Skip to content

Archive for

Attacking from Within

We spend a lot of time fortifying our data systems and networks to prevent outside attacks. Recent data breaches at TJX Companies, Card Systems, and the Department of Veterans Affairs remind us of the different ways outsiders can gain access to our systems and conquer massive amounts of highly sensitive data.
However, my third example above – the VA, also gives clue to what I think is the most dangerous risk of all – the threat of an insider compromising systems (knowingly or otherwise). The Air Force has been doing research into developing a system that would help pinpoint potential internal threats.

Security efforts have tended to focus on outside electronic threats, explain Peterson and colleagues. However, they point out that it is insiders that pose the greatest threat to an organization. Insiders are members of the organization who may have access to sensitive information for legitimate purposes but who could betray that trust for illegitimate reasons.

This is pretty ineteresting stuff that plays into using computers to detect non obvious relationships. One downside to this type of technology is that it could be used to detect whistleblowers. This article I’ve linked to talks about them running their system across the email history of Enron. And while it doesn’t flat out name Sherron Watkins as being a potential threat, some other materials I’ve read on this system have indicated that she was one of the people flagged by this system.
Pretty interesting stuff to keep abreast of.
Read More -> Sniffing Out Insider Threats

World War 3, Terminator Style?

It’s funny to look back at science fiction from the 80’s and see it turn to science fact. Unstoppable robotic kill machines that could think and act on their own was the central premise of the Terminator movies. Today the U.S. government has robotic drones that are remote controlled by humans and around 4000 of them are deployed in Iraq and Afghanistan. The article I’ve linked for you below talks about one project that seems to be fast tracked in the department of defense is seeking to develop robots that can make decisions on their own and determine when to use lethal force.

But the Pentagon is nearly 2 years into a research programme aimed at having robots identify potential threats without human help. “The main problem is that these systems do not have the discriminative power to do that,” he says, “and I don’t know if they ever will. “The US and other governments have also set a very short timeframe to achieve such sophistication, says Sharkey. “It is based I think on a mythical view of AI.”

I should probably worry about my government building these machines and to what uses they will serve. But right now I’m more worried about other countries / groups developing the same thing. Just imagine facing an army that does not shed blood. You could argue that this would deter war, but wars as we know them have fundamentally changed. Rather than battling countries, we are battling super-empowered individuals. Mutually assured destruction does not bother them. And this is exactly the kind of tool that they would love to employ against us.
Read More – ‘Robot arms race’ underway, expert warns – tech – 27 February 2008 – New Scientist Tech

The Day After The Marathon

This video made me chuckle…

Thought For the Day

Unfortunately this thought is not swimming, cycling nor running related. But it struck a chord with me as I spend 40 hours a week dealing in the information technology world architecting and building solutions that solve business problems.

Great employees routinely overcome bad or non-existent process, ineffective leadership and governance, and messy technical architecture. Bad employees just as routinely cause even the best process designs to fail while turning elegant architecture into a tangle of spaghetti, and efficient governance into meaningless committee meetings as projects become eternal.

Read more thoughts on the connection between IT process and leadership. Ignore his rant on the CMM. The paper he cites is from 2005 using data from 2001 and takes a very United States centric view. My experience has been that overseas companies, particularly those in emerging economies have widely adopted CMM and the more recent CMMI-DEV. The reason? They don’t have 50 years of legacy methodologies / code / people that are all resistant to change. But that’s a topic for a different day.

Airbus says in talks on superjumbo casino – Yahoo! News

Sometime around Y2K I postulated that one day air travel would be provided free and funded by casino gambling. My assertion was that someone like myself would book a flight from Atlanta to Los Angeles and once we reached cruising altitude the blackjack and craps tables would open. That may very well be coming true.
Read More -> Airbus says in talks on superjumbo casino