StillSecure, After All These Years

Grant Hartline, CTO over at Mirage has an article up on his blog called Pre-Admission NAC. In it Grant tries to give some advice about the "often controversial topic of pre-admission NAC policy".  Grant says that at a start and perhaps at an end too is you need to determine us vs them (managed versus unmanaged) and un-testable (IPphones, etc.).  Then Grant says you can set tests for on going risks and gives a few examples. 

Grant is right on if you are using the Mirage product which has at best limited pre-connect testing.  The real strength of the Mirage product (at least according to them), is in detecting malicious behavior after a device is on the network and ARP twiddling it (hey don't make fun, they have patented ARP twiddling raising it to a new level of I don't know what).  However, because Grant uses this particular hammer to solve this problem, everything to him looks like the same nail.  But if you had another tool that was capable of much more in the way of pre-connect testing, you might look at this problem very differently.

At StillSecure, our Safe Access NAC product can perform over 1800 tests in a matter of seconds as a device seeks to log on.  Because of this, the spectrum of "nails" we can check is greatly expanded. Therefore you are not limited by performance or time to settling for a minimal set of tests. 

Now whether you think there is value in having so many more potential tests available is up to you as the NAC administrator.  But like many things, getting the right result depends on using the right tools!

One of the things you always hear about lame duck US Presidents is they are always very concerned with their legacy.  How will history treat them.  Will Bill Clinton be best remembered for the economic prosperity we enjoyed under his administration or will it be about what he did with some White House intern?  In the case of George W Bush, did he keep America safe after the terror attacks of 9/11 or did he involve us in an unnecessary and costly war, ruin the economy, etc, etc.  I don't care what side of these you are on, the important thing is when a leader leaves, how he is remembered and what his legacy is critical.

Yesterday we heard about two high profile tech leaders leaving.  Over at Symantec, John Thompson will retire at the end of this fiscal year.  At Yahoo, Jerry Yang one of the co-founders at Yahoo stepped down.  How will history treat these two?  Is it fair?  I think probably not.

Lets first examine Yang.  An icon of the Internet era, he gave life to one of the original Internet powerhouses. It seemed that Yahoo was going to be one of the four horsemen of the Internet going forward.  Starting with search, they moved well beyond mere search.  The company spawned countless dot com millionaires and made billionaires of Yang and his fellow co-founder.  If Yang would have stayed out of it when he first left Yahoo, his legacy would be secure as an Internet legend. But he came back to help Yahoo compete in the Web 2.0 Internet.  An Internet where Google is the undisputed king of search and Yahoo had to learn to monetize other areas of the business. But Yang I think is destined to be best remembered as the arrogant techie who refused to come under Microsoft's thumb and turned down a 10's of billions of dollars offer.  While he was offered 33 dollars a share, his stock today is under 11 dollars.  To add salt to the wound, after cozying up to arch enemy Google to thwart Microsoft, Google tossed him aside like yesterdays news.  I am afraid history will not look kindly on Yangs legacy. In fact the future of Yahoo itself is no longer StillSecure (hey I couldn't resist the plug).

Thompson on the other hand I think will be treated much more kindly by the historians.  John was not a founder at Symantec.  But ten years ago he took over a consumer computer security and utility company and turned it into one of the biggest software companies in the world.  Though there are many who point to a lack of innovation and execution, as well as integration at Symantec, the fact is that under John Thompson, Symantec is a giant.  They are big Yellow.  They have moved beyond security into storage and network management.  They have added to the consumer segment both enterprise and mid-market.  Symantec is in fact ubiquitous.  I think that is the legacy that John Thompson will be remembered for favorably by history.

Related articles by Zemanta

• Yahoo co-founder to resign as CEO
• Yahoos quietly cheer Yang's exit [Cubicle Culture]
• Yahoo!: Koogle, Semel, Yang... Next?

I was reading Steven J Vaughn-Nichols column the other day entitled, "Sun: Dead company walking". Vaughn-Nichols laments that Sun is probably doomed and too bad, just when it realized that it is truly an open source company and given the chance could be so successful, but it is probably too late. Of course realize that Vaughn-Nichols is an open source bigot who thinks open source is the answer to all things and that Microsoft is the anti-Christ incarnate. 

