July 2008 Archives

After about 6 weeks of picking at it, I've finally finished reading Freedom House's Today's American: How Free?. This book provides a think tank approach to analyzing the current state of freedom and democracy within the United States, with the end conclusions being that things aren't as bad as we think, but there have been some sketchy changes under the Bush administration, and there is definitely room for improvement.

If you're interested in politics at all, then you'll definitely want to check this book out, regardless of your political leanings. It provides adequate fodder for both parties, plus for everybody in between. To give you an example of how the book really can work for any perspective, check out this quote from p22:

"Yet even now, six years after 9/11, the impact of the administration's policies on the civil liberties of Americans remains unclear. This is due in part to attempts by the administration to limit public knowledge of its actions on national security grounds. At the same time, the proposition that, as some critics have said, counterterrorism policies are placing fundamental freedoms in jeopardy and leading to massive violations of civil liberties seems to be an overstatement of current conditions, especially when viewed in historical context."

Engineering Prowess :)

eng-prowess-sm.jpgPardon my bragging, but I felt pretty good about myself as an engineer Saturday. Not only did I successfully assemble our "travel system" (baby seat and associated stroller) a few days prior, but on Saturday I assembled the crib, installed the car seat base in the car, AND... I replaced a light switch that was starting to crackle (indicating a short forming - seen that before). All told, the travel system (stroller portion) was the hardest to assemble as the instructions were essentially just pictures and there were lots of buttons and latches to locate and use properly. :)

So, as a proud father-to-be (any week now!), I feel that I'm finally contributing in a meaningful manner. w00t! :)

I tried a new Riesling this week, the 2006 Cellarmaster's Riesling from Columbia Winery. Overall, it was decent, though a bit on the sweet side even for me. The bottle says that it "offers fragrant honey, pear and apricot aromas" and this certainly seemed to be true. From a flavor perspective, I believe the honey came through more than anything else. Having not had this wine before, I didn't have a good feel for pairing. I tried it along with a citrus-mayonnaise-parmesan emulsion over salmon on the grill and it was not a very good match. The bottle suggests drinking with "spicy foods, fresh fruit desserts" or to use for relaxed sipping. I think this last suggestion is likely the best of the three.

On a scale from 0-4 with 0 being "ugh" and 4 being "empty bottle" this one is solidly in there at a 2.5-3. With a better pairing I think that it would have been more drinkable, or simply without biasing my palate one way or another. Would I bring it to a party? Probably not. However, it could make a nice sipping wine for company assuming that it's been paired with the right snacks (perhaps the fruit, as mentioned).

Just another quick thought... we should be seeking to become energy independent, meaning not only being independent of foreign oil, but also independent of non-renewable energy sources. Shifting from foreign oil to mythological domestic oil is not a sustainable solution, putting aside the whole "10 years until production" matter...

Don't Believe the Drilling Myth

I just saw a McCain ad that explicitly blamed Barack Obama for the rising pricing of oil and gas because of his opposition to opening more domestic drilling. Not only is this a ludicrous accusation, but it is of course a blatant manipulation of the facts.
1) Obama has not been in office long enough to have significantly impacted oil prices.
2) McCain has definitely been in office long enough to have significantly impact oil prices.
3) Opening domestic drilling will not result in new oil production for at least 10 years.
4) Some argue that oil prices will magically drop if domestic drilling is authorized. There's no apparent basis for this assertion.
5) If domestic drilling was so important, then why didn't the Republican-controlled Congress of the 90s pass such legislation?

It seems to me that the correct interim step here is to find cheaper, more efficient, more effective ways to produce ethanol (not just from corn!!), and then require that all US gas-based vehicles support it within the next 4 years. The technology already exists, is not expensive, including conversion kits for gas-only cars. Such a change would require minimal changes to distribution infrastructure.

Refuse to be tricked by the blind political BS that is being spewed during this election season!

When Admins Go Bad

You've undoubtedly heard by now about the San Fran net admin who refused to give up sole control of the network, and thus was thrown into the pokey to compel him to cooperate. Network World has a great article that provides some anonymous insider info on the debacle. My favorite quote:

"Later in the e-mail, my source offered some insight into what may be at the core of the issue: Childs was so paranoid about the security of the network that he even refused to write router and switch configs to flash, which would mean that if the device was powered off, all configurations would be lost."

So, really, he's just practicing good secure computing apparently? Um, no. If he thinks that not having backups for configs nor writing them to flash is good security, or if he thinks that having single control over the network is good security, then he's clearly crossed the line from genius to insanity. My read is that "security" may have been a convenient justification for him when talking to management, but that his motives were really job security and making himself feel more important. This seems to clearly be a case of a big ego out of control.

