March 21, 2014

Safely Detonate That Malware


I like the potential of the FireEye Malware Protection System (MPS).

Unlike traditional signature-based malware protections like antivirus, firewalls, and intrusion prevention systems (IPS), FireEye is an additional security layer that uses a dynamic Multi-Vector Virtual Execution (MVX) engine to detonate even zero-day attacks from suspicious files, web pages, and email attachments. 

According to Bloomberg Businessweek, Target's implementation of FireEye detected the malware attack on Nov 30, 2013 and it alerted security officials, but allegedly "Target stood by as as 40 million credit card numbers--and 70 million addresses, phone numbers, and other pieces of personal information--gushed out of its mainframes"over two weeks!

In fact, FireEye could've been set to "automatically delete [the] malware as it's detected" without human intervention, but "Target's team apparently "turned that function off."

FireEye works by "creating a parallel computer network on virtual machines," and before data reaches its endpoint, they pass through FireEye's technology.  Here they are "fooled into thinking they're in real computers," and the files can be scanned, and attacks spotted in safe "detonation chambers."

Target may have been way off target in the way they bungled their security breach, but using FireEye properly, it is good to know that attacks like this potentially can be thwarted in the future. ;-)

[Note: this is not an endorsement of any product or vendor]
Share/Save/Bookmark

March 20, 2014

Fighting Someone Who Doesn't Care

Today, an editorial by Daniel Henninger in the Wall Street Journal said it outright about Putin's land grab of Crimea and his view of others' reactions to it, "He doesn't care what they think."

This comes to the point of the whole matter, which is how do you fight an adversary that just doesn't give a [you know what]?


If one side is arguing what's right based on international laws, mores, and the ethics of human rights and freedom, how does that stack up with an adversary that disseminates misinformation [oh, are those our troops on the ground?] and thumbs their nose at the world to get what they want?


Maybe fighting fair is wonderful from a legal standpoint, but it sure looks challenging on the ground. 


Putin is daring anyone to do anything...heck, he's got thermonuclear ICBMs and a veto at the U.N. Security Council. 


BTW, if a security council member is the one doing something wrong, why in those matters, do they still get a veto???


Anyway, this is a very dangerous game of cat and mouse, and if everyone fought this way, the doomsday clock would be ticking very close to midnight, indeed.


Many times in history, a Goliath has swung a big ugly sword, but even a David--and we are not a David, but a world superpower--came to the fight with a sligshot and still won. 


Notice though, David still came to the fight!


We can win by doing the right thing, but we cannot run away, because as Hitler showed us--appeasement does not work!


Give a finger and next goes the hand, arm, and torso.


Now already are reports that Putin is threatening to derail the P5+1 negotiations with Iran as well. 

Yesterday, I read in Businessweek about overspending, that it's better to get a haircut now, than have a beheading later.


Perhaps, this applies to national security matters as well?


We can't be the policeman/woman of the world, but Snowden is snug in "Mother Russia" and now so is Crimea. 


(Source Photo: here)

Share/Save/Bookmark

March 17, 2014

Time To Spread The Magic

So I'm not the biggest fan of Disney theme parks -- maybe that is not a popular thing to write.

But to me, the rides alternate between fake or nauseating (when they're not broken down), the characters are outdated, the parks are hot, overcrowded, and the lines and wait times are long, and the ticket prices are sort of crazy for what you're getting (not). 

Let's see, a day at Disney or day at the beach--uh, I'll take the beach any day!

But Disney is doing something magical these days. 

Bloomberg Businessweek reports how Disney's new MagicBands are using technology to make the theme park experience more convenient, even if not more fun. 

The MagicBands are like an all-in-one electronic link between you and Disney:

- No need for an admission ticket, because the MagicBand does that.

- Reserve your favorite rides, use your wrist band. 

- Hotel room keys, that's right the band unlocks your door.

- Shopping at Disney kingdom, the band functions as your debit/credit card. 

- Being greeted by name or wished a happy birthday, the bands make your experience more personal.

What's more Disney uses the bands for "big data" analytics--for capturing your likes and preferences for rides, restaurants, food, and souvenirs--and this adds up to customer service enhancements like restocking shelves, opening up reservations, expedited queues, and even targeted mail and text messaging/advertising. 

The bands have radio frequency identification tag/chips (RFID) as well as GPS sensors, so Disney knows who you are, where you are, and even much of what you're doing. 

Spooky from a privacy standpoint--sure, you are really sitting there exposed in just about every way. 

But this technology has arrived, not just at Disney, but via embedded RFID in your smartphones or your body someday soon. 