All of the doom and gloom surrounding the recent bad news at Sun got me to thinking. When I was early in my tech career a Sun server running the latest version of Solaris was the baddest game in town.  Yes, if you were doing media maybe a Silcon Graphics box was hotter but Sun owned the data center.  Utlra Sparc's were our web server of choice in those days. The web was owned by Sun gear. Even though LInux was there, it was not as secure, stable or as scalable as Solaris.  Sun seemed to have the world on a string and was even able to tweak Bill Gates nose.  So where did it go wrong? 

Some like Vaughn-Nichols will say Sun was too late in adopting open source like LInux and such. I say the opposite, I think Sun went wrong trying to be too much and too open to too many people. I think trying to make Solaris work on Intel as well as it did on Sun CPUs was a mistake.  I think making Linux work on SPARC as well as Solaris was a mistake.  Yes the platform was proprietary, but it rocked.  Rolls Royce engines don't run in Chevys and Ford parts don't fit onto a Bentley. 

When Sun tried to appeal to the every man, instead of being the Geeks hot rod, things started to unravel.  I think their business at the high end was a sustainable model.  No they were not going to over take Microsoft, but they would not be in the place they are today either.

Related articles by Zemanta

• Sun Microsystems to cut 5,000 to 6,000 jobs
• Sun readies Web stack featuring choice of OSes
• Solaris exec touts Unix platform's strengths
• Sun Solaris going on Fujitsu's Intel servers
• Sun launches OpenSolaris, inks deal with Amazon

Richard Stiennon is up to his old tricks again.  The latest from the IDS is dead, then NAC is dead, yada, yada, yada is dead is this:  Twitter is dead.  First Richard wrote a few days ago about Twitter being doomed and now he is laying out the scenarios in this article.

Richard is if nothing else, consistent.  In the meantime if Twitter is as dead as IDS, all of their investors will be doing somersaults!  Funny thing is I notice Richard using Twitter quite a bit lately, as well as pimping for followers. Now of course Richard is also the person (or so he claims) that told McAfee who and what to acquire to make themselves who they are today as well.  In fact, Richard is I think the Al Gore of information security.  So what could be next, poor security leading to global warming?

Image via Wikipedia

In a case of all good dogs companies go to heaven, John Chambers says that Cisco is aiming even higher than the cloud.  It wants to be the "best company in the world, and the best company for the world". Chambers says the company can "help bring peace to the world".  With that kind of mission and aiming higher than the clouds, where else is there to go other than heaven.

Of course I am sure that John will be sure that Cisco does this without any selfish, profit-driven, carbon burning, monopolistic practices whatsoever.  Maybe what we need is everyone to pay a Cisco energy tax to help John and his band of merry men achieve their angelic goals.

Related articles by Zemanta

• Cisco preparing for downturn? [Cutbacks]
• Cisco cancels big sales conference [Cutbacks]
• Cisco Looking to Start Growing Again - But How?

Until we get the SBN up on its new home (stay tuned for info) here is a link to an OPML of the member blogs of the SBN.

For those of you wondering what happened to the Security Bloggers Network feed, let me explain.  Feedburner's new masters, the Google collective decided in their collective wisdom (or perhaps it was just the Google Queen) that blogger networks were not going to be part of the plan going forward.  I had heard of this decision some time ago but had asked first for reconsideration and then for special consideration. But you all know that with the Google-plex collective resistance is futile. 

So with my blog feed being switched over to the new Google infrastructure, my own blog is not listed on the html page for the SBN and the SBN feed is not running right now I believe.  But not to worry.  The SBN has come too far to suffer such an assimilation.

I have been working with another company that I can't mention today. They already work very closely with Feedburner and Google.  They and I are already talking about the new home of SBN. We will be taking the existing spliced feed and giving it a new home, bigger and better than ever. You may just have to subscribe to the new feed. There will be some cool new features around it and more for both bloggers and readers. I should know more after the weekend and will announce it to everyone. Until than you may have to hunt down your favorite security bloggers one by one. Or you can look for us for now by finding Unimatrix Zero.

