|“What is different is that we’re going to have comprehensive coverage across federal networks, and that all the information about potential intrusions or malicious code would flow to a central point, the U.S. Computer Emergency Readiness Team at the Department of Homeland Security.”
Scott Charbo, as quoted in Analysis: Einstein and U.S. cybersecurity
Mr. Charbo is the Chief Information Officer at the Department of Homeland Security. He’s talking about EINSTEIN, a federal government’s intrusion detection software application. It’s been available since 2004, but now the DHS is going to make it mandatory.
What took them so long, you ask? Well, apparently there wasn’t a single “business owner” with enough power to mandate EINSTEIN’s global use until February, when President Bush signed that multi-billion-dollar cybersecurity initiative. EINSTEIN has received its share of criticism. Some detractors point out that it’s not robust enough. Some worry that if everyone’s using the same software, everyone shares the same vulnerabilities. Some people just seem content to make Bush/Einstein jokes.
I’m not sure what I think about this yet.
See also: Einstein keeps an eye on agency networks
|“QoE measurement is about being able to reconstruct the voice signal in a measurement device, and to then run signal processing algorithms to determine the call quality. This type of QoE measurement will deliver a score that much more accurately reflects the true user experience than results by just watching the network packet characteristics.”
– John Bartlett Quality of Experience (QoE)
|Both finger prints and iris patterns can be more prone to copying by a third person. But finger veins are not directly visible to a third person, which makes them more suitable for security use.
Hitachi spokesman Atsushi Konno, as quoted in Vein recognition touted for ID systems
I wonder if the finger has to be attached to a live person for this technology to work? That makes it even MORE suitable.
|In a dig at VMware, Microsoft claims the reason less than 10% of servers are virtualized today is because the schemes available are too complicated and expensive. And in another dig at VMware, Microsoft suggested that Dell, Fujitsu, Fujitsu Siemens, Hitachi, HP, IBM, NEC and Unisys would be pre-installing the final Hyper-V code on their machines. IBM, Dell, HP and Fujitsu Siemens pledged a few weeks ago to pre-install VMware’s freebie ESX 3i bare metal hypervisor on some of their gear.
Maureen O’Gara, Hyper-V Virtually Done
|If last year’s SXSW was Twitter’s coming out party, this year it achieved utility status. A utility is something that is always on, and essential. To lose it would be to thrust yourself into the dark ages. Water, electricity, gas … and Twitter. Sound like an exaggeration? Not for anyone who has spent the last few days watching the incessant live twittering at SXSW.
Rohit Bhargava, 6 Reasons Twitter Rocks and Sucks Simultaneously At SXSW
A look at Twitter just one year ago…
[kml_flashembed movie="http://youtube.com/v/1ouUrDZtMGM" width="425" height="350" wmode="transparent" /]
|“The mainframe survived its near-death experience and continues to thrive because customers didn’t care about the underlying technology. Customers just wanted the mainframe to do its job at a lower cost, and IBM made the investments to make that happen.”
Irving Wladawsky-Berger as quoted in Why Old Technologies Are Still Kicking
John Belmont shows us IBM’s newest mainframe, the Z10. It has a starting price of about a million dollars.
[kml_flashembed movie="http://www.youtube.com/v/LN4J4mClckA" width="425" height="350" wmode="transparent" /]
|I set my WildCharge pad up on my nightstand. After a phone chat, I tossed my RAZR cellphone over to the charging pad; four magnetic contact points on the phone’s adapter helped it stick to the pad. A chime indicated my phone made electrical contact and started charging…I really grew fond of not hunting for the correct cord to charge my phone. Instead, I’d finish conversations, reach over and simply drop my phone down as if I was laying it on the table.
Katherine Boehret, A Pad to Easily Power Up Your Phone
I really want one of these.
|Many people (including myself) have tried to “hide” SSID as a security measure. Unfortunately, efforts to hide SSID ultimately fail and degrade overall WLAN performance.
Lisa Phifer, Configuring service set identifiers
SSIDs are analogous to Windows workgroup names. PCs use those names to browse a network neighborhood and discover others in the same workgroup. When a PC actually tries to access a fileshare, permission is determined by computer name, user name and password. Similarly, stations use SSID to discover APs in the same ESS, but access depends upon other parameters like the station’s address, WEP keys and 802.1X credentials. Access requests must carry the right name, but the workgroup or ESS name is not a password – it identifies the resource to be accessed.
|The biggie in regards to Extrusion Detection is what ports are allowed egress at the perimeter. If you are serious about stopping information from leaking out, then you must enforce policy regarding what ports you allow egress, then you must have a way to apply policy to what is traveling egress on those ports. Your culture in regards to “acceptable use” will drive the solution.
Corey Elinburg, Some Thoughts On Data Leakage / Extrusion Prevention
[kml_flashembed movie="http://youtube.com/v/c91mSYYIJ5U" width="425" height="350" wmode="transparent" /]