The synthesis of man and machine...the mystery is gone in the magic kingdom, but maybe the service gets better. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

March 16, 2014

There's No Line In Online

I loved the article in the Wall Street Journal By Andy Kessler. 

Kessler's point is that technology is all about convenience. 


The way I put it is that online, there is no line!


With technology, we can do things proverbially--better, faster, cheaper.


But so much of technology really is about doing things with the utmost convenience--that means that rather then spend time hunting or gathering, searching or shopping, traveling or transacting, gaming or gambling, we can go online and in Internet speed it's done!


The beauty of the Internet and technology is that there is no queue, no lines, no waiting--just lots of convenience mainly with point and click.  


I couldn't hate lines more--hate wasting time--hate doing stupid things that have no real meaning-->time is absolutely precious! 


We are mortal and one day, time stops for all of us, so we better use what we have well--use it wisely, not wastefully. 


When we have convenience from technology, we have to spend less time on the mundane and have more time to do the things we really enjoy or that can grow us.


So get the doldrums done quickly online, and spend more time with family and friends, on fitness, pursing spiritual matters, and even learning the secrets of the universe--and then blogging about them. 


Technology is a convenience and a true G-dsend. ;-)


(Source Photo: Andy Blumenthal)

Share/Save/Bookmark

March 15, 2014

U.S. To Give Up U.S.?

This is just ridiculous already...I mean why do we even bother to try, if as a nation we are just resigned to give up.

1. Russia takes Crimea and the U.S. has "no options," instead of considering a variety of meaningful options--will Putin stop with Crimea, Georgia, Chechnya if there is virtually nothing standing in his way?

2. Syrian civil war goes on for almost 3 years and takes 150,000 lives and the U.S. has "few options," while Russia, Iran, Hezbollah, Saudi Arabia seem to have and be exploiting lots of options.

3. "U.S. to give up Web oversight" since other governments have complained over our "unique influence"--well darn it, we invented the Internet, why shouldn't we capitalize on it?

4. Serious "deficit reduction is dead" even though the national deficit continues to grow and threaten the national security of this country, but there are few acknowledged options for politicians that want to get re/elected, except to continue the runaway gravy train.

5. Space exploration to other planets--NASA shelves it--"Space, the final frontier...to boldly go where no man has gone before," but we're not really going!

6. Defense cuts threaten U.S. military as the "U.S. faces a more volatile, more unpredictable world," and even as China ramps up its military budget by 12.2%.

7. Despite the potentially catastrophic impact that a serious cyber attack would have on the U.S. national security and economy, "the U.S. military is not prepared for cyber warfare"-why are we waiting for the proverbial lights to go out?

8. Outsourcing jobs outside the U.S. has already become cliche--with top U.S. Corporations sending more than 2.4 million American jobs overseas between 2002-2011--as our own labor force participation is now at a 30-year low!

I don't understand what has happened to our national resolve to succeed, to lead, to be a good example in the world.

Why are we in global retreat--instead of steadfastly protecting and growing our national strategic interests in every domain?

We are innovators, entrepreneurs, skilled in every worldly affair, and lovers of freedom and human rights for all, yet we have become gun shy, afraid, and reticent to be ourselves and do what we do best--which is to do what's right, what needs to be done, and to be global leaders in progress toward the future.

If we can't do this, if we have just given up, if we have become ostriches with our heads in the sand--then we haven't just given up on this or that or the other thing--but we have given up on being the U.S. of A.

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

It Can Happen To Anyone

Life is unpredictable. 

Today, at the pool, someone collapsed. 

Looks like a heart attack or something serious.

Most of the people at the pool are in amazing physical condition. 

The young folks on the swim team are fast as hell. 

The older people, many seem like they never aged and can do still perform adroitly.

I find the whole crew generally quite competitive and if you can't keep up...you may even get shove to the side. 

When I heard the whistle blow this morning, it was unlike the usual stop running or horsing around--this time is was long and shrill. 

Everyone stopped and pulled to the ends. 

Instead of splashing water, you could hear a pin drop. 

Lifeguards started running. One ran back to the control center and I could see him through the glass window dialing quickly on the phone for help. 

Another young women was getting help from the pool supervisor--the young one ran, the older one strode sternly to ascertain the situation. 

People started swimming in the main pool again, while the collapsed man was out of sight around the corner in another pool area.

The floating lady water runners were kibbutzing about what happened and is he going to be okay.

Eventually the swimming continued, but even then, people were looking around and had those worried faces on.

There was a realization that even with the dozens of people there, this person could've been anyone--any of us. 

The ambulance and fire truck rescue came, the stretcher was brought in.

I asked the lifeguard with concern what had happened to the man and he said in a monotone, almost practiced voice, "The ambulance is here; everything is okay."