Authors note: It appears that even my old feed address is not working, so you may have to subscribe to the new feed address.  Sorry for the inconvenience. Subscribe in a reader

Related articles by Zemanta

• Google Assimilation Complete: FeedBurner Accounts To Merge With Google Accounts
• FeedBurner to Google
• FeedBurner May Not Be Hearing Your Pings (Marshall Kirkpatrick/ReadWriteWeb)

I was cruising/perusing the Security Bloggers Network feed last night.  There is just so much great content on a daily basis in there it is unbelievable. Two articles from two blogs I have not highlighted before caught my attention and moved me to comment here:

1. Scott Wrights Security Views blog has a post up "The first steps in reducing the embarrassing frequency of college system breaches". Scott calls colleges and universities to task for seemingly to be constantly the victims of breaches and security incidents.  I agree.  They are victims because for the most part they allow themselves to be victimized.  The edu market gets great discounts on security technology.  The problem is many of these schools are more concerned about providing access than they are about security.  They are in no win situations. They have to give students access, they can't install software on a students machine, many of these students are young and immature enough to either intentionally or unintentionally do wrong things. But the budget, the level of expertise and the will to do something is overall lacking at most of the schools I have seen.  Until that changes, we will continue to see the edu market as the victims in this ongoing tragedy.

2. Monkey-House.org has a good article titled "Barracuda Spam "Firewall Drowns in The Ping River". The author laments the fact that though he owns his Barracuda firewall appliance, he is not allowed to SSH or have root access to the box.  Unless you pay Barracuda a training fee to be "certified" on the box. 

I have heard both sides of this story.  The vendor claims by giving people this level of access they screw the box up worse and only make for more problems. We have seen this at StillSecure where people actually installed additional software on our appliances (it runs Linux) and when that conflicted with the StillSecure software it was a nightmare to troubleshoot and fix. On the other hand, I strongly believe that you own the box, you should have root access to it.  I don't think that is unreasonable and we continue to do this at StillSecure. What do you think on this one?

This post is for my fellow bloggers in the Security Bloggers Network.  If you are planning on attending or would like to attend the SC Magazine World Congress this December at the Javits Center in NYC, you are eligible for a press pass.  The pass allows you to attend sessions and the exhibits for free, as well as more perks.

If you would like to apply for your press credentials please contact me at podcast@stillsecure.com by Monday. Please include your SBN member blog URL to verify your membership. I am submitting the final list to the SC Mag folks Monday evening.

Also, for the analyst and mainstream media community we will be having a StillSecure cocktail hour.  If you would like an invite please contact me at podcast@stillsecure.com as well.

It should be a great show and I hope to see many SBN members at there.

Related articles by Zemanta

• How about a discount for the SC World Congress?

I get so busy with work stuff, worrying about the economy, who will win an election, are we secure, that I sometimes forget what is really important.  What is really important is spending time with my family and watching my two little babies grow up to be boys.  I was reminded of that again tonight.  A friend gave us tickets to the Florida Panthers hockey game.  It was last minute and the two boys and I ate dinner, jumped in the car and headed down to the Bank Atlantic Center.

The Panthers do a great job putting on a show for the kids.  Though the arena is less than half full, they have all kinds of contests and other kid related promotions and activities.  My boys really enjoy going to Panther games.

I on the other hand really enjoy going to anything with my two sons.  It never fails that they do and say things that make me realize how fast they are growing up and how lucky I am to have them.  Tonight when they sang the Star Spangled Banner instead of having to tell them to stand, they both got right up.  My youngest son Bradley took off his hat and held it over his heart.  Watching this little 7 year old standing there at attention with his hat over his heart, singing the words to the National Anthem, I was pretty close to tears.

After this a commercial on the scoreboard talked about going to a local college and getting an education so that you "can go places".  My 9 year old son Landon looked at me and said, "Dad that is what I want to do, I want to go to college so I can be like you and go places."  I was so touched that he would want to be like me.  I had to explain to him that going places was more than just actually going to different places, but that there was another meaning to it.  I thought about it. I don't want him to have to go to different places, but I sure as heck hope that he does "go places".  But the simple way he said this which encompassed how he thinks about me was enough to make me realize how blessed I am to have these two boys.

