divisionbyzero

question . authority
14Aug

Airport Security

brad | Category: Rant | Comments Off
Tags: , , ,

Bruce Schneier always has spot-on posts. Here’s his editorial on last week’s terror plots.

It’s really that simple. Stop being terrorized. Stop being scared to live. Stop taking life so seriously, you’re never gonna make it out alive. We don’t need billions of dollars of security screening software/hardware. Anyone with a week of spare time will be able to circumvent it anyways. This security is just a show, and I’m not entertained in the slightest.

I’m not flying again until these ridiculous regulations stop. We know we’re accepting a risk getting onto a plane. We’re 30,000 feet in the air, and if something mechanical fails, that’s a LONG way down. You’re accepting even more of a risk when you get in your car to go to work. You’re a billion times more likely to die in a car accident than a terror attack. So why aren’t we campaigning against ridiculous bullshit by insurance companies and state legislations that waste your tax dollars to make them money instead of fixing problems with automobile safety?

It doesn’t sell papers.

Update: It now appears that some people with some experience in Chemistry have questioned the plausability of the terrorist plot.
Update 2: More information about the acquisition of the information that led to the arrests and wide spread media terrorism.

18Jul

Eating your own dog food

brad | Category: Article | Comments Off
Tags: , , ,

Most of the organizations I’ve been a part of, the IT staff usually has exemptions from IT policies if not significantly escalated privileges. This distances them from their users. I also happen to know and test MANY different ways to circumvent the policies and controls in place on the network. You can’t push policies and haphazardly grant exceptions to those policies to the group in charge of making them.

Read the rest of this entry »

12Jul

Trust.

brad | Category: Article | 2 Comments
Tags: , , ,

As a programmer, I’ve had the concept of “DON’T EVER TRUST YOUR USERS” beaten into my head. For programmers, this concept is incredibly important. Users almost always exceed your expectations for creativity with your new application. By planning for unexpected input, and properly cleaning all variables you can theoretically account for abuses of your system by malicious users and provide a graceful failure for users attempting to enter in bogus data.

This concept is key to PROGRAMMING. What I find astounding, is a large majority of corporations are adopting this practice for ALL IT related issues, and it’s even saturating into HR and other areas of employment. Working as a Security Administrator, I’m surprised that most employers have decided to not trust their employees. If you can’t trust them, then why would you hire them?

Read the rest of this entry »

Newer Entries »