SC World Congress Sound Bites

A Much delayed post, but I never got around to fitting it in while out of town. I attended last year’s SC Wold Congress in New York at the Sheraton. I look back on it now and it was influential in my search for new employment for companies on the leading edge of security.

I wanted to post up a few sound bites, I picked up from the congress… Note that these are now 9 months old:

In October 2009:
“If Facebook were a country it would be the 4th largest in the world”

“Ashton Kusher has more twitter followers than the entire population of Ireland”

“80% of companies today use social media in their recruiting process”

From the CSO of AT&T Stephen Hutnik, “70% of their bandwidth traffic is malicious or junk”

“AT&T is working on ‘Black Cloud’ services for intercepting and stopping DDoS attacks on their network, before they get to their intended targets”.

That last part concerns me as it involves the ISPs to get smart about the routes and type of traffic they are sending – which means they’ll have to scan it first to determine it’s nature and destination. Who’s to say what’s negative or positive, appropriate or indecent, private or public – privacy rights should be watched closely with what ever AT&T, Time Warner, Verizon or any other service provider decides what to do with traffic running over it’s networks.



I realize it’s been about a month since I posted. Mostly that’s because between March 15th and April 1st I was extensively interviewing for a new job. With much of my time torn between understanding companies and their core products, and enjoying any amount of free time outside the apartment I could knowing that when the right job presented itself, I wouldn’t be tasting that freedom for a long time.

Such is the truth. I started April 5th with a new company and quickly got caught up in 10-12 hour days, training, learning the processes and “coming up to speed” as the managers like to say. I haven’t missed the corporate jargon hunt. “Drinking from the fire-hose”, “core values” and “touchpoints”.

Then on April 17th, was hacked when an unauthorized user installed redirection iframes on my site to another webpage that was hosting malware. I didn’t discover it until the 23rd but didn’t get the clean up done until tonight. As far as I can tell the redirect wasn’t installed properly and all is clear; although I’m still going through a complete reinstall on my test server. What a pain this all is but since I have only a handful of page hits in the last few weeks I don’t expect too much exposure.

If you did click through to my site since the 17th, make sure you run full scans of your virus software. Always important to keep up-to-date on your desktop filters and make regular scans even when you think it’s working. I found cached trojans on a mail server drive that hadn’t been used in some time.

I have a few queued up posts I’ll fill back in and then hope to get back to a regular schedule including adding many of the photos I’ve taken over the last month.

Good to be back to work and back online. Cheers
Bad Religion – Infected

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.


Jacking Netflix

Netflix has relieved new and disturbing terms for their service which basically admit publicly, to what they were sued for:

“In determining priority for shipping and inventory allocation, we may utilize many different factors, including the number and type of DVDs you rent through our service, the membership plan you select, as well as other uses of our service by you. For example, if all other factors are the same, we give priority to those members who receive the fewest DVDs through our service. The type, number, mix and weighting of the various factors impacting shipping and inventory allocation will change from time to time and will be made in our sole and absolute discretion.”

In other words, if they find you renting and returning quickly, and it ups the amount of monthly dvds you rent, they can intentionally slow down your shipments so you don’t rent too many. They also mention in this section that “most people check out 1-11 dvds in a month”. I guess this is their target # for what they want to allow.

A good site to book mark now is:
Hacking Netflix @


Passwords – Have you Changed yours lately?

Published: January 20, 2010

Back at the dawn of the Web, the most popular account password was “12345.”

Today, it’s one digit longer but hardly safer: “123456.”

Despite all the reports of Internet security breaches over the years, including the recent attacks on Google’s e-mail service, many people have reacted to the break-ins with a shrug.

According to a new analysis, one out of five Web users still decides to leave the digital equivalent of a key under the doormat: they choose a simple, easily guessed password like “abc123,” “iloveyou” or even “password” to protect their data.

“I guess it’s just a genetic flaw in humans,” said Amichai Shulman, the chief technology officer at Imperva, which makes software for blocking hackers. “We’ve been following the same patterns since the 1990s.”

