They say if you drop a frog in a pot of boiling water, it will, of course, frantically try to scramble out. But if you place it gently in a pot of tepid water and turn the heat on low, it will float there quite complacently. As you turn up the heat, the frog will sink into a tranquil stupor and before long, with a smile on its face, it will unresistingly allow itself to be boiled to death. The security industry is much like that frog; completely and uncontrollably in disarray - yet we tolerate it since we are used to it.
The article lists out attacks that made the headlines recently and points out that failure can be seen everywhere — spyware, phishing, trojans, viruses, worms, spam, botnets, web application vulnerabilities, DoS attacks, Active-X, passwords, patch management, zero-days, wireless access points, internal attacks, vulnerabilities in security software, mobile viruses and encryption.
Recently Noam Eppel has published an update to the failure article with Community Comments & Feedback, where he highlights the Good, the Bad and the Ugly comments generated by his article.
I think both articles are very useful, with loads of data and insights, specially for Information Security Professionals.
eKatnipur.com is reporting that a girl in far western Nepal emits ‘glass pieces’ from forhead. A team of doctors are researching on 12-year-old girl, who has been excreting glass pieces from the side of her forehead for the last three years.
“The CT scan report indicates that she has some kind of problem in her forehead skin,” said Dr M Kiduwai who is involved in the research, “The pieces do not seem to be coming out from the bone. But we can give more details only after further investigation.”
Here are some other mysterious phenomena reported by media:
World’s shortest boy - 14 years old and 20-inch tall Nepali boy. He’s probably the shortest boy in the world, but to qualify for the Guinness World Records he’ll have to wait for 4 more years until he reaches 18.
Bizarre baby born in Dolakha (WARNING! you might find the images disturbing) - A neck-less baby was born with extraordinarily large eyeballs. Died within half an hour.
The Buddha Boy of Nepal - Ram Bahadur Bomjon, who meditated under a pipal tree for 10-months before he went missing on March 2006. He’s said he’ll be back after 6 years.
But how do the experts in these various subjects acquire their extraordinary skills? How much can be credited to innate talent and how much to intensive training? Psychologists have sought answers in studies of chess masters. The collected results of a century of such research have led to new theories explaining how the mind organizes and retrieves information. What is more, this research may have important implications for educators. Perhaps the same techniques used by chess players to hone their skills could be applied in the classroom to teach reading, writing and arithmetic.
The TCP/IP Guide is the most comprehensive and easy to understand TCP/IP reference material available online. The 1600+ pages long guide is also available as a print book at amazon. This is absolutely one of the most useful resources for Network Admins. It is a perfect reference guide for experts, as well as an excellent learning aid for beginners. It includes full coverage of PPP, ARP, IP, IPv6, IP NAT, IPSec, Mobile IP, ICMP, RIP, BGP, TCP, UDP, DNS, DHCP, SNMP, FTP, SMTP, NNTP, HTTP, Telnet and much more
Bruce Schneier has an excellent article on What the Terrorists Want and how we should be fighting them.
I’d like everyone to take a deep breath and listen for a minute.
The point of terrorism is to cause terror, sometimes to further a political goal and sometimes out of sheer hatred. The people terrorists kill are not the targets; they are collateral damage. And blowing up planes, trains, markets or buses is not the goal; those are just tactics. The real targets of terrorism are the rest of us: the billions of us who are not killed but are terrorized because of the killing. The real point of terrorism is not the act itself, but our reaction to the act.
Amazon’s new Astore allows you to create your own Online Store. It’s new Associates product, very easy to setup, allows you to create your store in few minutes by choosing any products that Amazon has to offer. You can link the store to your blog (it stays in amazon’s domain). It would be great if you could create the store in your own domain. Here’s Nirlog Book Store, I created using Astore in 5 minutes.
SPEEDTEST.NET is a very interesting online tool that allows you to test your Internet Connection Speed, both download and upload. You can choose to test your Internet speed against servers located in different cities in US, Europe or Australia.
Live-Share is a simple, fast and free file hosting and sharing service. I just got registered, it works well with firefox (doesn’t work with safari). Anonymous users are given 300MB and registered users get 500MB of free storage. It’s really simple to use, all you got to do is:
1. Select your file and press upload 2. Receive download-link and share it
Currently the interface is clean but the terms says "advertisements will be displayed on all pages", so I guess ads will start to appear soon. Easy to use but would be great with some features like: grouping, tagging and password protection, if I wanted to share some confidential information. Anyway, it’s simple, free and works well.
Comment: In the age of web 2.0, this is a book you shouldn't miss. It demonstrates how you can use blogs, social networks, forums, web conference, emails and many more virtual tools to create a powerful professional presence, attract business and meet people online.
Comment: Many insights for personal management and productivity. Getting Things Done is about getting organized and freeing your mind for more important stuffs.