It sort of sounded like don't anyone panic and shut the heck up. 

Anyway, it was upsetting to see someone up early, getting themselves to the pool, trying to stay healthy and fit, and struck down at the scene, while trying their best. 

I'm a little shaken and am still hearing the whistle in my head. :-0

(Source Photo: Andy Blumenthal)

Share/Save/Bookmark

March 14, 2014

Guns And Roses

This was an interesting student portrayal showing decision on whether someone is a friend or foe--I like it!

On the face of it, is a computer screen "head" with pictures of a drone for surveillance and a fighter jet for carrying out battle. 

In the right hand is a rose for the friend, and in the left hand is a gun for the foe. 

On the bottom, it says "You Decide" with little pieces of hanging paper marked "Friend"or "Foe" and you pick one.

To me, the kid that designed this is pretty smart--smarter than a lot of adults today,

Why? 

To many people, everything is black or white--for example, liberals may default to everyone as good and trustworthy until shown otherwise, while conservatives may take the alternate track where they assume people are bad and we should be cautious with them and be prepared to defend ourselves. 

Neither is simply right or wrong--it's just how we approach things--although for me, it's definitely you have to earn trust, and still it's important to verify!

The kid that made the friend or foe robot apparently realizes that we have to discriminate between those people that are friends and those that are enemies--and act accordingly. 

Surveillance is a good thing and being ready to defend ourselves is a very good thing. 

Sometimes, those that masquerade as friends are really foes, and those that challenge us may really be our best friends. 

We must be very discriminating in determining who is who--and be ready with both rose and gun. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

March 12, 2014

Terrorism - Is it Going Away?

Going on 13 years since 9/11...

- Ukraine invaded by Russia seeking to annex Crimea

- Malaysia Airline with 239 aboard missing and still a mystery

- Sochi, suspected hijacker tries to divert plane, F-16s scrambled

- Syria aided by Hezbollah fighters, estimates of more than 150,000 dead

- Iran ships medium range missiles to Hamas in the Gaza Strip

- Iraq Suicide bombing a somewhat regular occurrence

- Pakistan death toll in war on terror estimated at 49,000

- Saudi Arabia concerned about Muslim Brotherhood and 
Hezbollah

- Lebanon, twin suicide car bombings in capital

- Egypt, terror attack on tourist bus in Red Sea resort

- Somalia, car bombing at national intelligence headquarters

- North Korea accused by South of "reign of terror" 

Where are we in the war on terror--are we really any safer? 

All opinions my own. 

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

March 11, 2014

Be, Be Yourself

I thought this was a cute sign in the elevator at Safeway. 

"Be Yourself. Everyone else is already taken."

Why they put this up in a supermarket, I don't really know. 

Anyway, gotta hate phonies, kiss-ups, and B.S. artists--in the store or out. 

My wife's grandfather used to say, "What comes from the heart, goes to the heart"--I really like that!

An ounce of sincerity is worth more than a ton of faking it--even if you're a good fake. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

March 10, 2014

Naked And Yelled At

So true story...I'm in the changing room at the pool.

There is a guy there, just a few feet away, naked. 

The pool supervisor comes over and says, "Hey, where's your brother?"

The guy says, "Why?"

The pool supervisor says, "He asked for a change in schedule, and I told him he can work on Mondays, and he's not here."

The guy annoyed, says, "I'll tell him."

The pool supervisor, shakes his head, and walks away. 

The guy turns to me and says, "You know this is the only job where your boss can come up to you when you're stark naked and start yelling at you!"

I say, "Yeah, and you can't even say it's sexual harassment."  ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

March 9, 2014

SCADA in Pictures




So SCADA are Supervisory Control and Data Acquisition systems.

They are a form of Industrial Control Systems (ICS) that monitor and control major industrial processes from power generation, transmission, and distribution, to water treatment, chemical production, air traffic control, traffic lights, building controls, and more. 

These are part of our nation's critical infrastructure. 

In the lab, we are able to use tools to capture and analyze communication packets and edit and re-use them to: 

- Turn on and off lights

- Open/close perimeter gates

- Control water and gas pipelines

- And even open and close a bridge

This was very scary!

No one, unauthorized, should be able to do this in real life, in the physical world. 

This is a major security vulnerability for our nation:

- SCADA systems should not be openly available online, and instead they should be able to be controlled only either locally or remotely through an encrypted virtual private network (VPN).

- SCADA systems should not be available without proper access controls--there must be credentials for user id and passwords, and even two-step authentication required. 

No one but vetted, cleared, authorized, and trained personnel should be able to monitor and control our critical infrastructure--otherwise, we are giving them the keys to disrupt it, destroy it, and use it for terror. 