Mr. Shulman and his company examined a list of 32 million passwords that an unknown hacker stole last month from RockYou, a company that makes software for users of social networking sites like Facebook and MySpace. The list was briefly posted on the Web, and hackers and security researchers downloaded it. (RockYou, which had already been widely criticized for lax privacy practices, has advised its customers to change their passwords, as the hacker gained information about their e-mail accounts as well.)

The trove provided an unusually detailed window into computer users’ password habits. Typically, only government agencies like the F.B.I. or the National Security Agency have had access to such a large password list.

“This was the mother lode,” said Matt Weir, a doctoral candidate in the e-crimes and investigation technology lab at Florida State University, where researchers are also examining the data.

Imperva found that nearly 1 percent of the 32 million people it studied had used “123456” as a password. The second-most-popular password was “12345.” Others in the top 20 included “qwerty,” “abc123” and “princess.”

More disturbing, said Mr. Shulman, was that about 20 percent of people on the RockYou list picked from the same, relatively small pool of 5,000 passwords.

That suggests that hackers could easily break into many accounts just by trying the most common passwords. Because of the prevalence of fast computers and speedy networks, hackers can fire off thousands of password guesses per minute.

“We tend to think of password guessing as a very time-consuming attack in which I take each account and try a large number of name-and-password combinations,” Mr. Shulman said. “The reality is that you can be very effective by choosing a small number of common passwords.”

Some Web sites try to thwart the attackers by freezing an account for a certain period of time if too many incorrect passwords are typed. But experts say that the hackers simply learn to trick the system, by making guesses at an acceptable rate, for instance.

To improve security, some Web sites are forcing users to mix letters, numbers and even symbols in their passwords. Others, like Twitter, prevent people from picking common passwords.

Still, researchers say, social networking and entertainment Web sites often try to make life simpler for their users and are reluctant to put too many controls in place.

Even commercial sites like eBay must weigh the consequences of freezing accounts, since a hacker could, say, try to win an auction by freezing the accounts of other bidders.

Overusing simple passwords is not a new phenomenon. A similar survey examined computer passwords used in the mid-1990s and found that the most popular ones at that time were “12345,” “abc123” and “password.”

Why do so many people continue to choose easy-to-guess passwords, despite so many warnings about the risks?

Security experts suggest that we are simply overwhelmed by the sheer number of things we have to remember in this digital age.

“Nowadays, we have to keep probably 10 times as many passwords in our head as we did 10 years ago,” said Jeff Moss, who founded a popular hacking conference and is now on the Homeland Security Advisory Council. “Voice mail passwords, A.T.M. PINs and Internet passwords — it’s so hard to keep track of.”

In the idealized world championed by security specialists, people would have different passwords for every Web site they visit and store them in their head or, if absolutely necessary, on a piece of paper.

But bowing to the reality of our overcrowded brains, the experts suggest that everyone choose at least two different passwords — a complex one for Web sites were security is vital, such as banks and e-mail, and a simpler one for places where the stakes are lower, such as social networking and entertainment sites.

Mr. Moss relies on passwords at least 12 characters long, figuring that those make him a more difficult target than the millions of people who choose five- and six-character passwords.

“It’s like the joke where the hikers run into a bear in the forest, and the hiker that survives is the one who outruns his buddy,” Mr. Moss said. “You just want to run that bit faster.”


Searching beyond 2009

I was reviewing the Google Zeitgeist page showing the top searches, patterns and trends of 2009.

zeit·geist | Pronunciation: ‘tsIt-“gIst, ‘zIt | Function: noun | Etymology: German, from Zeit (time) + Geist (spirit) | Date: 1884 | Meaning: the general intellectual, moral, and cultural climate of an era.

The information is interesting and enlightening, in that I, in no way follow any popular trends in the US. I must be fringe, or just don’t care that much about celebrity or movie/tv entertainment: 7 of top 10 Google News – Fastest Rising, 6 of top 10 – Fastest Rising, and 100% of Google Image Search top 10 are all such trends.