The article also suggests that all this drama ensued after a newly onboarded security manager started pressing to get the admin access for the network out the sole hands of this joker.

So, is this net admin: a) delusional b) drunk on power or c) completely nuts?

New Feature: Wine Reviews

Greetings, and apologies for being at a relatively low level of activity lately. Work has been keeping my quite busy, and part-time on the road. At any rate, I thought it would be nice to introduce a new feature here: wine reviews. Don't expect hugely informative posts on the intricacies of wine from me. What you can expect is honest feedback on a simple rating system: like, sort of like, or don't like.

So, keep an eye out for a few posts in the coming weeks on some of the wines I've found. For the most part I plan to post favorable reviews on wines I like, but if I find a clunker, I'll pass it along. A couple things on my tastes you might want to bear in mind (perhaps to determine if you'll bother reading these posts): I generally prefer white wine to red and I generally prefer a semi-dry wine with a crisp, clean finish. So, expect Rieslings and similar in most of my posts.

Without details, here are a few wines that I've found to be quite nice lately:
* 2006 Rockbridge White Riesling
* 2007 Rockbridge White Riesling
* 2006 Chateau Ste Michelle-Dr. Loosen "Eroica"
* 2007 Dr. Loosen Riesling

This past week I had a chance to mostly read Ron Fry's Ask the Right Questions Hire the Best People. This book provides an interesting perspective on hiring from the employer's vantage point, instead of the typical candidate's viewpoint. I picked it up because I'm currently working on an internal training course that includes a segment on interviewing skills. While my focus is not on interviewing for hiring, but rather for collecting information, some sections of this book were quite relevant.

The four quick hit items I derived from this book are:
1) First and foremost, seek to establish rapport. If you cannot establish good rapport with the person you're interviewing, then you may find it difficult to get the information you need. In a way, this advice goes toward establishing trust.

2) Establish agenda, objective(s), and bias(es). Before you go into an interview to gather information, you should have a clear agenda and know your objectives. You should then share this information in advance with the interviewee so that they know what to expect. Along the same lines, you should state any biases you bring to do the table, as well as work to determine what biases or agendas they may have. Not knowing their biases can cause misleading information to be given, either intentionally or unintentionally.

3) Keep them talking. The purpose of your interview is to gather information. You can't do this if you're yammering away like an idiot. Use open-ended questions to start things off, and then keep asking follow-ups that encourage the subject to keep talking. If you're not getting enough detail, try different ways to phrase follow-ups such that you can get them to talk at more length and and in more detail.

4) Prepare, prepare, prepare. If you don't know what you're talking about when you go into an interview, then you're setting yourself up for failure. The best way to establish good rapport and to keep people talking is demonstrate yourself as a competent professional. Being unprepared or under-informed can shut some people up (especially techies!). If you're doing a technical interview, you had better know the tech fairly well. At the same time, nobody likes a know-it-all, so don't imply that you know everything. If you did, then you wouldn't need to conduct the interview.

If you're conducting interviews of any sort, I recommend checking this book out.

As already mentioned, I had the opportunity to attend an Obama rally this week. Perhaps the single most intriguing thing to jump out at me from a security perspective was the security screening process. In addition to requiring everybody to get tickets in advance (thanks to the wife on that), we then had to stand in a line while everywhere filed through a number of metal detectors setup and run by the Secret Service.

Now, before I go on and give you a chance to consider me an idiot, bear this in mind: the tickets urged people not to bring bags because of security screening, but it never clicked with me (for whatever reason) that they would be doing airport-style crazy screening. In my own defense, when they walked us through security screens on the National Mall, there were no metal detectors and thus I didn't have an issue. This time, however, I was caught unawares, and it cost me... a pocket knife.

Obama on His FISA Vote

| 2 Comments

I had the opportunity to attend an Obama Town Hall rally this week. Given the town hall style of meeting, he took questions from the crowd. One of the inevitable questions, poorly phrased by an attorney for whistleblowers, was about why Obama had reversed his stance on the FISA reform legislation that passed the Senate this week. My immediate reaction was a feeling of betrayal, but I now better understand Obama's perspective and, while I don't fully agree with his comments, I at least feel that I can still support him as a candidate.