We owe our nation and families better, much better. 

(Source Photos from lab: Andy Blumenthal)

Share/Save/Bookmark

March 8, 2014

Security Is A Joke!


Fascinating video with Dan Tentler on the Shodan Search Engine...which CNN calls the "scariest search engine on the Internet."

The search engine crawls the Internet for servers, webcams, printers, routers, and every type of vulnerable device you can imagine.

It collects information on more than 500 million devices per month and that was as of last year, so it's already probably a lot more.

Tentler shows the unbelievable amounts and type of things you can access with this, including our critical infrastructure for the country --from utilities to traffic lights, and power plants:

- Private webcams
- Bridges
- Freeways
- Data Centers
- Polycoms
- Fuel cells
- Wind farms
- Building controls for lighting, HVAC, door locks, and alarms
- Floor plans
- Power meters
- Heat pump controllers
- Garage doors
- Traffic control systems
- Hydroelectric plants
- Nuclear power plant controls
- Particle accelerators
- MORE!!!!

Aside from getting information on the IP address, description of the devices, locations (just plug the longitude and latitude into Google for a street location), you can often actually control these devices right from YOUR computer!

The information is online, open to the public, and requires no credentials.

- "It's a massive security failure!"

- "Why is this stuff even online?"

Where is our cyber leadership????

>>>Where is the regulation over critical infrastructure?

If there is a heaven for hackers, this is it--shame on us. :-(
Share/Save/Bookmark

March 7, 2014

We're Giving It All Away


Nice little video from Mandiant on "The anatomy of a cyber attack."

Despite the typical firewalls, antivirus, and intrusion detection system, cyber attacks can and do penetrate your systems.

This happens through social engineering (including phishing attempts), automated spam, and zero-day exploits.

Once inside your network, the cyber attacker takes command and control of your computers, surveys your assets, steals user names and passwords, hijacks programs, and accesses valuable intellectual property. 

Mandiant performs security incident response management (detecting breaches, containing it, and helping recovery efforts), and they are known for their report "APT1" (2013) exposing an alleged significant government-sponsored cyber espionage group that they state "has systematically stolen hundreds of terabytes of data from at least 141 organizations."

Another fascinating report on a similar topic of advanced persistent threats was done by McAfee on Operation Shady Rat (2011) that reveals over 70 organizations (governments, commercial entities, and more) that were targeted over 5 years and had terabytes of information siphoned off. 

The overall risk from cyber espionage is high and the McAfee report states:

- "Every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact."

- "What we have witnessed...has been nothing short of a historically unprecedented transfer of [intellectual] wealth - closely guarded national secrets...disappeared in the ever-growing electronic archived of dogged adversaries."

In short we can't keep a secret--we're putting endless gobs and gobs of our information online and are not adequately protecting it in cyberspace, with the result that our adversaries are able to access, exfiltrate, disclose, modify, or destroy it.

In short, we're giving it all away - why? 
Share/Save/Bookmark

March 6, 2014

Beware of Botnets



Interesting video demonstration of how botnets work and can literally take over your computer.

In essence, your computer becomes a zombie under the command and control of the botnet sender.

Computers get infected through a trojan or worm, and then the sender has you--they control your computer and information.

Generally, they do this to send spam, steal information, or send out other malware, all under anonymity. 

Once infected, the sender has complete control over your computer and can exfiltrate, delete, or change your data, turn on the keyboard lights, add a tail to your mouse, and even format your hard drive. 

The malware often can even disable your firewall.

The sender can turn on a keylogger and log your keystrokes, and capture your user ids and passwords to banking and financial institutions, and draw out your money. 

The video demos an example of botnets with a variant of the Zeus trojan. 

Worth a watch.

Makes me wonder whether our adversaries are infecting more and more computers, until they have almost everyone--eventually a virtual army.

Then at the time of their choosing, they can conduct one big massive attack, or incremental ones, logging into peoples accounts, stealing their identities and savings, sending out misinformation, destroying data and computers en masse. 

We need to be aware of what's possible, maybe even probable. 

Is your computer infected and you don't even know it yet?
Share/Save/Bookmark

March 4, 2014

A Different Definition For IV&V

In IT circles, IV&V generally refers to Independent Verification and Validation, but for CIOs another important definition for leading is Independent Views and Voices.

Please read my new article on this: here at Government Technology -- hope you enjoy it.

Andy

(Source Photo: here with attribution to Joi)
Share/Save/Bookmark

March 3, 2014

Rejuvenate Like A Starfish


Good video on centralization vs. decentralization.

A spider is the model of a centralized organism or organization--cut of the head and the thing is dead. 

