It’s that time of the week again when we bring you the best of local security blogs. But before we get to that, we thought we’d share our tweet of the week along with a #totw that deserves honorable mention to get your afternoon started with a few laughs.
Our official #totw was a RT by @mubix:
grecs RT @mubix RT @secureideas: “When pen tester tells U they luv something, get it off yr network.” @agent0x0: “I luv Sharepoint.” #defcon #totw
Honorable mention belongs to this tweet by @technogeezer because it’s so true!
grecs LOL.. RT: @technogeezer: Someone here at CSC now refers to physical meetings as getting together in ‘meatspace’ #totw
Now, on to the posts!
#3 – Lessons From the Sandbox: If you are looking for great technical posts, @geminisecurity should be your first stop. Their latest post, “Protect Your Computer By Running Applications in Sandboxie” talks about the Windows utility Sandboxie—a program that allows you to run “applications in an isolated environment on your computer so you can protect yourself from malware, surf the web, and maintain your registry without affecting your host system.” They also note that “Sandboxie is a good alternative to setting up a virtual machine, especially if you just want to run a quick test or two without having to wait for an entire operating system to boot up.” Be sure to read the post and learn more about Sandboxie here.
#2 – The Bureaucracy Is Down: In his post “Blast From the Past,” TaoSecurity’s Richard Bejtlich uses an example from his own life that illustrates the sometimes ridiculous nature of tasks given by large organizations. In Bejtlich’s case, it was the Air Force that had given him and his co-workers what seemed to be an impossible mission: Centralize Air Force email within the course of a few months. Needless to say, such a feat was impossible in such a small amount of time. But now, nearly 11 years later, Bejtlich says that it is finally happening; that Air Force email will be starting the centralization process at Keesler Air Force Base, Miss. But as he says at the end of his post, “[s]o, about 11 years after being told to accomplish the same task, the effort will be done! I think there are lessons here for anyone with a similarly large, bureaucratic, turf-centric, distributed, decentralized, global organization.” Be sure to read the full post here.
#1 – Help Isn’t Coming: Leave it to @rybolov to hit the nail on the head when it comes to the Cybersecurity Coordinator position and why, even after two months, it still hasn’t been filled. In his post “Help Wanted,” he poses the following question: “So let me give you a hypothetical job: You have to give up your high-paying private-sector job to be a Government employee. You have tons of responsibility. You have no real authority. You have no dedicated budget. You have no staffers. The job has had half a dozen people filling it in the last 7 years. The job has been open longer than it’s been staffed over the past 7 years.” Does that sound like a job that any of you would want? Didn’t think so. By being blunt (unlike government officials), @rybolov makes excellent points as to why the Cybersecurity Coordinator position is still empty, and will likely remain that way unless something changes. Be sure to read his full post here.
Well, that’s all for this week. Be sure to follow us @grecs for more great posts throughout the week!
No related posts.