Google had dedicated trend pages for both Entertaining and Celebrity. If I dive deeper into these pages, I’m further aware that none of these celebrities are of interest to me except Michael Jackson and Les Paul. On the top ten TV and movies lists, I watch none of the TV shows (although that’s not a surprise as I don’t watch too much TV) and have only seen Star Trek and Avatar of the movie list. On the concert list, I’ve scene Blink 182 and U2 and don’t care to see them again, or the rest on that list.

One story I’m impressed made the list is the Missing Link as the finding of “Ida” in Germany further shows evidence of evolution of humans. Stories like this make me wonder how humans will evolve in another 47 million years (if we make it past the 2000s first).

Regarding Sports, Yankees, Steelers, Lakers, Red Wings, Roger Federer and of course Tiger Woods are all on top – no surprise for any. I am a little surprise that Coach K is the top and that the coaches list is dominated by American NFL Football and college basketball coaches. Lane Kiffin is well on his way to top the list of 2010 (and the one issue I’m on the side of Al Davis). Interesting too to see that Americans favor searching Chelsea football – the team I follow for now Arsenal is ranked 5th.

Here in New York, top searches seem to be all services except I’m quite shocked that Hale and Hearty topped Shake Shack in local food searches. Soup and salads over burgers? maybe New Yorkers are trying to get healthy on their own and DON’T NEED a salt ban (get it Bloomberg?).

The economy, healthcare (swine flu & universal health care), scandals (Bernie Madoff & Mark Sanford), bailouts (TARP & AIG) and disasters (tsunamis and earthquakes) all topped in the news for 2009 and will continue in some form into 2010. Haiti already starting the disaster trending again this year.

The Stooges – Search And Destroy

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.

Traveling Smoker in front of 5th Ave Apple Store


Let’s Get Physical

I haven’t written many blog posts for the last few months of the end of ’09. Mostly because I’ve been traveling and visiting with with family and friends I haven’t seen in over 6 months. When I travel my primary way to interact with people is in-person. I check email, social sites and twitter less frequently as I fill my time with meeting people for personal or business reasons. I’ve become aware in both my work and personal life, one of the few problems I have with so much reliance on [social] technologies is it separates people from the in-person nature of relationships.

We write an email, chat and even phone in a call to catch up but I and many psychologists agree that this can never equal the chemical, emotional and physical bonds created when people are engaged at a close proximity or in-personal relationship.

There are five human senses (hearing, sight, touch, smell and taste) and of those, social technologies only cover one, if you count reading someone’s thoughts put down in text some kind of hybrid of sight and sound. Of course video conferencing will bridge some of the sensory intake, but you can’t shake someone’s hand to get a sense of their confidence, smell their sweat if they might be nervous or… well I don’t recommend trying to taste your business partners and friend but there are reasons you may want to taste someone.

The integration of all these senses along with a mysterious 6th, intuition (which can be just as important in nurturing relationships with people), have the ability to create robust profiles of in-person interactions that singular communication via text, web and even video chat can’t substantiate.

Realistically, social networks and internet content services like Twitter are hear to stay (interesting article by David Carr NY Times on reasons why Twitter is hear for good) but we should all keep in mind that these services are still tools to be used to improve information exchange, facilitate personal or business relationships and transactions. However, eventually we’ll all have to step outside the house/apt and have a few pints with friends, catch up with the family over dinner or engage with your mate for some…. carnal knowledge.

Here’s to getting out in public more in 2010.

Shot at one of many street fairs in New York – most likely between the sock guy and the grilled corn

Yelloman – Physical

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.


Will Technology Lead to a Better Future or Just…

Technology is a part of everyones lives, now more so than ever. I never thought I would see the day that my mother got an iPhone before I would (or some other “cool” smart phone device – I’m still using a cracked Blackberry as shown below). 2010 is said to be the year we further our lives with tech and become more mobile, use more web based services (cloud computing), and demand that everything we do occur immediately (real time) and more locally defined (Geo tagging and local search).

2010 will drive people to use internet services more extensively than every before – we already are storing and sharing our photos and videos online (Flickr, Picasa, Smugmug, Fotki, YouTube etc.), email is primarily web based outside of corporate, we share thoughts and comments with friends through social networks (Facebook) and content services like Twitter, listen to our music on the web (Pandora, we shop more online today and all our financing goes to online rather than physical bothering with physical bank runs or working with actual brokers. These trends will continue.