But a starfish is the epitome of one that is decentralized--if you cut off one of the arms (it doesn't have a head) of a Blue Linckia starfish, it just grows another one. And if you cut off all five arms, it grows five new starfish. 

So when it comes to organizations, do you want one like a spider, where all power, decision-making, and talent is concentrated at the top, and if you lose your senior executive(s), you've lost the innovation or operational effectiveness of the entire organization (think what happened when Apple lost Steve Jobs as an example)? 

Or do you want to be an organization that is more decentralized (less hierarchical) like the Starfish--where talent is widely dispersed and work is delegated to the many within. Here the organization's very survival is not threatened when something happens at the top or to somebody. 

In most cases, there is no perfect spider or starfish organization, but more of a hybrid model, where some functions (like HR, finance, communications) are centralized and others are decentralized (based on specific business expertise). 

To me the main point here is that an organization is made up of many individuals, and everyone in the organization is valuable; no one person can do everything and we should leverage each person according to their strengths and help them on their weaknesses. This gives each individual and the organization the best chance of rejuvenation and survival. ;-)
Share/Save/Bookmark

March 2, 2014

Restraint or Recklessness?

Like many of you, as I watch the events unfold with the Russian military invasion of Ukraine, I am amazed at the "restraint" being shown by the West. 

But I can't help asking myself why a military invasion by the Great Bear into a sovereign nation that is leaning toward democracy is being met with restraint.

Sitting in Starbucks, I overheard one young women saying to an older gentlemen that she did not understand the reaction of the President in saying there would be "consequences" and that no one took that seriously as there was no specificity, almost as if their where no real consequences to even threaten Russia with. 

So why all the word-mincing, dancing around the subject, and restraint by the West in light of this very dangerous escalation in eastern Europe:

1) Surprise - Was the West completely taken by surprise by Russia's military intervention? Didn't something similar happen with Georgia in 2008--less than 6 years ago? Did we not foresee the possibility of Russia lashing out against Ukraine to protect its interests when Ukraine turned back toward European integration and away from the embrace of Russia that it had made only weeks earlier? After Pearl Harbor, 9/11, and with all our "Big Data," intelligence, and military planning--how did we miss this (again!)? 

2) Duped - Were we duped by the misinformation from Russia saying that the 150,000 troops they called on a "training exercise" was planned months ago and it just happened to coincide with the toppling of Ukraine's President?  Also, were we fooled when the "mysterious" soldiers showed up without national markings and Russia said they weren't their military--uh, where did they come from--did they float down from the heavens?

3) Apathetic - Are we just apathetic to Ukraine's plight? Are they just a poor country of little strategic value to us? Are we so war weary from Iraq and Afghanistan that we just want to place our heads in the sand like ostriches even when democracy and freedom is threatened in a European nation of some 45 million people?

4) Fear - Are we afraid of the military might of the nuclear-armed Russian Federation? Is America, the European Union, NATO, the United Nations all not willing to stand up and hold Russia accountable even if that means a military confrontation? Not that anyone wants World War III, but if we don't stand up and defend against wanton aggression, how can any country or anyone be safe going forward? 

5) Optionless - Are we just out of options? Russia got the upper hand on this one and they are logistically right there on the border and in the country of Ukraine now and what can we do? Despite the U.S. assertion that it can project military power anywhere around the world and a defense budget bigger than the 10 next largest combined--how can we be out of options? Are we out of options because we tacitly understand that one wrong miscalculation and we could end up with WMD on our homeland doorstep? 

6) Butter Over Guns - Have we retrenched from world affairs, downsized our military, and emphasized domestic issues over international ones? Have we forgotten the risk that comes from a world without a superpower that helps to maintain stability and peace? Are we just under so much financial duress with a growing mountain of national debt, a economic recovery still struggling, and the lowest employment participation in over 30 years that we can't even entertain spending more treasure to fight again? 

7) Leadership - Who is managing the crisis? We've seen our President speak, various other government officials from the U.S. and European Union, the Secretary General of the U.N., the Secretary General of NATO, and more?  Who is in charge--setting the tone--deciding the strategy? Who has point so that we and Russia know who to listen to and what is just background noise? 

What is so scary about this whole thing is how quickly things can escalate and seriously get out of control in this world, and this despite all the alliances, planning, and spending--at the end of the day, it looks like we are floundering and are in chaos, while Russia is advancing on multiples fronts in Ukraine and elsewhere with supporting dangerous regimes in Syria, Iran, North Korea and more. 

Whether we should or shouldn't get involved militarily, what is shocking is: 1) the very notion that there wouldn't be any good military options, and 2) that the consequences are not being spelled out with speed and clarity. 

