Copies of my stuff

Google, Facebook, Twitter and others have a lot of content that I've
generated. I'm starting to have second thoughts about letting them
host it and sell it (me). Even assuming their privacy policy exactly
matches mine, their security may not always be perfect. They may get
hacked (or get a court order that they may or may not tell me about)
resulting in my data being used in ways I don't want it to be.
I'm starting to flirt with the idea of pulling all my content back and
hosting it myself on something like OwnCloud. At the very least, it's a
good idea to make a backup of my own data. I have no guarantee that
they will keep hosting content I've posted (think Napster and perhaps
myspace or maybe even my old employer CompuServe or that their
backups, distributed data centers and networks will prevent outages
(for example from operational error or wide-scale Internet distributed
denial of services (DDoS) attacks).
Here are links/procedures to do that for some of the services that
may have your data:

Google Takeout

Google makes the process easy: https://www.google.com/settings/takeout

Facebook

The Facebook also provides a download service:
https://www.facebook.com/help/131112897028467. They send you email
with links to download your stuff. I'm still waiting. Seems it's a
slow process (lower priority, larger job, more intentional
impediments?) than allowing me to quickly post what I'm eating for
lunch for all the world to see….

Twitter

In twitter settings, there is a link to request under stetting (web
interface) to request a download of all your tweets. Again, an
email link. Mine came back pretty fast. Still waiting for
Facebook….
I may update this post form time to time.
I would welcome comments or additions for popular services (but I will
favor ones I actually use…)

LASER Workshop Tag Cloud

Here is a word cloud of my notes from the

   Learning from Authoritative Security Experiment Results (LASER) 2013 workshop

Digital War Memorials

I the walked Gettysburg battlefield on the morning of the 150th anniversary of Pickets charge
(which was actually an orderly march across an open field into direct fire).
Big Roundtop, Gettysburg

It seems that 30 or 40 years on, a generation that fought a great battle feels the need
to erect monuments to their heroic efforts, lest succeeding generations forget their deeds.

This IEEE article is a sort of digital monument to the OSI wars:

   http://spectrum.ieee.org/computing/networks/osi-the-internet-that-wasnt

Maybe it's the failed history major in me.   Maybe it's the fact that my first job was
working for a company (CompuServe)  that was doing commercial packet switching
in 1972.   Maybe its the fact that I lived through the last half of the war and have met
some of principals (Vint Cerf), but I found this interesting.

There may be no imposing garnet Pennsylvania monument looming over the digital battlefield, but I somehow thing the legacy of "rough consensus and running code" will be far greater and longer lasting.

Cicadas in NoVa: imagine an entire forrest that sounds like a Star Trek TOS phaser set to overload.

Cicadas in NoVa:  imagine  an entire forrest that sounds like a Star Trek TOS phaser set to overload.

org·i·fy
tr.v. org·i·fied, org·i·fy·ing, org·i·fies
  1. To convert something to org-mode; to organize.
  [Late Latin orgificre, to make org-like : Latin orgificatus, orgish; see org- in Indo-European roots + Latin -ficre, -fy.]
  orgi·fi·cation (-f-kshn) n. orgi·fier n.

Examples
  * "The orgificaion of my .emacs file is complete"
  * "To orgify, or not to orgify, that is the question"

"Org-mode in Your Pocket Is a GNU-Shaped Devil" (repost)

Truer words were never spoken.  From Michael Hall:

Org-mode in Your Pocket Is a GNU-Shaped Devil

"With Emacs, you don’t just go “la la la … I’m gonna add org mode back and call it a day!” You think to yourself, “I love org mode. I wish there was an easy way to turn an e-mail message into a todo …” and the next thing you know you’re dealing with how to configure GNUS.

Then you think “All my calendar stuff is in Google calendar … how can I get it into my org mode agenda?” and that means you’re off reading this guy’s page and just getting angrier and angrier.

Then you go in the kitchen and make a drink, and while you’re making it and calming down you think to yourself, if I’m doing all this stuff in Emacs anyhow, what would it hurt to follow Twitter in Emacs?

Now you’re not drinking because you’re angry … you’re drinking because you wonder what happened to you and it makes you sad. But you’re drunk, so it seems like a perfectly good idea to build an entire Web site using nothing but Emacs because then you can get a LaTeX version of it for if the asteroids hit and their radiation destroys all HTML. And having decided to do that, part of you thinks about how glad you are you have org mode, so you can organize the lengthy process of making sure you never have to leave Emacs again."

