Things were getting too serious...
There once was a smart Russian hacker.
His code obfuscation a bushwhacker.
He pooched your website
Last Saturday night,
Making Monday morning even blacker.
Thursday, May 17, 2012
SPC 2012 - What You Can't Outsource
During the conference happy hour on Wednesday, someone asked the crowd what couldn't be outsourced in IT. (This was part of an ice breaker where they gave an open mic to anyone who wanted to talk about anything, like Speakers Corner in Hyde Park in London).
Coincidentally, upon seeing an opportunity to be a ham, I wrote the following. It happened to also answer the question of what things in an IT program can't be outsourced.
What You Can't Outsource
Our school buses
look like city buses.
Children ride those buses
from dorms
from slums.
They ride
one hand on the strap
or on the bar.
Their minds
on the books
in the bag
attached to the strap
on their back.
Their minds
on the face
of the person
they met last night
in the bar.
Their other hand
holding their phone
sending a text
updating their timeline
checking their grades.
Their grades
the key
their future
hanging in the balance.
The bus opens to
the library
the stacks
the computers.
They research
they study
they dream
they snooze
they wake with a start.
Their phone reminds them:
Time for class.
Time for office hours.
Time for lunch.
They smile,
unaware
that we are there
we run
the network,
the Blackboard,
the kiosks,
the instruments
Instruments that sing
with music and data
flowing and caressing them
with an endless tune.
We keep their classrooms
warm
wired
wireless
lit
projected
safe
We keep their Internet
Coincidentally, upon seeing an opportunity to be a ham, I wrote the following. It happened to also answer the question of what things in an IT program can't be outsourced.
What You Can't Outsource
Our school buses
look like city buses.
Children ride those buses
from dorms
from slums.
They ride
one hand on the strap
or on the bar.
Their minds
on the books
in the bag
attached to the strap
on their back.
Their minds
on the face
of the person
they met last night
in the bar.
Their other hand
holding their phone
sending a text
updating their timeline
checking their grades.
Their grades
the key
their future
hanging in the balance.
The bus opens to
the library
the stacks
the computers.
They research
they study
they dream
they snooze
they wake with a start.
Their phone reminds them:
Time for class.
Time for office hours.
Time for lunch.
They smile,
unaware
that we are there
we run
the network,
the Blackboard,
the kiosks,
the instruments
Instruments that sing
with music and data
flowing and caressing them
with an endless tune.
We keep their classrooms
warm
wired
wireless
lit
projected
safe
We keep their Internet
warm
wired
wireless
lit
projected
safe
They may never know
to thank us
to ask us
to help them again
But we watch
we fix
we plan
we dream too.
Our dreams are their dreams.
They just don't know it.
And we
should never forget it.
SPC 2012 - Another Inside Joke
Dedicated to Tony.
Pancakes
Flour is foundation:
A cloud made in a mill.
Sugar adds the sweetness.
A bit, if you will.
Add a tad of leavening
And a touch of salt.
Put the dry aside now,
But it isn't time to halt!
Break a large egg or two
In another bowl.
Add your butter or some oil.
Beat it as a whole.
A touch of fine vanilla,
Pour in a lot of milk.
Then mix it all together.
(Should be lumpy, not like silk.)
Make the griddle hot
So drops of water spit.
Then ladle on the batter.
Make sure each one will fit.
Bubbles start to form:
The quick bread taking shape.
When the bubbles stop their popping,
Flip them gently, you big ape!
Another thirty seconds,
Then move them to the plate.
Pour on some maple syrup.
Rejoice, there's no more wait!
Tuck in to the tall stack,
Golden-brown and round.
All your work was worth it.
It's the best meal around!
Pancakes
Flour is foundation:
A cloud made in a mill.
Sugar adds the sweetness.
A bit, if you will.
Add a tad of leavening
And a touch of salt.
Put the dry aside now,
But it isn't time to halt!
Break a large egg or two
In another bowl.
Add your butter or some oil.
Beat it as a whole.
A touch of fine vanilla,
Pour in a lot of milk.
Then mix it all together.
(Should be lumpy, not like silk.)
Make the griddle hot
So drops of water spit.
Then ladle on the batter.
Make sure each one will fit.
Bubbles start to form:
The quick bread taking shape.
When the bubbles stop their popping,
Flip them gently, you big ape!
Another thirty seconds,
Then move them to the plate.
Pour on some maple syrup.
Rejoice, there's no more wait!
Tuck in to the tall stack,
Golden-brown and round.
All your work was worth it.
It's the best meal around!
SPC 2012 - No Fear
What information security professionals do and why they do it is not well understood by those outside our field. This leads to fear and confusion whenever we enter the conversation. But we are here to help, and our users should know that.
No Fear
I see you.
Well, I see your packets.
Don't look offended.
It's my job.
Serve and protect
the servers.
Allow and refuse
the users
Who knock on the doors,
Salesmen selling brushes
to a house of bald old men.
But we let them in
Academic freedom!
Science can't say no.
Science says yes to me.
Science watches
where you go
what you type
what you see.
Are you ashamed?
Does the idea of
Science seeing
your post
your porn
your friends
your enemies
Embarrass you?
Don't fret.
I keep your Internet flowing.
I don't see your browser's view
But I keep the view from pulling you
down.
the vertigo
your computer
betrays you
exposes you
takes your life
lays it out bare
For the monsters
who look to take
what you are
And propel it
out of control
across the world.
You worry that I might
see you say "cantaloupe"
When a horde is pounding at your door
Paparazzi seeking a view
of your secret places
and secret faces.
I am not your enemy.
I do not represent
The Man.
The Man fears me too.
I seek to find the truth.
I seek to hide the truths
From those who you want blind.
Help me help you.
