If you tell enough stories, perhaps the moral will show up.


Martian Geography

Not a security story, but the Americans have got their lander down on Mars. Is it just me, or do they have much more success with rocket-assisted soft landings than balloons and inflatables and parachutes etc... Anyway there's a photograph back and if I recall school geography, those are permafrost hexagons all the way to the horizon. They've found the water they came for.


Slave to the Rythm

Slightly disconcerting moment this morning when I realised that I was striding across London Bridge precisely in time with Sophie Ellis Bextor on my music player.
How gay is that?
Still, I suppose I should be grateful -- it might have been Kylie.


Two Observations

  1. A sad little entry for change control at the meeting last week: ZWD the Zimbabwe dollar is now so close to worthless that the calculations overflow. Remove from the forex universe. No impact expected.
  2. The may is at its peak. The madder thorns are now iced with a continuous white crust. As quickly as it came it'll be gone....


Himmler Murder Memos in the NRO

This story in today's FT magazine is interesting in its own right, but it makes a good security story as well:

  1. Don't despise paper. Everyone quoted in the fake memos is dead, the empire they served is one with Nineveh and Tyre, and the record-keeping system was obviously not designed to detect this fraud, but the fakes can still be totally discredited. There is no shadow of a doubt that those notes are inauthentic, and the rest of the bundles they came from are real. What's the IT angle? Well, consider what you can prove with a signed page of printed hashes....
  2. The sideband rules. Laser printing on a document that purports to be twenty years older than xerography. Every suspect document having the file hole torn. These circumstances talk directly to the investigator.
  3. Listen to the language. The public school types who ran the war didn't talk like that and they certainly didn't write like that.
  4. Keep access records. One man only, ever, was recorded as accessing all those bundles....
  5. And of course, follow the motive. He wrote a sensational book...


Spam Counter - 2008 April: 2,123

Penis, pharmacy and watches, with a scattering of software and phishing. I was particularly encouraged by "She Will Squirt with Joy"...


Wasted Time

I spent some time going through the security morning checks with Internal Audit.

Report on event logs every morning, examined every morning, security incidents found in three years: none. Firewall traffic logs, examined ad-hoc over four elapsed years, security incidents found: one - an agobot infection on a bad build.

Hours wasted -- hundreds.

We're doing the wrong thing.

What's the right thing? There's too much novelty and too few admins in our network for IDS to be worthwhile. Just retain the logs but stop looking for trouble? The trick will be to do that, but keep looking responsible.


The woods are full of bluebells, and sunrise showers make elegantly decorated skies. Beech buds on the front hedge have just broken.