Undoubtedly, the incident last week in Aurora, CO, is tragic. Any time a person feels the need to inflict pain and suffering onto others simply to assuage their own pain and suffering gives us pause, and in this case it certainly has raised many concerns. Unfortunately, much of what we are seeing and hearing in the mainstream media, from politicians, and from lobbyists the world over, is that this event is about guns and violent crime. Sadly, this is misplaced angst, and a diversion from the true issue at play: that a man in decline and distress, who clearly needed some form of mental healthcare support, somehow was left to his own wilds and allowed to reach the conclusion that the best way to deal with his situation was to shoot-up a theater of innocents.
July 2012 Archives
You may or may not notice (or care) that I'm not in Vegas this week for the annual BlackHat/DefCon hacker love fest. I've been in the past, and certainly had fun, but overall it's just not my thing. I view myself more as a "builder" than a "breaker," and I just don't enjoy sitting through 5-6 days of presentations on how everything under the sun is hackable and how we're all inevitably foobar. From a risk management perspective, I save myself a lot of time and hassle and just assume that everything is hackable, on a varying degree of difficulty, and move on to other concerns.
The thought, however, occurs to me this morning that there is an amusing, almost hypocritical aspect to all the hoopla over BlackHat/DefCon (BH/DC). The same people who decry FUD the 51 other weeks of the year seem to fall into the trap of glorifying FUD for a week in the Nevada desert. This highlights the fine line we have to walk - especially those in security research - between publicizing useful, factual information, and fanning the flames of hysteria over yet another technical exploit. Moreover, reveling in all this research without much-needed business context and perspective is tantamount to rejecting our own guidance on risk management.
I've come to 2 reinforced realizations: 1) the weather/climate is truly unhinged and dangerous 2) people are crazy. As such, it's occurred to me that it might be time to improve my planning for personal survival (inclusive of my family). This does, however, raise an interesting question: how much prep is enough?
We recently experienced "derecho" storms in the DC metro area. The strong winds and lightning knocked out power for many in the area, causing outages that lasted anywhere from a day to a week. At the same time, the temps were oppressive, topping out in the low 100s with very high humidity. In short, this was the nightmare scenario that the ne'er-do-well FUD-mongerers have been warning about. And, yet, there were no riots... minimal deaths (mostly from trees falling on people)... hysteria was fairly limited... people survived, and without going all nut-so, or so it seems.