October 31, 2006 - #146
Good Morning:
BOO! Scared ya, didn't I. Today is Halloween in the US, and always a big deal when there are kids in the house. It's not clear what the final costumes will be for the candy gathering extravaganza this afternoon, but I believe Leah (my oldest) will be Dorothy from the Wizard of Oz (red shoes and all), Lindsay will be a 60's Go-Go girl and Sam may be Buzz Lightyear, although Mr. Incredible still has an outside chance. It'll also be around 70 degrees here in ATL, so it should be a great day.
It's also kind of spooky here in security-land. And I'm talking about the marketing tactics we continue to see from security vendors. Today I call bunk, bunk and more bunk. You hear about the million bot march (here [0])? Is the number really a million? Does it matter? What about the positioning of sender reputation as a cure for cancer (here [0])? Secure Computing is guilty as charged. And finally Websense needs to weigh in basically trying to position automated research as the next coming of the messiah (here [0])? Smells like an ISS-looking paint job on that Websense jalopy to me. Sports fans, we've seen all of these movies before. But it'll keep the media churning, which keeps me churning - so I should probably not complain too much.
In blog-land, the IDS/IPS battle rages on, which I find entertaining. Ross Brown weighs in (here [0]) and even includes his own little quadrant chart. I better watch my back, since Ross is far more insightful than a hack like me. Michael Wright (ohmygod, an actual user) runs to the defense of his beloved IDS (here [0]), which is good. Ultimately, there is no right or wrong here, it's what works for you. So let us professional windbags blow hot air all day long, if IDS works for you - bravo.
Finally, I try to be a good boy and control my longshoreman's tongue in my written material, but today I just couldn't. Must be the goblins and ghouls that have taken over my keyboard and are forcing me to write how I really talk. But here is my entry into Dark Reading's Security Short Story contest (here [0]) and also a book review on one of my favorite topics, Assholes (here [0]).
Have a great day and a safe Halloween.
Technorati: Information Security [1]
Top Security News
http://www.vnunet.com/vnunet/news/2167474/million-pc-botnet-threatens [2]
Link to this [2]
http://www.securecomputing.com/press_releases.cfm?p=irol-newsArticle&ID=923803 [3]
Link to this [3]
here [4]) for a long time. So I'm a bit perplexed that they've finally decided to come up with some snazzy marketing term (ThreatSeeker) for linking up their research engine to the products. Helloooooo?!?!? This is worthy of a Rip Van Winkle award. And they used the "pre-emptive" term as well. They hardly shoveled the IBM money on ISS's coffin before Websense steps in with, you guessed it, the X-Force! Well, not really the X-Force, but something that seems awfully close to how ISS was positioning for the past two years. Which, by the way, is a good thing for Websense. Security research is a key part of making security products more timely and effective, but I'm calling bunk on a "bold new architecture" because when you work your way through the smoke screen it seems like good, old-fashioned research bolted onto a product to me. But now that I think about it, Websense could very well be the new ISS. Trying to engage the channel (again) and most likely looking for a partner sooner rather than later because the one-trick pony they are riding doesn't have the legs to make it all the way to Dodge. If we see Websense introduce a services-based offering, then the transition will be complete.
http://biz.yahoo.com/prnews/061031/latu027.html?.v=77
[5]Link to this [5]
50 ways to leave your lover, [6]" but cringe when I see long lists of crap in a press release. This must be part of the newly passed, Make PRNewswire Rich Act - since they charge by the word. It's actually from a company called Palisade Systems, in the security hotbed of Ames, Iowa. That and corn are hot in Iowa, I heard. It seems Palisade monitors network protocols for content filtering violations, and they consider P2P application protocols as separate. So 20 of these so-called protocols relate to Napster. Seems like creative accounting to me. Maybe they got some of their finance folks from Jackson, MS (former home of Worldcom). I actually think more protocols is better than less protocols, and I haven't seen a list of protocols this long since some joker did a demo of a firewall configuration for me (that was years ago). Everyone is looking for an angle to differentiate, I get that. But I'm not sure monitoring protocols like Finger and DNS are really "game changers" in the content monitoring space. Don't try to be coy, Roy.
http://www.palisadesys.com/news/releases/view.php?pressreleaseid=92 [7]
Link to this [7]
https://www.isc2.org/cgi-bin/content.cgi?page=1125 [8]
Link to this [8]
Top Blog Postings
http://technobabylon.typepad.com/tb/2006/10/the_nipsnids_de.html
[9]Link to this [9]
http://mcwresearch.com/archives/337
[10]Link to this [10]
http://www.darkreading.com/blog.asp?blog_sectionid=327
[11]Link to this [11]
The No Asshole Rule [12]" by Robert Sutton, this is a book that teaches you either to recognize your own asshole tendencies or how to survive in a workplace dominated by assholes. How many times can I use asshole in a sentence? But anyway, I'm with Guy - I've certainly played an asshole on TV many times and also worked with more of them than I can count. These tips seem right on the money, so if you work in a difficult workplace - this seems like a good read. Though I'm not sure it would help me much at this point, given that I work with an asshole every day - but I know him pretty well.
http://blog.guykawasaki.com/2006/10/you_have_to_lov.html
[13]Link to this [13]