Correlation or causation?

Edward Tufte: New ET Writings, Artworks & News

Time to check out alternative sources for android apps

Breaking: Google Has Begun Purging Ad-Blocking Apps From The Play Store

Bullet lists dilute thought

Edward Tufte forum: Lists: design and construction, by Edward Tufte

As a heavy http://orgmode.org user I'm going to have to chew on this one.  It is my subjective experience that org-mode promotes thought.  It allows me to quickly capture, arrange, document and support my thinking (and coding).  In addition it effortlessly promotes transformation of my outlines into a myriad of output formats (TeX, PDF, HTML, text and,  yes, ms-word and PPT if one must).

Maybe the difference is I'm usually describing code, data and analytical processes rather than business plans or marketing pitches.

But this (as most things Tufte says) is well worth pondering.

And I just used sentences, not bullet points to begin exploring the thoughts.

ShmooCon 2013: Experiences and Reflections

Here are some thoughts and experiences from ShmooCon 2013.

1 Labs

I spent Thursday morning to Sunday evening working ShmooCon Labs. The labs are a group of volunteers that stand up the networking infrastructure for ShmooCon: fiber, switches, routers, DHCP, DNS, IDS, network monitoring. This is all done in under 36 hours by volunteers using donated hardware (shout out to Matt Hum and Entarasys for providing a metric-boatload of switches, defined as an entire pallet.)

My main support to the effort was helping with the layer 1 and 2 setup early on. Nothing else works until the photons, electrons, frames and packets start flowing. Switch-configs-R-Us. The making of sausages, laws and the innards of hotel wiring closets, telco rooms and NOCs are similarly not pretty.

Enterasys also loaned 50 wireless access points (WAPs). We wound up only needing to deploy 40. The end result was a redundant 10G core (Matt was shooting for 20G but had issues) feeding a 20Mb up-link. There were 3 wireless networks, one open, two secure (well, maybe not, considering the [ab]users). There were VLANs for admin, each of the teams, the wireless networks, and the various sub-events. Palo Alto Networks the the layer-3 firewall, and Liam Randall had Bro running on the Security Onion doing data capture and monitoring. AOL also monitored the network using their newly released tool, Moloch, capturing packets and indexing them. The team brought up IPv6 on the wireless network, because they could. The network "Hum-ed" (sic) along for the required 48 hours, supporting the 1700 attendees needs and various events. Then we tore it all down.

I would highly recommend working labs if you:

1. like to play with networking gear
2. like to make things work
3. want to learn something new
4. have some tool, tech, etc. you want to try out
5. want to work with some great people for a long weekend

The kicker is, of course, that you need to get a ShmooCon ticket before you can register for labs. Thanks to Liam Randall (@hectaman), for giving me his speaker +1 ticket).

2 Talks

The surface level justification for attending cons and workshops is the talks. Here are a few things that caught my attention:

2.1 Opening Remarks

• Bruce Potter said, among other things, that ShmooCon is moving more towards defensive technologies.

2.2 Panel Discussion: Hackers get Schooled: Learning Lessons from Academia

This was an interesting subject. What are the differences between academic papers and conferences and "hacker cons". What's good about peer-reviewed work vs. a random tweet or pastebin entry describing a new exploit? A few quotes (see the video for attribution)

• "Research is the art of failing until you don't"
• "My job as an academic is to disclose. To think of things and tell people.", Matt Blaze (@mattblaze) In the context of discussion of full-disclosure and release of exploits.
• "A new way to own a Cisco router is a one-off, not new, fundamental results". This is part of the difference between what makes a good talk at a hacker-con and an academic result.
• "If it changes the way you think, it's research"
• "Hackers aren't serious, academics aren't useful", Matt Blaze, quoting a possibly-true-at-times truism
• "The best stuff at hacker cons is just as deep as the best academic papers" … in the context of discussion of peer review.
• "Academics and hackers leave different artifacts and have different rewards."
• "The research process can be overbearing/stifling to the hacker process"
• "It's hard to cite a tweet. The hacker body of knowledge can be very ephemeral ", Bruce Potter.