In the streets, at the cafe, on the television, I am seeing and hearing people in shock at what is happening and what we are and are not doing about it. 

Even if we get Russia to stop advancing (yes, based on what happened with Georgia, I doubt they will actually pull back out), the question is what happens the next time there is a conflict based on how we've managed this one? 

I do want to mention one other thing, which is while I feel empathy for the plight of the Ukrainians seeking their freedom from Russia now, I also must remember the events of Babi Yar where, between 1941-1944, 900,000 Jews were murdered in the Soviet Union by Nazi genocide and Ukrainian collaborators. This is history, but not so long ago. 

All opinions my own. 

(Source Photo: here with attribution to Utenriksdept)
Share/Save/Bookmark

March 1, 2014

First We Must Live

I liked this advertisement for the movie sequel to the 300 coming out this week. 

Anyway, for this scary-looking dude, "War is in my blood"--that's who he is and these days, it seems like he is not alone in this crazy and violent world. 

Some people are like that...they always like to fight, be oppositional, or just be difficult. 

My belief is more like Ecclesiastes--that there is a time and place for everything..."a time for war and a time for peace."

Around the globe, there seems to be plenty of fighting, slaughter, and tensions going on...from Damascus to Kiev, from Iran to Venezuela, from Sudan to the South China Sea, and more. 

I heard what I thought was a good saying on the Game Of Thrones Season 3 (which by the way is totally excellent), it went like this:


"If we die, we die, but first we will live."


Let's hope and pray for more peaceful, stable, and pleasant times.

There is yet much to live for. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

February 28, 2014

Hanging By A Thread

This spool of cable has been hanging from this utility pole for days, maybe weeks. 

I have never quite seen anything like this. 

This huge spool hanging by a thread from this skinny little pole.

Of course, there is one warning cone sitting right underneath the overhead spool. 

Can't you just see that spool crashing down and flattening the cone? [Wonk!]

Then you have some sporadic red warning tape not doing much of nothing.

And cars and people regularly going up and down this street--which you don't really see in this photo.

Maybe the workers just left the spool of cable up there in case they need it again in the future.

Hey, less work lifting it all the way up there again. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

February 27, 2014

Newspaper, Identity Thief

So, true story.

I know identify theft is a serious matter, but really...

I'm heading out of the driveway and I see the newpaper delivery guy just pulling up.

He's running a little late, but I figure I can still get the paper in time for morning reading on the Metro. 

I walk over to him and ask if I can get the Journal that he's deliverying to me.

He says, "No, I only deliver the Wall Street Journal and the Post."

I say, "Yeah, the Wall Street Journal, can I get it, since you're running a little late this morning."

He says. "I'm never late!"--actually, he is and sometimes doesn't deliver at all (the other week, I got 3 papers in one day). 

I say, "OK, but I can take it from here."

He says, "No, I only deliver to the door."

I say, "But I'm right here."

He says, "How do I know you are who you say you are?"

I say, "I am, and thank G-d, I really don't need to steal a $2 newspaper from you, Sir."

He says, "Okay, but I'll need to see an id!"

I say, "Are you serious?"

He says, "Yeah," pulling back to safety the pile of newspapers he is holding is his arms. 

Reluctantly, I flip open my wallet and flash my license to him.

Not good enough...he insists I take it out so he can read it. 

I finally got the paper, but we wasted what seemed like 5 minutes between the negotiation and proof of identity exercise. 

Don't get me wrong, I appreciate his diligence, but I think this type of scrutiny over access and identity would be better placed squarely on our cyber assets--somewhere where we really need them! ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

February 26, 2014

March Of The Dangerous Penguins

This was a funny picture on the streets of Washington D.C.

Someone drew these "armed" and dangerous penguins on the back of a chair. 

The chair is translucent, but with the snow coming down and covering it, you can see this crazy drawing. 

Perhaps this is a message from the local NRA advocating for gun rights, who knows?

Anyway, these penguins are cute little fellows even carrying scoped rifles and staring down the everyday passerbys. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

February 25, 2014

What A Waste Of Coin

Coming to work this week, I saw a penny on the ground...then another...and another.

I saw people passing the money, and instead of picking it up, they kicked in off the curb.

That's even worse than throwing them into the fountain where at least you might get some good luck from it. 

Thus, the state of our minting of coinage--it's essentially worthless.

After getting a pretty basic Venti Java Chip at Starbucks for a whopping $5.45, I quickly calculated, I would need 545 pennies,109 nickles, 54.5 dimes, or 21.8 quarters o pay for this--how ridiculous!  