Learn to trust,
Let me earn that trust.
I can view
without judgement.
I can shield
without blocking.
I can secure
without bindings.
For Beth and Holly, who thankfully didn't laugh at the haiku, even though it wasn't that good.
No Fear
I see you.
Well, I see your packets.
Don't look offended.
It's my job.
Serve and protect
the servers.
Allow and refuse
the users
Who knock on the doors,
Salesmen selling brushes
to a house of bald old men.
But we let them in
Academic freedom!
Science can't say no.
Science says yes to me.
Science watches
where you go
what you type
what you see.
Are you ashamed?
Does the idea of
Science seeing
your post
your porn
your friends
your enemies
Embarrass you?
Don't fret.
I keep your Internet flowing.
I don't see your browser's view
But I keep the view from pulling you
down.
the vertigo
your computer
betrays you
exposes you
takes your life
lays it out bare
For the monsters
who look to take
what you are
And propel it
out of control
across the world.
You worry that I might
see you say "cantaloupe"
When a horde is pounding at your door
Paparazzi seeking a view
of your secret places
and secret faces.
I am not your enemy.
I do not represent
The Man.
The Man fears me too.
I seek to find the truth.
I seek to hide the truths
From those who you want blind.
Help me help you.
Learn to trust,
Let me earn that trust.
I can view
without judgement.
I can shield
without blocking.
I can secure
without bindings.
You can live
without fear.
For Beth and Holly, who thankfully didn't laugh at the haiku, even though it wasn't that good.
Wednesday, May 16, 2012
SPC 2012 - An Inside Joke
Only a few people will understand this one...
Tehweshat
Tehweshat
Tehweshat, Tehweshat!
On many heads it has sat!
It travels around when it's bored.
On top Wes, you might guess,
But it finds its way to mess.
It's floated and wiggled and soared.
This chapeau wants to go,
Has wild oats it must sow.
But Wes just won't let it be free.
Tehweshat, like a cat,
Is as fickle as all that.
It's wanderlust leads it to flee.
SPC 2012 - Admin Rights
Managing desktop systems for a campus is far from easy. The technical hurdles are part of the problem. Managing the social aspects, working with the users to set reasonable expectations for what security controls are necessary, and managing the risks that remain are all tricky processes as well. Playing the blame game is a bad move, of course, but thoughts like these are not uncommon...
Admin Rights
Admin Rights
I
Am God.
Computers,
They are my tools.
I know how to run
My web browser with Flash
So I can watch the movies
I want to download with torrents.
What?
What's wrong?
Don't tell me
I can't use that.
It's my computer.
I know how to run it.
Don't even try to stop me.
I have Administrator rights.
Yes.
Power
And control.
I can install
Whatever I want.
I bought this computer.
Go ahead, make policies.
I ignore the inconvenient.
Oh.
Look here.
Free AV!
Just click the link.
I want that, need that.
So I click that link there.
Whatever I want is mine.
I laugh when you tell me not to.
Oh!
Oh, no.
My hard drive.
My data is gone.
It's all corrupted.
Encrypted by bad guys.
Sending spam to all my friends.
They corrupted my Facebook page!
Help!
Please help.
You should help me.
You should protect me.
Remove the viruses.
And you should do it for free.
Because it just isn't my fault.
You.
Your fault.
You failed me.
You let it happen.
Why didn't you stop it?
You let me get tricked and fooled.
Why are you smiling like that?
SPC 2012 - I Phish You're Phished
Another from SPC 2012...
I Phish You're Phished
I phished.
You're phished!
More accounts than
I ever wished.
You try
And cry
"Go pick on
Some other guy!"
But I send.
It won't end.
Your users to me
will bend.
I send spam:
"Hot babe cam"
Or "take this cash
from OXFAM".
Through email
I assail.
Your awareness work
Seems to fail.
I make scratch
With each batch
Of NetIDs
That I snatch.
I won't stop!
I'm on top!
Go cry to mom
or a cop.
You can't win.
Worked too thin.
Try to block them
In your Junk bin.
I Phish You're Phished
I phished.
You're phished!
More accounts than
I ever wished.
You try
And cry
"Go pick on
Some other guy!"
But I send.
It won't end.
Your users to me
will bend.
I send spam:
"Hot babe cam"
Or "take this cash
from OXFAM".
Through email
I assail.
Your awareness work
Seems to fail.
I make scratch
With each batch
Of NetIDs
That I snatch.
I won't stop!
I'm on top!
Go cry to mom
or a cop.
You can't win.
Worked too thin.
Try to block them
In your Junk bin.
I'll find a way.
Here to stay.
I'll make users
Just obey.
SPC 2012 - Fawkes
A year ago, I started this blog to document the songs we sing. The blog was inspired by the EDUCAUSE Security Professionals Conference, and once again, I find myself attending this fantastic gathering. I'll be generating some new poems and songs as the conference goes on. I start with a song about Anonymous, APT, and the eternal threats we face.
Fawkes
Fawkes
Hey there, folks.
Have you met Fawkes?
He smiles at everyone he meets.
He loves what you do.
Loves to share too.
He's accomplished extraordinary feats.
He travels around
With the face of a clown,
And he finds his way into your data.
He inspires his friends.
DoS packets he sends.
Knows the default password on your SCADA.
Some think he's noble
Making all info mobile.
The whitehats would all like him dead.
But how can you kill
A man with such skill:
A hydra with millions of heads?
There is APT
You don't always see.
Sometimes it comes with a mask.
Sometimes it's there
Like gum in your hair.
No good way to get it out fast.
We hope that vigilance
Will increase our resilience
But the battle will never be won.
For us it's hard work
With no single perq
For the bad guys, it's totally fun.
Subscribe to:
Posts (Atom)