So remember time marches on and the little ones don't stay little forever.  If you are lucky enough to have kids, cherish every day and moment you can spend with them.  Before you know it, they aren't little anymore.

Sometimes when you try to explain something you can't help but muddy the waters.  That is exactly what happened to Tim Greene in this article he wrote about endpoint based NAC in Network World. Hey I am not knocking Tim though. I get some of my best material from his column.  Anyway, in this weeks adventure Tim is seeking to compare the pros and cons of endpoint based NAC to other types of NAC technologies.  He has the same old regular guest stars featured, Rob Whitley of Forrester, Ofir Arkin and a couple of special guest star NAC customers.  I am not going to regurgitate Tim's entire article.  Instead lets go to the videotape to the facts.

Here is the background.  There are three types of NAC

1. Network or infrastructure based NAC - Like Cisco and Juniper and StillSecure, it uses the network switches and infrastructure to enforce and detect devices coming on the network
2. Endpoint based NAC - an agent on the endpoint does the heavy lifting and the testing and enforcing.
3. Appliance based NAC - sits on top of the network and usually uses some clever (or flaky) way of enforcing like ARP poisoning, TCP reset and the like.

Also, whether the NAC system is based on testing before or during a device logging on or just waiting until you see something bad is another way of separating the real deal from the pretenders in NAC.

So with that as a background here is what Tim wrote and what I say:

NAC products that enforce policies via Dynamic Host Configuration Protocol (DHCP) proxy servers do nothing to stop machines that obtain static IP addresses and don't use DHCP to make their network connections. That makes significant portions of corporate networks invisible to the NAC access control products, says Ofir Arkin . . .

Come on Tim that is so 2005.  I don't even think Ofir is pushing that crap anymore.  Yes spoofed and static IPs are a challenge, but not fatal.  There are many best practices to overcome this type of issue, not the least of which is an RDAC (remote device activity capture) or scan on connect module such as StillSecure Safe Access NAC has.  Also depending on your switch and DNS/DHCP vendor you can handle this problem that way as well.

Next:

The major downside to endpoint-enforced NAC is largely theoretical so far and one that customers seem willing to overlook. The problem is that rootkits can take over machines to make them lie about their health. This underlying endpoint problem can be mitigated by software that monitors behavior of machines to determine if they are acting badly. And lying endpoints haven't actually proven a problem for many customers.

Tim, the "theoretical" problem of trusting an endpoint to report on itself is more real than that. Ask Richard Stiennon if you have any questions.  In fact this is a reason why some people choose not to go endpoint based NAC.  However, that is not the major downside to endpoint based NAC.  The major downside is there is no guest access solution.  What do you do if the endpoint does not have the agent installed and you can't make them install the agent.  Saying that you than need a second type of NAC is not elegant as Rob Whitley says.  In fact it is downright ugly. When you consider that guest or unmanaged access is the biggest driver in NAC, that pretty much sinks the endpoint based NAC approach.

And finally:

To deal with this problem, McAfee, for instance, is adding enforcement of NAC policies based on behavior via its IPS appliance and next year via a dedicated NAC appliance.

Guys, if the only defense you have is IPS, that is fine, but lets not say that is an effective NAC solution for guests.  You are bound by what the IPS can detect and it takes a lot of IPS boxes usually.  Not a scalable model at all.  Of course you could wait for McAfee to resurrect the Lockdown appliances.  It didn't work before and it probably won't work now.

Now wouldn't it be great if there was one NAC solution that covered all of these bases from one management console? You bet.  If you are looking for one that does that let me know or check out StillSecure Safe Access!

Alta Vista, Excite, Infoseek, Ask Jeeves - do any of these ring a bell?  The back alleys of Silicon Valley are littered with the corpses of search engines that couldn't. Google has beaten most of these names into the annals of history.  Only Yahoo and Microsoft (with their deep pockets) still put up some token resistance to the Borg-Google collective. Why? Do we like the Google color schemes?  Do the double "0s" get us.  Do we like the idea of advertiser based searching?  No, No and no.  We use Google because more than any other search engine out there, when we want to find something, Google finds it for us.  The algorithms and intelligence Google uses results in what we are looking for.  Forget Android, Google Apps, Google Maps and all of that other stuff, we use Google because their search renders the most relevant results.