2009 saw the death of clunky desktops but soon we’ll be looking to build our own server networks at home using small dumb access points like netbooks or our smart phones to connect to the internet. Internet, and more specifically wireless, will become standard plumbing of our lives. No longer a luxury, we’ll be connected more than ever by not only our PCs but our phones (MagicJack, Google Voice, Skype, Gizmo), gaming consoles, book readers, HDTVs (Roku, Sling box, Boxee, Netflix etc.) and other smart kitchen or home appliances. Thanks to new operating systems (Window 7 & Chrome OS) and the expansion of high speed Internet services (FiOS and AT&T U-verse) we are free to roam and implement these tools of our life more freely.

There’s a lot of talk about the Tablet making it’s presence known this year and I hope that’s true. Either it be Apple, Google (Android), Lenovo, or HP, it remains to be seen if these devices will live up to their hype.

However, the big question every year will all this tech help to make my life more easier, organized, and connected or will I be spending too much money for more complicated ways of doing simple tasks (e-readers, news delivery, making a phone call). With so much openness and our information freely available over unsecured wireless connections, will we see an increase in malware and security breaches of our finances and personal identities. The Federal government is already being proactive in warning Small Business owners to take note and with the introduction of all new technology, we should all take our time with these steps and understand fully the repercussions and risks before trying to take advantage of the rewards.


Mariah Carey had Billboard’s hottest played song of the decade with “We Belong Together”. Honestly I can’t say that I have even heard this song, but then again, I don’t listen to the radio anymore –, Pandora, or my own vinyl and mp3 collection are my formates of choice. I realize this label is based on radio impressions which is an industry term for saying these are the tracks records labels paid heavily to have played on the airways, and thus force feed to the consumer to buy, download, play and then throw up all over in 3 months. Of the 10 listed, I can still handle Usher’s Yeah! (but I will always have my NOLA memories of Flo-Rider’s Low).

Usher Featuring Lil Jon & Ludacris – Yeah!

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.

Although my profile would say that Santogold was my artist of choice for the year, Last didn’t scrobe every play I made over the year and I think a few of the old ladies plays got integrated here (come on, I’m not that big of an Édith Piaf fan). Also on top of my list is Thievery Corporation’s Mandala, which did have heavy rotation this last year in my iPod and I attented at least one of their live shows in 2009. Thievery is one of the most ethnically diverse groups I’ve heard, playing sounds ranging from Indian (tabla), Caribbean, reggae, house and jazz funk – all of which come together nicely on their latest release Radio Retaliation. They definitely epitomize my eclectic tastes in all these musical stylings thrown together into a congruent progression that is my iTunes collection. Mandala is a sweet track and up there for my top 5 of the year even though it was released late in 2008:

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.


7 Deadly Sins

Facebook Punk’d Techcrunch

punkdI’m an avid reader of TechCrunch. Like most blogs they compete on the edge for eyeballs which puts most in the grey area of posting both actual news and rumor even without confirming from any discernible sources. TC does a good job on updating us all on Valley stories, news and tech but they still could benefit from getting off the iPhone jock and limiting useless rumors to focus their content. This is a great story of Facebook, setting up an actual feature and calling it to only those on the TC network; which in turn they put out there as a real feature without confirming it directly from Facebook (“Maybe I’m missing something here, but I’m not sure why Facebook would do this. “). Check the full Punk’d Story.


Programmable matter technology to manipulate designs in 3D

Imagine being a designer or any discipline: fashion, architecture, automobiles, or technology and having tools that would allow you to physically shape your project in real life before even producing a design draft? The technology would allow you to manipulating consumer products or designs in real-time with your fingers in a 3D representation of your idea. The concept can be thought of as “the ultimate form of digital printing”.

First demoed at last year’s Intel Developer Forum (IDF), Programmable Matter, as it’s termed now, is looking more realistic in the next few years. The idea revolves around tiny glass spheres with processing power and photovoltaic for generating electricity to run the tiny circuitry. These particles called catoms would move relative to one another via electrostatic. Here’s a visual:

Programmable Matter along with Intel’s Dynamic Physical Rendering (DPR) are some of the sweetest technology I’ve seen in years.

