Alrighty, so, it's been a few months since I cleaned out my Google starred items, and so that means I haven't been able to share random links with you, either. It's just been too doggone busy with work and moving and being sick and so on. So, here is possibly the most random set of links you'll see from me, ranging from infosec to environmental politics to humor to moist banana bread. :)
A deluge waiting to happen: Nature will do as nature does, but humans are to blame for the deadly Midwestern floods.
A reasonably accurate piece about how river engineering along the Mississippi River has amplified the effects of flooding.
In search of the holy grand: Glenn Gould's obsessive pursuit of the perfect piano led to the enduring heart of his extraordinary music.
A great piece on Glenn Gould, the amazing classical pianist.
Deep Inspection #2
A fairly amusing security cartoon, drawn a la xkcd, about silly security topics.
Has "The Long Tail" been refuted?
New research begins to suggest that blockbusters do matter and that the long tail may be wrong. The argument is unconvincing and, to my untrained eye, doesn't even seem to contradict the long tail. Still, interesting.
DIY: Set Up Cheap Ambient Lighting with Rope Lights
A clever use of rope lighting to provide indirect lighting for a room. I rather like it, actually.
Top Ten Strategic Security Metrics
I hate metrics, especially in infosec, and these examples are no different. You want qualitative improvements to your organization, and to suggest that you can measure those improvements quantitatively is sheer folly. Even the FAIR risk management guys are just manipulating qualitative (and subjective) measurements in a consistent manner to get a reasonable measurement. This whole topic ranks up there with doctors trying to assess the level of pain a person is feeling. It's just not a realistic goal, not the least of which because you cannot compare 2 people since each person's scale is unique. The same is true for risk and organizations. Instead, the focus should be on developing a risk resiliency program that allows an enterprise to understand their tolerance and exposure, as well provide the tools for managing to the right levels.
Moist and Delicious Whole Wheat Banana Bread
This recipe sounds absolutely wonderful. And, btw, if you like baking, this Breadtopia site is amazing! I plan to try this recipe in the Fall, once it's not so scary to use the oven.
Bjarne Stroustrup Reveals All On C++
An in-depth interview with the inventor of C++. Good stuff, especially for tech geeks!
Scan your drive for PII
Good pointer to an excellent tool for scanning your drives for sensitive info, like credit card numbers!
Will Idiocy Ever End?
Anton goes on an appropriate rant about the increasing distance between academic research in infosec and the real world.
The power of "because"
This is straight out of Cialdini's "Influence" book, but it's still a great point.
Slife Time Tracker Redesigned, Now Free
From the post: "Slife tracks and charts what applications and documents you use and for how long throughout the day. Categorize that time into activities and goals—like "Reading email," "Online research," or "Designing web pages"—so you can see exactly where it is your day went." Sounds interesting and potentially useful, especially if you're spending too much time wasting time.
SCOTUS To Hear Small ISPs' Case Against AT&T
A very interesting case suggesting that AT&T acted uncompetitively in the dial-up Internet space. Having worked for a small ISP, I find this to be a reasonable possibility.
350 What?!
Looking for a boost in your kettlebell routine? Try doing 350 reps in 25 minutes or less of snatches, pushups, swings, and front squats. That ought to whip you into shape! :)
R.I.P. CISSP
An excellent commentary on why certifications like the CISSP are not worth the paper their printed on. How do you certify that people have the right qualities to be good infosec professionals through a quantitative assessment? This is no better than No Child Left Behind and it's test-centric mantras. All standardized testing is flawed. Sorry. It's true. Now get over it and move onto something more important. :)
Apple Ships SUIDs With AppleScript Dictionaries. Hilarity Ensues.
Ooooo... the scary SUID bit! Whatever shall we do?!? Guess what? I run as root on my Macs, too. Guess what else? It's no big deal because I'm not stupid, and because installing apps prompts you for your password, making you stop and think "hmmm, should I really be installing this?" A great write-up on the hilarity. :)
Backscatter (or bounce) Spam, didn't we already solve this?
A great commentary piece from my buddy Jack on backscatter. In a nutshell, many of these stupid spam problems could be solved if people would simply implement proper header-checking on their SMTP servers. *sigh*
Teaching Bayesian applied statistics to graduate students in political science, sociology, public health, education, economics, . . .
A great write-up on Bayesian applied stats. Not sure you understand the topic? Read this post. It's great!
“Make your own Twinkies” and other secret recipes by the Food Cloner Dude.
The title says it all. Mom used to make homemade Twinkies when we were kids (cheaper than the real thing and much tastier!). Mmmm... there's something about my memory recall of childhood and it's correspondence to good food. Take today, July 4th, as an example. What comes to mind? Not girls or fireworks or anything like that. Nope. It's the smell of pine from visiting the grandparents at their rental lake cabin, and the taste of Hormel's Ambassador wieners (naturally cased goodness). Mmmmmm....
It Changed My Life: My Review of "Geekonomics"
I've not read Geekonomics, it is on my wish list at Amazon, but I'll take Anton's very learned word that it's excellent. Check out his review and comments.
Top 10 Things You Forgot Your Mac Can Do
A reminder of why Macs rock. :)
How to Cram All Your Travel Gear in One Bag
Travel much? If so, this is for you! Even if you don't travel much, these tips are excellent. I've been packing my bags like this for a while and can attest to the utility of the approach.
Three steps for PCI DSS Compliance on Wi-Fi devices
I generally view such topics as taboo and fraud, but in this case it's actually good advice that is quite actionable. Recommended infosec reading.
Kotatsu Automates HTML Table Generation
A handy little online tool for table generation. ymmv.
[Illiad] OPINIONATED NEWS ITEM: I CAN'T BEAT YOU SENSELESS...
This is a great rant from Illiad, the author of the User Friendly cartoon series. Very amusing - check it out! :)
Encyclopedia Britannica Now Free For Bloggers
I may have already noted this on here, but just in case, bloggers can get free access to the Encyclopedia Britannica online. Cool!