Could there by a new player on the horizon that that gives us more relevant results?  Could there be a "riot" in the search arena?  If you believe what the folks at OneRiot say, there very well could be. In an age of social networking, this is a social search engine.  OneRiot gives you search results not based upon how many links are there to that page.  The results you get are based upon the popularity of those pages as measured by people on the net.  This should result in links not to the wikipedia page, but to pages that real people look at when looking for a particular keyword.  This could be the key to breaking out of the collective. To paraphrase what Jon Landau once said about Bruce Springsteen, I have seen the future of Internet search and its name is OneRiot.

Besides the search OneRiot plays on its social media roots and has some really great add ons.  There are plug ins for my space (why no facebook guys?), twitter, web slices for IE8, etc.  Check them out.  Also you can make their searches better by installing their pulse checker.

OneRiot is based in Boulder, Co and in full disclosure I have some friends who work there.  But don't let that hold you back.  Go check out OneRiot and see for yourself that there can be more to search than being another drone of the collective.

One of the most prolific contributors to the Security Bloggers Network is the BelSec blog of the Belgian Security Bloggers Network.  The folks from BelSec contacted me about a year ago and asked if they could join the famous SBN.  I was flattered that they thought the SBN was famous and after checking out the sites sent them an invite. 

Well over the last year the BelSec crew have certainly proven themselves as great members of the SBN and a valuable resource to the security community.  Tomorrow (today for those in Europe) they celebrate their one year birthday. The crew at BelSec has a lot of activities planned throughout the day.  Stop over, see for yourself and enjoy.

Happy birthday BelSec and many more. Keep up the good work!

So Chris Hoff thinks he might have come across the perfect solution to his vexing cloud/virtual security issues.  A comment from from Greg Ness over at Infoblox fired up a synapse in the Hoff's brain and he recalled that the TCG/TNC's IF-MAP protocol could really help with the whole in the cloud/virtual conundrum.  Chris wants to know how many vendors outside of the NAC space are actually supporting IF-MAP.

So while I don't stay as close to the goings on at the TCG/TNC as I would like to, let me venture a guess.  I think very few vendors are actually supporting and have implemented it.  In fact it is not just non-NAC vendors, it is NAC vendors as well. Other than Juniper, I am not aware of another NAC vendor who actually supports MAP yet. Not because we don't want to, it is just not important enough. I was also very jazzed about it last year at Interop. Customers have not demanded it. So no one has the cycles to spend on it. Yes Infoblox would make the comment on your blog.  I think they are the people who originally came up with the idea and pushed it through the TCG with their own server as the storage container.  Beyond that I though ArcSight was behind it, but don't know how far they have gone either.

Chris unfortunately like the TCG/TNC NAC standard itself, without more customers demanding it, it remains in the nice to have category instead of the must have category.  So in your lingo, there are many more haznots, than there are haz's and it will probably stay that way.

The Telex machine is kept so clean
And it types to a waiting world
And mother feels so shocked
Father’s world is rocked
And their thoughts turn to their own little girl
Sweet 16 ain’t that peachy keen
Now that ain’t so neat to admit defeat
They can see no reasons
'Cos there are no reasons
What reasons do you need?

Oh Oh Oh Oh
Tell me why
I don’t like Mondays
Tell me why
I don’t like Mondays
Tell me why
I don’t like Mondays
I wanna shoo-oo-oo-oo-oo-oot
The whole day down, down, down, shoot it all down

- The Boomtown Rats, I don't like Mondays

Well our economic news week was off to a rockin' start today.  First came word that Circuit City was filing for Chapter 11.  Well at least there should be some good liquidation deals on TVs and stuff in time for the holidays.  While supplies last that is. They had previously announced they were closing 155 stores and their stock was on the verge of being de-listed, so this should not be a surprise.