And uh, how many of these would you need to pay someone one hour at the new proposed minimum wage of $10.10 if you did it in coins?

Otherwise, I could just give them a credit or debit card--yes, sort of a no brainer, right?

Why do we keep making coinage that no one wants or needs in the digital age?

We have direct deposit for payroll, automatic deductions for many expenses, online banking, ecommerce , credit and debit cards, paypal, and even bitcoin...let's just be honest and admit it, traditional money is basically obsolete. 

At Starbucks, I see many people now just use their Smartphone App to pay and get rewards--another advance. 

Someday soon, we will have embedded chips that simply add and deduct payments as we go along and live life--it's really not all that complicated. 

The funny thing also is that it costs more to make many coins then their intrinsic worth--and hence the drive towards making coins with cheaper materials. 

According to Business Insider, in 2012, a penny cost 2.4 cents to make and a nickle 11.2 cents--quite a losing proposition. 

While there truly are some valuable coins out there and I appreciate that there are many coin lovers and collectors--numismatists--perhaps there are alternate hobbies to consider. 

A colleague once told me that "If you watch your pennies, the dollars will follow"--and that may be some good investement advice, but in a 24/7 society and after decades of inflation, there isn't enough time or room to collect all the pennies we would need to make much of a difference. 

ABC News reports that while our northern brother, Canada, got rid of the penny in 2012, we still make something like 5 billion of these useless things a year. 

Full disclosure: my first job in Washington, D.C. was for the U.S. Mint, and while there were good things about it, I could never feel good about the mission--it just had no purpose. ;-)

All Opinions my own.

(Source Photo: here with attribution to Maura Teague)
Share/Save/Bookmark

February 24, 2014

Google Fiber 4 The Nation's Capital

How About Google Fiber for Washington, D.C.? 

- Lead, by example, the rest of the nation forward.


- Speed up the functioning of the government.


- Helpful for Emergency Management


- The Patriotic thing to do! ;-)


All Opinions my own. 


(Source Photo: here with attribution to Cameron Yee, & no idea why it's in Spanish, but I like it!)

Share/Save/Bookmark

February 23, 2014

Tie Dye Cake


This is a fun cooking experience.

We're making tie dye cake.

It's not yet done--just went into the oven.

Frosting and sprinkles are also on the way. 

In 30 minutes we'll have a very colorful dessert. 

And yum!  ;-)

(Source Photos: Andy Blumenthal)
Share/Save/Bookmark

Don't Let Debbie Downer Take You Down


Saturday Night Live has a spoof about Negative Nellie's and they call her Debbie Downer. 

We all know people like this who are the Voice of Doom and the Doctor No's.

Whatever the topic is--they've been there, done it, and have seen it fail--"We tried that before," "That's not the way we do things here," "You just don't understand," "It will never work."

They see danger and bad everywhere and in everything, even in the face of positive and promise. 

These are the people who are obstinate, the naysayers, and are against change at all cost--they fear it or just don't want to deal with it. 

BusinessWeek has an interesting perspective on this--how even these people can be employed to have a beneficial impact on projects--by having them tell you everything that can go wrong, so you can take steps to plan and mitigate against these. 

Some people only want to have positive people around them--"yes men," who only tell them how smart and right they are all the time. 

However, the best leaders don't want kiss ups and brown nosers, but rather value"truth tellers," who will provide them solid advice and guidance on issues, tell them when they think something is wrong or risky, and even take an opposing point of view or play devil's advocate.

I remember when I was asked about whether a certain project was going to meet a very near deadline, and I said point blank, "Do you want me just to say yes or do you want me to tell you the truth?"

I got a big smile to that and the appreciation that I was real and truthful and there to make a difference and not just be another lump on the log. 

The point is not to be a Debbie Downer or a brown noser, but to be an Honest Joe or Jane. ;-)
Share/Save/Bookmark

February 22, 2014

National State Of Cyber Insecurity


This video is a wake up call on the state of our national cyber insecurity. 

It is the opening statement (about 6 minutes) of Chairman Michael McCaul (R-TX) of the Homeland Security Subcommittee of Oversight, Investigations, and Management.

What he describes is quite grave and every American should listen carefully about the state of our cyber insecurity that poses a real and significant threat to our economy and national security.

We are under attack by cyber criminals, terrorists, and hostile nation states. 

Our adversaries seek to and can paralyze our critical infrastructure, steal our intellectual property, conduct espionage, and access our personal and financial information. 

The collapse of our military networks, financial system, energy, transportation, and electricity "is not science fiction."

The cyber attacks are "real, stealth, and persistent, and can devastate our nation." 

It is "not a matter of if, but when a Cyber Pearl Harbor will occur."