Following are some of the points he made in response, and my thoughts:

In case you, like me, were a bit skeptical of the big DNS protocol flaw announcement, and thought "well, they're just over-hyping as usual" - I guess maybe not? I run djbdns, so I'm generally fine, but the big vocal blog-o-scoffs have started retracting after talking to the big Dan K, so now I kind of wish I could see the preso at BlackHat (though, no, I don't really wish I were going to BH, especially this year with the baby due around the same time). More info is now available at:
http://www.matasano.com/log/1093/patch-your-non-djbdns-server-now-dan-was-right-i-was-wrong/
http://taosecurity.blogspot.com/2008/07/thoughts-on-latest-kaminski-dns-issue.html
http://securosis.com/2008/07/09/more-on-the-dns-vulnerability/

Just a quick note and redirection to more info. According to Rich Mogull over on Securosis, a major fundamental flaw in the DNS protocol has been identified, and patches are being released by vendors. The flaw is in the protocol itself and affects both servers and clients. Prompt attention is warranted for this matter, so please check your DNS servers ASAP.

More info in Rich's post *** HERE ***. If you need a TinyURL address for that link, I've setup http://tinyurl.com/dnsbug.

Hopefully this will be the last time I need to post anything on this issue. Hopefully you will all join me in contacting US Senators today, urging them to vote no on the FISA reforms passed to them by the spineless House (you know, the same House that blocked FISA reforms last Spring, but which turned around in the middle of the night in June and snuck the legislation through, completely under the radar). From the EFF:

After the Fourth of July holiday, the Senate will vote on the FISA Amendments Act (FAA), a bill that would betray the spirit of 1776 by radically expanding the president’s spying powers and granting immunity to the companies that colluded in his illegal program. Now that the House has passed the FAA, the Senate is the last front left in the battle against immunity, and every vote -- from cloture, to the amendments, to final passage -- counts.

Therefore EFF urges all patriots to celebrate the Fourth of July this year by demanding that their senators uphold the rule of law and stand up for civil liberties, by voting against the FAA and for the amendments to the bill that would eliminate or weaken its telecom immunity provisions.

Please, please, please visit the EFF site HERE to find your Senator's contact information. Call and email them, urging them to vote against this horrible legislation.

More info from Tim Ferris here, and from the Obama camp here.

Rafa Wins!!!

Spanish phenom Rafael Nadal has won the 2008 Wimbledon Championship for the first time today, and boy was it a thriller! After going up 2 sets to love, Nadal's competitor, the legendary Roger Federer, fought back to win two straight tiebreakers, forcing a fifth set. Last year, Nadal took Federer to 5 at Wimbledon, but eventually succumbed. This year, however, was different as you could sense Nadal's confidence and see the slow erosion of Federer's faith in his own ability to win. Despite Federer's reliance on a successful huge first serve, it was Nadal's match to win, which he finally did in the no-breakers 5th, 9-7. This represents Nadal's first Grand Slam championship on a surface other than clay (he's undefeated at the French Open), and it represents the first time since Bjorn Borg that a player has won the French and Wimbledon back-to-back. It's now on to the US Open Series. Let's hope that Nadal can bring his energetic pace to the hard courts!

Final score was 6-4, 6-4, 7-6, 7-6, 9-7. Phenomenal!!!
Wimbledon
ATP

Since everybody else these days seems to be blogging about WALL-E, and since I don't plan to see if because I don't get it :), I thought I'd post a quick post about a couple DVDs we recently watched: I Am Legend and Definitely, Maybe.

Alrighty, so, it's been a few months since I cleaned out my Google starred items, and so that means I haven't been able to share random links with you, either. It's just been too doggone busy with work and moving and being sick and so on. So, here is possibly the most random set of links you'll see from me, ranging from infosec to environmental politics to humor to moist banana bread. :)

2008 Goals: June Progress Report

June has come and gone faster than we would have imagined. It's the funny thing about being busy - time tends to disappear! We did a lot of things, and didn't do a lot of other things that we probably should have done. Overall, it seems to have been a decent month, though not across the board.

The biggest news is our continued preparation for the baby's arrival in August. The 3D/4D ultrasound was a very cool experience - highly recommended for all expecting families! We also continued to get settled into the new rental home, finding it to be far more relaxing than the old apartment. We've had to buy some things here or there, such as shelving for storage, but overall it's been good.

Career wise there's not really been too much excitement. I've been actively working with a couple clients, have not gotten nearly as much writing or reading done as I would have liked, but am still moving in a generally forward direction. Personally, I've made huge strides in the meditation front. I've not really blogged about it, but a couple months ago I started trying the Holosync meditation program (audio tracks that cause brain patterns to reach a meditative state without having to spend years and years learning how to get there). I had a breakthrough a week or so ago, finally reaching a point where I could release a bunch of emotional baggage, left over from when I was a teenager. I highly recommend using this program.

Anyway, on to my full progress report...

My Other Pages

Support Me

Support EFF


Bloggers' Rights at EFF

Creative Commons License
This blog is licensed under a Creative Commons License.
Powered by Movable Type 5.2.10