Next came word that DHL, which is actually owned by a German firm, is basically abandoning the US domestic market and will just service international deliveries from and to the US.  This will involve the loss of about 9,000 jobs, most of them in Ohio.  Just what that area needed. DHL was always a distant third to Big Brown UPS and FedEx.  Still, more tough news, more jobs lost, more bad news. 

This comes on top of some pretty grim news from the US automotive industry and giving our favorite insurance company, AIG another multi-billion dollar bailout.  I don't agree with people who say that all of this bad news will not have a chilling effect on IT in general and security in particular.  Just as a rising tide lifts all boats, an outgoing tide makes them all lower as well.

Related articles by Zemanta

• Circuit City files for bankruptcy
• Circuit City Files For Bankruptcy
• Yikes: Circuit City files for Chapter 11 bankruptcy protection

Just when we thought we would see a net loss of security analysts blogging comes word that it is not to be the case.  First former analyst and now vendor puke, Mike Rothman tells us about the big G men starting to blog out in the open. Now comes word that former G man (among other things), Richard Stiennon is once again firing up IT-Harvest and the accompanying ThreatChaos blog. Just when Rich Mogull and Adrian Lane thought they only had to compete with the 451 guys.  It just goes to show that Stiennon's first and only law on analyst blogging is indeed true.  Analysts abhor a vacuum and love to hear themselves speak (or write).

I heard that Richard was not going to re-launch ThreatChaos because he was about to take an executive position with a NAC company, but that NAC company went out of business.  Too bad, I would have liked to see Richard hawking NAC. Just kidding.  In any event and in all seriousness I actually like Richard and despite our many blog slugfests, have a lot of respect for him.  I wish him well in this old/new endeavor and I am sure he will have lots to say now that the handcuffs are off.  Look for the new Threat Chaos in the Security Bloggers Network feed soon.

So courtesy of the folks at SC Magazine and the Security Bloggers Network here is a great offer to attend a great security conference.  This offer is for the inaugural SC World Congress this December 9-10, at the Javits Center in NYC. The show has a great schedule and an "A" list of speakers lined up.  Unfortunately (or fortunately depending on how you feel about it) no vendors will be speaking, only "real experts", so you won't hear from the likes of me or other vendor pukes.

With the economy the way it is, I know many of you are probably finding it difficult to get buget to pay to attend conferences, not to mention budget for travel and expenses. With so many folks in the metro NYC area, SC World Congress is a great chance to get some top notch sessions in. So here is a way to make it a bit more affordable.  If you would like to attend the SC World Congress, here is a quick 35% off!  Just use Blog1(for a one day pass) or Blog2 (for a two day pass) in the special offers section when you register for the show.

There you go, what a deal!  I will be at the show as will StillSecure. If you are attending, come by and say hello!  Hope to see you there.

When I was in college some of the "cool dudes" used to have a contest.  If you did not meet anyone at a bar or club by the time it got late, say 2 or 3am, you had the ugly girl contest.  The thinking was you were not going to meet anyone great at that late hour, so you might as well go for something that you could laugh about tomorrow.  Of course you would never call that girl again after that night.  She was a 3am'er.  Me, I was lucky to meet anyone I could, so wasn't cool enough to play that game, but heard about it plenty.

Hearing the story about how Google pulled out of the joint advertising deal with Yahoo reminds of that story. When Microsoft was trying its best to pick up Yahoo, Google treated Yahoo like she was the prettiest girl on the block. They were willing to do just about anything to keep Yahoo out of Microsoft's hands.  Jerry Yang and the team was only too happy to point to its Google deal as a poison pill that Microsoft would not swallow.  Of course the Microsoft-Yahoo deal never happened and the Google partnership was a big reason why.

Now that the Microsoft-Yahoo deal is off the table, Google dropped the Yahoo partnership as soon as the water got a little rough.  I think Google was only too happy not to go through with the deal.  Yahoo is after all a competitor still.  They dropped Yahoo like the girl they met at 3am the night before. In the cold, light of day they could laugh about it, but they would be damned before they continued hanging out with them.  Google got what they wanted by keeping Yahoo out of Microsoft's hands.  When they were done they threw away Yahoo like a cheap date. 