And "we have been fortunate that up until this point that cyber attacks on our country have not caused a cataclysmic event."

I read from the Center for Strategic and International Studies (2011) that cybersecurity has taken a back seat after 9/11 to the War on Terror as well as the economic fight after the recession of 2008, with the result that "the United States is unprepared to defend itself."

Chairman McCaul critically states at the end of his opening statement, "Let's do something meaningful [now] because it is not a tolerable situation!"
Share/Save/Bookmark

February 21, 2014

Can You Trust Social Media?

Interesting article in BBC about a project underway to develop a system that will rate information on the Internet as trustworthy or not. 

Considering how quickly we get information from the Net and how easy it is to start crazy rumors, manipulate financial investors, or even cause a near panic, it would be good to know whether the source is legitimate and the information has been validated. 

Are we simply getting someone mouthing off on their opinions or what they think may happen or perhaps they are unknowingly spreading false information (misinformation) or even purposely doing it (disinformation)?

Depending how the Internet is being used--someone may be trying to get the real word out to you (e.g. from dissidents in repressive regimes) or they may be manipulating you (e.g. hackers, criminals, or even terrorists). 

To have a reliable system that tells us if information being promulgated is good or not could add some credibility and security online. 

What if that system though itself is hacked? Then lies can perhaps be "verified" as truth and truth can be discredited as falsehood. 

The Internet is dangerous terrain, and as in the life in general, it is best to take a cautious approach to verify source and message. 

The next cyber or kinetic attack may start not with someone bringing down the Internet, but rather with using it to sow confusion and disarm the masses with chaos. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

February 19, 2014

Jewish History At A Glance

I really like this poster graphic outlining Jewish history and key figures from Genesis until modern times. 

While there is already a lot of information on here such major events in Jewish history, world events, Jewish historical figures, Jewish literature and Jewish population, I would suggest adding major Jewish contributions to the world from Einstein to Freud, from Columbis to Salk. 

Also, I found that 23% of all Nobel Prizes (or 193 people) between 1901 and 2013 were awarded to people of Jewish descent--and the awards were across the fields of chemistry, economics, literature, peace, physics, and medicine. 

We are not a very large people--just .2%--in terms of population, but we have a very rich history--a mixture of persecution and contribution. 

Thank you Minna Blumenthal for sending me the link to this!

(Source Photo: here with attribution to Odyeda)
Share/Save/Bookmark

February 17, 2014

Alert, Alert, And More Alerts

No this is not an alert, but some strategic thinking about alerts. 

As a kid, we get our first alerts usually from the fire alarm going off in school and practicing the buddy system and safely evacuating. 

As adults, we are used to get so many types of alerts:

- Homeland Security threat alerts
- Breaking news alerts
- Emergency/Disaster alerts
- Severe weather alerts
- Smog alerts
- Transportation delay alerts
- Accident alerts
- Fraud alerts
- Economic and financial alerts
- Amber missing child alerts
- Internet security alerts
- Power loss alerts
- Home or business intruder alerts
- Fire alerts
- Carbon Monoxide alerts
- Medical/health alerts
- Chemical spill alerts
- Product safety or recall alerts
- Unsafe drinking water alerts
- Active shooter alerts
- Work closure alerts
- Parking garage alerts
- Dangerous marine life alerts
- Dangerous current or undertow alerts
- Air raid siren alerts
- Solar eclipse alerts
- Meteorite or falling space debris alerts
- Special sale or promotional event alerts

With the arrival of highly successful, mass social media applications like Twitter, we have alerts aggregated for us and listed chronologically as things are happening real-time. 

The brilliance of the current Twitter-type alerting is that we can sign up to follow whatever alerts we are interested in and then have a streaming feed of them.  

The alerts are short--up to 140 characters--so you can quickly see the essence of what is happening or ignore what is irrelevant to you. 

When more space is needed to explain the details behind an alert, typically a (shortened) URL is included, which if you click on it takes you to a more in depth explanation of the event or item. 

So alerts are a terrific balance between short, attention grabbing headlines and links to more detail, as needed. 

What is also great about the current alerting mechanism is that you can provide concise alert information, including:

- Message source (for ensuring reliability)
- Guidance (for providing immediate instruction on response). 
- Hazard (for specifying the type of incident)
- Location (for identifying geographic or mapping locality)
- Date/time (for implications as to its currency)
- Importance (for determining severity such as catastrophic, critical, etc.)

While we remain ever, hyper-vigilant, we need to be careful not to become anxiety-ridden, or at some point, simply learn to tune it all out, so we can actually live life and get stuff done.

It's good to know what's going on out there, but can too much information ever become a bad thing? ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark