Another Update

• I’ve been at UHN for a month now. It’s been a bit of work coming up to speed on the projects, but I’m being effective, which is what counts. Besides, it’s fun!

• The kids have both been away to, and returned from, two week camp excursions, and both want to go on longer trips next year! They grow up so fast…

• Twitter and Facebook have pretty much replaced this weblog for day-to-day stuff, unfortunately. I’m not happy about that; I prefer having my “stuff” under my own control. Alas, they make it too easy to use, especially now that a) I have an iPhone, and b) I’m behind a nanny-state web filter during the day.

Employment Update

The last few months have been a bit of a roller coaster ride; the next few will prove to be one also (although very different; wooden vs. steel, maybe? anyway…)

The Monday after the Century Cruise (back in February) my boss called to inform me that HP was placing me in their Work Force Redeployment program, which gave me four weeks to find another job, after which I would be placed in the Work Force Reduction program. There were no other useful jobs in Toronto (not even over at EDS), and so at the end of March I became an ex-employee of HP.

Outside the Box

Social engineering is fun!

Fear of Aerial Images

refuse to be terrorized

Hateful?

In my random walk through the Internet this morning, I visited several news articles with comments sections.

Why are people so hateful, so judgmental, so prejudiced (in the classic sense, i.e. making up their minds without facts)? People write that they’ll hate a (good) TV show after reading an interview with one of the actors. People heaping vitriol on a woman they’ve never met, and don’t know anything about. It’s ugly. YouTube is awful for this, although at least people are talking about that.

At the sound of the tone, the time will be ...

Perverse Security Incentives

Yet another example of the premise that if you want to understand the world around you, look for the incentives…

Schneier on Security: Perverse Security Incentives

Incentives explain much that is perplexing about security trade-offs. Why does King County, Washington, require one form of ID to get a concealed-carry permit, but two forms of ID to pay for the permit by check? Making a mistake on a gun permit is an abstract problem, but a bad check actually costs some department money.

Kid Walks to Soccer, Neighbors (sic) Call the Cops

A Mom Lets Her Son Walk to Soccer…And The Police Come Calling

From the Free Range Kids blog, the story of Lori from a small town in Mississippi, who sent her 10-year-old on foot to soccer practice, only to have him picked up by the cops, who reported “hundreds” of 911 calls by curtain-twitchers who were horrified at the thought of a 10-year-old walking a third of a mile to a local school. The cops told her she could be charged with child endangerment After she complained to the cops, the local police chief called her to apologize and to reassure her that she lived in a safe neighborhood. The moral of the story: stand your ground when crazy people tell you that your kid needs to be swaddled in bubblewrap until she’s 22.

Schneier on Security: The Kindness of Strangers

Schneier on Security: The Kindness of Strangers

The Kindness of Strangers #

When I was growing up, children were commonly taught: “dont talk to strangers.” Strangers might be bad, we were told, so its prudent to steer clear of them.

As it turns out, this is profoundly bad advice. Most people are honest, kind, and generous, especially when someone asks them for help. If a small child is in trouble, the smartest thing he can do is find a nice-looking stranger and talk to him.

Defense in Depth

[The World’s Biggest Diamond Heist(https://www.wired.com/2009/03/ff-diamonds-2/)

These guys managed to blow through many layers of hi-tech security with careful planning and some low-tech tricks, and one huge security gaff: the “unduplicatable” key for the vault was hung on the wall in a storeroom next door.

My favorite bit, I think, was how they disabled a magnetic sensor on the vault door, that would detect the door being opened; they brought a piece of aluminum covered in double-sided tape, stuck it over the sensor pieces, unscrewed the pieces from the vault door and door frame, and swung them out of the way. The sensor was never triggered because the two pieces remained in contact…

Nerdigras

Tomorrow is the first day of nerdigras ; let the festivities begin!

(I wonder what the pancake-equivalent is? :-)

Nut Allergy Hysteria

Who would have thought that a threat to children would be exaggerated by parents, teachers, and the media? “Not I,” he said sarcastically…

BBC News - Warning of nut allergy ‘hysteria’

Measures to protect children with nut allergies are becoming increasingly absurd and hysterical, say experts.

A peanut on the floor of a US school bus recently led to evacuation and decontamination for fear it might have affected the 10-year-old passengers.

Denis Mcgrath - Skins

Denis McGrath is a Canadian television writer and producer. A couple of years back my friend Debbie interviewed him about his career and about Blood Ties, the television version of Tanya Huff’s Blood books. I recently rediscovered him while catching up on Season 2 of The Border, and subscribed to his weblog (Dead Things ON Sticks) after finding info about the show there.

Anyway, long story short, Denis recommended a British show called Skins, which he described as

Timing is Everything

Take a new computer and install Windows XP. Connect it to the Internet to download service packs and other patches. Before you have finished downloading and installing, your computer will have been hacked. There are so many automated probes running that you’re almost 100% sure to be infected by one of them. Researchers do this all the time with honeypots, to find out what payloads are currently in the wild.

Back to Work

And what a way to come back to work it was!

Over the holidays, IT security used the Windows RPC flaw to “break in” to all of my Windows servers. The payload disabled TCP/IP in the registry, and modified the boot.ini to disable system startup. I spent today manually booting servers one by one and re-enabling TCP/IP, so that I could download and install the required patches. I am extremely glad that I have remote consoles on all of my servers, or I would have had to make the long trek out to Mississauga to fix everything!

Christmas

Christmas dinner was another success; Micki out-cooked herself once again!

Charlotte has recently become addicted to Food TV, and she and I have been watching Chef at Home. We decided to make a smoked salmon appetizer and a triple-chocolate dessert, along with our usual dinner rolls. It was a lot of work (especially the milk chocolate bowls!), and Charlotte carried the lion’s share, especially after I injured my hand. We pulled it off; granny was heard this morning proudly telling a friend about Charlotte’s dinner rolls and dark chocolate mousse dessert!