I'm studying for the CISSP exam. Inference and aggregation are means used to take low level or partial information and use that to derive higher level information. Inference requires deduction. The lower level information provides clues. Aggregation is a mathematical or mechanical process. Apply inference and aggregation to safe cracking (or lock picking). Using inference … Continue reading Inference, Aggregation, and Safe Cracking
If you have not read this already I highly recommend Alex Stamos' opinion essay that appeared in the Washington Post on December 15th, 2020. Titled "Enough is enough. Here’s what we should do to defend against the next Russian cyberattacks.", Stamos writes about how poor our response is today and what the United States government … Continue reading Enough Already. Stamos is right.
Hired Cisco 1997. Fired Cisco 2014. Acquired by Cisco 2016. Retired from Cisco 2020. I've learned a lot in these past 23 years. I hope that I can share what I've learned with others and in some small part help to close the digital divide.
I read all the time. I admit that I read less now that I found and use Audible the Amazon audio book service). While Audible is great the books I chose to read (or re-read) this summer are probably not available there. I recently re-read the Blue Team Field Manual (BTFM) and read the Red … Continue reading Summer Reading 101 – The Blue Team Field Manual
I was recently asked this question...I'm working on a project right now where my team wants to substitute passwords and usernames for biometric authentication. I have expressed my multiple concerns for the security of such a system, but the idea has now come up that we could use a system with at least 2 factors … Continue reading Using Biometrics to Replace Passwords
Walid Al-Saqaf Richard Barnes Gonzalo Camarillo Olga Cavalli Hans Peter Dittler Hiroshi Esaki Mike Godwin John Levine Glenn McKnight Robert Pepper Andrew Sullivan Sean Turner Mieke van Heesewijk These are the names and links to profiles of the Board of Trustees for the Internet Society (as of this date in November 2019). According to their dot […]
The Traffic Light Protocol (TLP) takes something that most people know and applies it to a new problem. In this case the simple concept of roadway traffic lights applied to information sharing. As defined by FIRST, an organization formed by cyber first responders; the Traffic Light Protocol is "a set of designations used to … Continue reading Understanding the Traffic Light Protocol (TLP)
OK. Once you've downloaded Ubuntu the next decision will be where to install it. My suggestion is go virtual. I run Linux on my corporate laptop and on my personal iMac; both using VMware Fusion. As of this writing I am running v8.5 and the current version for Mac is v10. The other way of … Continue reading Getting Virtually Started
One of the modern corporate technology problems I used to deal with almost every working day was the screen saver settings on my corporate laptop. The corporate security team has done an amazing job of locking my PC down and making it safe. The down side of that is that they control the screen saver … Continue reading Getting Jiggler with it….
The Internet is changing yet again. One of my predictions for 2018 is that everyone will witness a migration from corporate or private data centers to the 'Cloud', or Internet hosted data centers. There have been tremendous advances made in both securing the Cloud and sharing with the broader technical community how to secure the … Continue reading It all in the Cloud(s)