needs A Nice Big Cup of STFU (He's Not Helping)" »
Think of this as Volume 15, Number 35 of A-Clue.com, the online newsletter I've written since 1997. Enjoy.
There is an iron law in American politics.
The optimists win.
The media and most professionals ignore this law because they think it's a gloss, something you can put onto a campaign like lipstick on a pig. It's not. The side that exudes optimism from every pore, that has a positive agenda addressing pressing issues, almost always wins American elections.
The Obama campaign recognized this truth early-on, which is one reason why it was vitally important (in retrospect) that they stayed apart from the “netroots,” sites like DailyKos, Firedoglake and Americablog. It's not that these left-wing sites want to be pessimistic. It's just that living in the trenches of politics, day after day, is living in a sausage factory. It grinds you down, it gets you angry, it makes you pessimistic.
Most grassroots political movements, even of the Astroturf kind, are born of anger and pessimism. It's what the other side isn't doing, what “those people in power” are keeping from happening. It's very easy to say what you're against, it's easy to organize a protest. It's much harder to build something positive.
From a business standpoint it's not in the interests of Kos & Co. to be positive, however. On a day to day basis, it doesn't sell to activists. It's pointing your readers in a direction they are not inclined to go in.
Yet there is a positive change agenda sitting before us, waiting to be seized. As regular readers of this blog know, it starts with what I call the War Against Oil.
The secret to true wealth lies in working for others, doing work you enjoy, making a difference to a community.
By that measure the richest man in Atlanta isn't Arthur Blank.
It's Pat Apoian (right) .
Detective Pat (as he's known) is an Atlanta Police officer who was injured last Friday while pulling a double-shift on behalf of the Kirkwood Security Patrol, a neighborhood group I belong to. He was called to a domestic disturbance a few blocks from my home, and was run over by (allegedly) a 29-year old named Khalif Edwards, who remains at large.
The White House has endorsed a draconian “cybersecurity” plan now making its way through Congress.
It would essentially say all your clicks belong to us. Police would have carte blanche to seize domains, decrypt files, and run roughshod over citizens in the name of catching bad guys who are hiding behind proxy servers in the Ukraine or some other such place.
All this would be unnecessary if so-called Internet advocates had accepted a very basic truth that our Meat Space ancestors knew well.
Privacy and security are the same thing. Both depend on identity.
Continue reading "The Real Cybersecurity Problem is Identity" »
The big story of this month is the backlash against the cloud.
It began with Amazon's downtime, and has continued with the revelation that Amazon itself was the source of the hack attack that took down Sony. This has caused nervous nellies like Murray Jennex of San Diego State to suggest cloud computing be ignored by the enterprise.
But the problem here isn't the cloud. The problem is identity. A Bloomberg story describes the Amazon sign-up procedure:
Signing up to the service requires a name, e-mail address, password, phone number, billing address and credit card information. Users get an automated call from Amazon and are asked to dial in a four-digit verification code to complete the registration process.
Note what's missing? Proof that you are who you say you are. A hacker can use a stolen identity. He doesn't have to prove he is who he is.
Someone has to take responsibility and, when someone can, people can be protected.
The bloggers are blogging madlyabout Google's recent decision to "kill" some Android applications, by using a facility it has had for years to remotely disable apps.
The move wasn't 100% effective. Third party Android app markets, not run by Google, may still have some Android malware that Google can't yet kill.
Google has been busy ever since, explaining the issue (it doesn't impact older versions of the Android system) and describing how it will try to keep this sort of thing from happening again, working with its partners.
Some of the tut-tutting talks about how Google needs to be more proactive, scanning for malware before approving applications. And that's fine. But what's being lost is the lesson that began this post.
Someone has to take responsibility for software after it's purchased. That costs money. But it also requires a top-down process through which orders, once given, can be carried out.
The idea of open source security seems like a contradiction in terms. But it's not.
Cops are always getting together to swap tips and techniques. Same thing with computer security guys. What some object to is the idea of the code being open and available to outsiders, some of whom (it can be assumed) are bad guys.
Projects like the Open Source Security Foundation framework and Eureka Streams can be valuable – assuming that is they're not just government-funded copies of something which already exists, like Snort. If they are they're just a waste of time and resources.
The good news in these cases is that government contractors are acknowledging the legitimacy of open source as a development process, even in the area of security. But will any side support a governance process that makes the most of what open source has to offer?
And so we come to IronBee, a new open source web application firewall created by Qualsys and supported by Akamai. The goal, as this whitepaper notes, is a universal web application security sensor. The announcement took place this week at the RSA Security Conference.
Recent Comments