7 Deadly Sins

Protect Your Internet Freedom

Please contact Congress through this web site. This is serious shite. Please spread the word.
Here are the Companies supporting this effort (

It’s Our Net

The giant phone and cable companies are trying to take control of the Internet away from the public and convert it into their own private, corporate network They’re boasting that they’ll create premium lanes on the Internet so that people who can pay get seen and those who can’t don’t. Tell Congress to keep the Internet open and free and to protect the rights of users to see what you want to see and go anywhere you want to go on the Internet just as you can today.

If you are a consumer; a Mom looking for healthcare information to protect your family; a home-school parent using the Internet as part of your education plan; an email user staying in touch with your family and friends – you will have a degraded slower Internet experience with certain Web sites. Some Web sites will even be unavailable unless additional fees are paid.

Small Business
If you are a small business, you may not be able to survive online. If you are an aspiring entrepreneur, you may be impeded from providing and getting the word out of the “next big thing” on the Internet.

Schools & Churches
If you are a small non-profit organization, like a church or a school, you may not be able to get your messages out to congregants or student families without paying more.
This fall, if Congress does not act, all of those things could happen.

* How Did it Happen?
* What Happens if Congress Destroys Net Neutrality?
* What Should Congress Do?

How it happened
Last year, the phone and cable companies convinced the Federal Communications Commission and the Courts to change how the Internet is operated, making a few unelected officials responsible for a decision with billions of dollars of impact for millions of Internet consumers.
These decisions reversed the safeguards that made the Internet so great � the freedom known as �Net Neutrality,� which allows you to go anywhere you want to go on the Internet. The Internet was designed by American universities, and made available to the general public over an open platform that required phone and cable companies to treat all traffic in a neutral manner.

Now, however, the phone and cable companies boast that they will create premium lanes on the Internet for higher fees, and give preferential access to their own services and those VIPs who can afford to �pay to play.� They have already blocked certain services and have the power to block or degrade any service that competes with them:

* Do you want the phone and cable companies to block online movies or cheaper phone service over the Internet?
* Do you want the phone and cable companies to decide which blogs or political sites you can access?
* Do you want phone and cable companies to give preferential Internet access to companies who pay more for �premium� delivery?
* Do you want phone and cable companies to keep new innovations off the Internet?

If you answered no to any of these questions, then Congress needs to hear from you.

What Happens if Congress Destroys Net Neutrality?
If Congress caves in to the telephone and cable companies� power grab, they will use that power to dictate your content. The Net as we know it will be radically altered. Destroying Net Neutrality would result in:

* Discrimination � Phone and cable companies will be able to steer you to Web content and services that they own or have exclusive deals with.
* Higher Costs � If content providers are charged new fees to �ensure� that you can view their sites, they will pass these fees through to consumers like you and small businesses.
* Reduced Investment � Investors will have little reason to support new, Internet-based content and services if there is no guarantee they can even get on the net. Innovation will plummet.
* Compromised Global Competitiveness – The US will lose its lead on the Internet as innovation moves to more fertile, open markets overseas.

We need to keep the Internet as an open marketplace and not allow a few rich heavy-hitters that will dictate where you can go.

What Should Congress Do?
Congress needs to act to preserve Net Neutrality and the Internet as we know it. They should:

1. Re-establish basic safeguards that require broadband providers to treat all Internet traffic in a nondiscriminatory manner, without favoritism.
2. Prohibit tiering schemes that impose fees to �deliver� Internet content on top of the fees already paid to connect to the Internet.
3. Require strong federal enforcement, including penalties for violating these duties.

Everyone who uses the Internet will be affected if Congress gives in to the telephone and cable companies� demands. Please, take action today to preserve the open Internet:

* Join the Coalition Mailing List (“Sign Up for Email Alerts” at right)
* Tell Congress: Protect Our Internet!
* Spread the Word about Net Neutrality

By working together, we can save the Internet.