Shame on Yahoo for being used and abused like that.  I could understand why a Yahoo shareholder would be upset with this.

Related articles by Zemanta

• Jerry Yang Talks About Microsoft, Google and more at Web 2.0
• Splitsville for Google and Yahoo

Image via Wikipedia

Just one more post today on the tumultuous events of yesterdays election. Too many of us, including me have focused on Obama's race being such a defining aspect of this achievement. However, the more I think about it, I realize it is not the color of Barak Obama's skin. It is his age and the true "passing of the torch to a new generation". 

Obama is just a few months from my own age.  For the first time we have a contemporary of mine running the country.  Someone who grew up at the end of the crazy 60's.  Lived through the ups and downs of the 70's.  The drugs, the disco, the ugly hair and clothes.  He probably watched Happy Days and Mork and Mindy.  Our next President is someone who went to school during the 80's.  Saw first hand what the Regan revolution did and didn't do for our country. Has watched us fall behind in many ways that we would have never expected in this country.

That is what is exciting about this new President. Looking at the world's new problems through a new generation.  A new age President for a new age world. I don't remember when Kennedy was elected, but this is more similar to that I bet than anything else.

I am excited about our generation stepping up and taking our place in history.  Recalling a poster I had in my room as a little boy, I think we can make the world safe for children, plants and other living things.

No, not Barak Obama.  I am talking about the winner of a free three pass to the CSI show in a few weeks in DC.  Thanks to Robert Richardson and the folks at CSI, I was able to award a this free conference pass to Jeff Evenson for his comment on why going to shows like CSI is helpful for him.

Congratulations to Jeff and enjoy the show!

In just a few short years the move from dial up to broadband in our homes is complete.  Do any of you know anyone who still uses dial up for Internet access anymore? The US is actually behind much of the rest of the world in broadband access as well.  Many other countries have cheaper, faster access than we do. 

All of this fast access has also transformed what we access.  Can you imagine what YouTube would be like on dial up?  Could NetFlix deliver video via the web?  Could any video, graphic or other big file in the cloud type of application work without broadband?

All of these great applications are built on a platform of ubiquitous and cheap bandwidth.  Much like our whole economy was built on cheap, ubiquitous energy.  The broadband revolution was built on getting the fattest pipe possible into the house.  The idea was with a fat pipe, the applications to fill those pipes would follow, and follow they did.

Now the ISPs are rethinking this position.  ATT is the latest to join the group who want to charge based upon how much you download and upload to your computers. So now paying for a fat pipe is not enough. If you are going to use that fat pipe you are going to pay for how much you put in there. Some say that this is only fair. If you use more than the next person you should pay for that extra use. I say no.  I think this is a change in the rules tin mid-stream. We have an ecosystem built upon one model of broadband and now we are being slipped another.

What effect will this have on YouTube, NetFlix, cloud computing, etc.?  I don't know, but this could be the fly in the ointment of our broadband future.

Related articles by Zemanta

• Broadband A Necessity or Waste?
• AT&T; will gamble with monthly bandwidth caps in Nevada
• Google slams Bell for throttling Internet
• Is US Internet Access Being Marginalized?
• AT&T; plans broadband caps
• Why Mark Cuban's only half right about tiered broadband
• AT&T; Trials Tiered Broadband in Nevada

Well, I don't know what will happen now.

We've got some difficult days ahead. But it really doesn't matter with me now, because I've been to the mountaintop.

And I don't mind. Like anybody, I would like to live a long life. Longevity has its place. But I'm not concerned about that now.

I just want to do God's will. And He's allowed me to go up to the mountain. And I've looked over.

And I've seen the Promised Land. I may not get there with you.

But I want you to know tonight, that we, as a people, will get to the promised land! 

And so I'm happy, tonight. I'm not worried about anything.

I'm not fearing any man!

Mine eyes have seen the glory of the coming of the Lord!!

Could it be only 40 years ago that Martin Luther King, Jr. spoke these words?

America is a country that continually reinvents itself.  The election of Barak Obama is chance once again for us to seize the imagination of the world and remind them why America is really that shining city on the hill.

Whether we voted for him or not, we are all filled with optimism for a new generation to take charge and make our mark on this new century.

Congratulations and God's grace to President elect Obama!

Related articles by Zemanta

• Obama - The Next Great Leader
• US election: Atlanta voters sense fulfilment of Martin Luther King Jr's dream

VNUnet today reports that network security vendor Network Box has come out with a white paper on best practices for corporate blogging security. The paper talks about comment spam and SQL injection attacks as leading ways that blogs could be compromised.

Of course I don't see anything in there about passwords and reusing the same passwords, but hey its better than nothing.  Might be worth your time to take a quick read.

The Google folks have a great election map mash up that lets you dial in to county by county results as they come in. I am pasting it here, so if you are out tonight you can log in and follow the action:

RENOWNED SECURITY BLOGGER MIA SINCE TAKING JOB

The Pragmatic, Inciteful Mike Rothman Has Gone Missing From His Blogging Since Taking a "Real Job"

(Alpharetta, GA. – November 2, 2008) – The mouth of the south, renowned security blogger, Mike Rothman has turned up missing in action shortly after announcing his acceptance of a full time position as a vendor puke with eIQ. Several inquiries have been made, but even “the boss” has been mum on his whereabouts. Several prominent security experts are already suspecting foul play and some even whisper of some sort of left wing conspiracy.

Rothman originally sounded optimistic about continuing his blogging workload and not abandoning his legion of fans in the RSS feed world. However, it appears that a “real job” has proven more than he had bargained for. Could it be, that after for so long making fun of others who blogged in addition to their full time jobs, the task is more daunting than Mike could handle? Could the Security Twits have kidnapped him? Where is Mike Rothman?

Other rumors flying around the blogosphere have reports of Rothman sightings. One report had him canvassing door-to-door on behalf of Ron Paul in Montana. Still others say that Rothman has been in an “undisclosed location” (the same undisclosed location Dick Cheney uses) working on Barak Obama’s cybersecurity plans. Rothman’s name has been floated as a possible Czar in an Obama administration. Some are saying Mike was holding out to be the Sheik of cybersecurity, not the Czar. Others say Mike was far too pragmatic to get mixed up in politics.

Several other well known security bloggers were asked to comment on Rothman’s whereabouts:

Chris Hoff of Rational Survivability said, “I hope and pray for the best for Mike. Unfortunately my suspicion is that he has been virtualized and sucked up into the cloud. We all know how insecure that can be.”

Martin McKeay of Network Security Blog said, “You know Mike always made fun of my privacy views, but for once I wish we had a way to get past privacy laws and find out what really happened to Mike. I may have to don my purple tights and Captain Privacy suit to lead the search for Mike”

Rich Mogull of Securosis had this to say, “Mike did ask me for a hazmat suit that I used for the Democratic convention. I hope something did not go terribly wrong and Mike winds up as a green, muscular super hero”.

Amrit Williams of Techbuddha had nothing to say at all about Mike. In fact he said he never really liked Mike anyway.

JJ of Security Uncorked said, "I think Mike is just holed up somewhere in the Deep South working on the next set of 802.1x standards. But if I don't start blogging more they may be putting out MIA releases on me next"

Richard Stiennon (sorry Rich, couldn't find your blog URL) said, “Though I am sorry to see Mike’s disappearance, it does leave a real vacuum for blogging security analyst and Stiennon’s first law is “blogging abhors a vacuum”

Alan Shimel  of StillSecure, After all these years, put perhaps the finishing touch on the Rothman situation saying, “You know Mike was a fast-talking NY guy who always spoke his mind. His up front, in your face style might have just rubbed someone the wrong way. He could very well be the security industry’s Jimmy Hoffa. But you know being the huge Giant fan he is, I am sure he would not mind being buried in the end zone of the new Giants Stadium”

In the meantime a Ten ($10.00) Dollar reward has been offered by the Security Bloggers Network for any information leading to the whereabouts of Rothman. Anyone with information regarding this mystery can email podcast@stillsecure.com. All information will be kept confidential, as well as HIPAA and PCI compliant.

**All names and quotes are purely fictitious. Who knows where Rothman really is?**