2.3 Panel Discussion: Running a Capture-The-Flag (CTF) Event

A number of the core labs team got together after labs last year and decided to participate in the construction and execution of a capture-the-flag event. This talk shared their lessons learned. Many interesting observations. Watch the video. The one really high level take-away for me is that CFT events are, fundamentally, sociology experiments where technology is only the medium. I'm becoming convinced that this is true of the field as well.

2.4 Talk, Demo: Moloch: A New and Free Way To Index Your Packet Capture Repository

If you thought it was fun to read AIM messages from your friends, why not read all the AIM messages from everyone on your network, and their DNS queries, and their email, and their downloads, and their malware ? Full packet capture, archiving and indexing can be fun and useful for network defense and forensic investigation. Who's running old versions of Java? Who downloaded malware that matches known malware hashes? That's some of what the Moloch tool does. It was released by AOL as open source on github with the aim of doing all that in a scalable fashion (as in, on the scale of AOLs network).

2.5 Talk, Demo: NSM And More With Bro Network Monitor

Liam Randall talked about Bro. He said to "Think of it as a domain specific Python" [for processing packets and network events]. He cover the "Bro Model", which comprised events for packets and higher level network objects, scripting, and the Bro IDS as one ("the first great") application of the object and scripting model, he discussed the scripting model, where analyzers unroll protocols, events are placed in queues and event handlers pull events from the queue. Earlier he had rolled a twitter-bot to post live events to twitter as Bro watched the ShmooCon network (such as people connecting to known malware sites, etc). He provided a number of example scripts, including the twitter-bot, scripts to examine various extracted protocol elements and http brute force detection at https://github.com/LiamRandall/bro-scripts

3 People

The real justification for attending cons and workshops is the people. Networking. Social networking. The in-your-face-not-faceboook kind of social networking kind. I did lots of that. It's amazing how small the social diameter of the profession is.

4 Bling

• How many black T-shirts do you need ?
• The best bling were mice with LEDs and a real scorpion embedded.
• One of my coworkers got a copy of Control-Alt-Hack card game for correctly answering a trivia question.
• The proprietor of SkyDogCon was handing out interlocking M.C.Escher-esq interlocking lizard puzzle pieces.
• Palo Alto Networks was giving away copies of the multiple-ending book "Data Center of Doom", advertising, but entertaining advertising.

5 Pictures

Here are some some pictures of the Future of Banking Summit in Paris, France (do you believe everything you read online ?). Permission given by all human subjects. I didn't ask the sea-gulls.

The sign on the hotel networking rack was amusing, they seem to have forgotten that "All your ports are belong to us."

6 Proceedings, Videos

The presentations and videos will, presumably, be available at http://www.shmoocon.org/archives soon. Some are available now wt https://www.google.com/search?q=shmoocon+2013+youtube

7 FloCon

Lastly, shameless plug. If you like, ShmooCon, consider attending http://flocon.org next year. We focus on large-scale defensive technologies (usually involving Netflow analysis), but, alas, no Shmoo Balls…

Esse aut non esse

If you love Shakespeare, Latin, or ever had any illusion that it is possible to arrive at "a" "correct" translation from one language to another, read on...

Esse aut esse non, illa quaestio est = To be or not to be, that is the question.
Is the Latin correct in the above equation?

http://www.textkit.com/greek-latin-forum/viewtopic.php?f=3&t=11013

"Productivity software"?

Vivek Haldar : Productivity isn't

Locking Cells in OOCALC

How to lock cells.   Because positionally dependent home-brew budget spreadsheets are easy to screw up, and sometimes emacs http://orgmode.org/manual/Tables.html just arn't enough .. Locking cells in oocalc

Python Word Clouds

http://peekaboo-vision.blogspot.com/2012/11/a-wordcloud-in-python.html

Brave new world

Businesses Are Now Combatants in a Cyberwar with China and Iran - Michael Schrage - Harvard Business Review

What are "borders"?

Security Onion on Virtual Box

Reinstalled +Doug Burks's  Security Onion  Security Onion/ @ home.   I find that Virtual Box seems to work better than VMware Player:  vmware player is not happy with promiscuous mode, wants you to "chmod a+rw /dev/vm*", and even then I was not seeing traffic on the bridged interface.  Also, Virtual Box allows snapshots.

Well, looks like I missed all of 2012 posting here.