Selasa, 31 Mei 2011

Making the ultimate exercise equipment on the cheap!



Exercise equipment is great, but can have a lot of drawbacks. To name a few, exercise equipment is a bother to move around, takes up space in the home, and is expensive. I prefer to use dumbbells for weight lifting but at about $1/lb it can get expensive to upgrade my weights. Not only that, but I find that since I move around a lot, lugging the dumbbells around is not very practical.

I have decided to solve this problem by making the ultimate exercise equipment!

Read article »

Sabtu, 21 Mei 2011

Five Qualities of Real Leadership

I've noticed coverage of "leadership" in IT magazines recently, but I'm not comfortable with the approach they take. For example, this editorial in CIO Magazine titled Leadership Isn't a Fairy Tale After All has "Personal attention and hands-on involvement can make good IT managers great IT leaders" as the subtitle. The text then says:

Our story spells out detailed tactics and practical ideas that CIOs can use to turn good IT managers into potentially great IT leaders...

You’ll notice a strong thread of personal attention and hands-on involvement from the very top at the companies developing a strong bench of future leaders.

At REDACTED, for example, the CEO walks the walk on one-to-one leadership development by holding regular career conversations with his senior leadership team. His CIO, REDACTED, then makes sure that style of direct communication flows downward to the IT team. “If you don’t take time to talk to people about their professional development,” REDACTED notes, “it just doesn’t get done.”

REDACTED is another bright light in this realm with a program called The Lab, which fosters leadership development across various business units by bringing together 30 of them at a time to form strategic problem-solving teams.

And at REDACTED, CIO REDACTED connects on a more personal level, emailing coffee-talk questions to her global staff every two weeks to get conversations going on everything from personal dreams to world views.


In my opinion, "regular career conversations" are a form of coaching, not leadership. Forming "strategic problem-solving teams" is management, not leadership. Finally, "emailing coffee-talk questions" is banter, not leadership.

So what are the five qualities of leadership, at least in my experience?

  1. Leaders develop and execute a vision; they do not follow trends set by others.

  2. Leaders embody strong core values and do not sacrifice those core values in order to advance their personal careers.

  3. Leaders' actions demonstrate a focus on their people, not themselves, and that focus on the people takes care of the mission.

  4. Leaders work to "make their people look good," rather than making the boss or themselves look good.

  5. In the darkest hours, leaders put themselves personally at risk for the good of their team.


Notice the contrast between these five principles and the previous guidance. My focus is on actions, whereas the other ideas focus on communication. I do not discount the value of communication, but with leadership the deeds matter far more than the words. It is helpful to have coaching, mentoring, managing, and so forth, but these concepts are separate from leadership.

If you're wondering about the image for this post, I wanted to show a picture from the movie We Were Soldiers, based on the book by Lt Gen Hal Moore and Joe Galloway. Then Lt Col Moore (portrayed by Mel Gibson) always landed with his air cavalry troops, in the first helicopter, and was the first person to step foot on adversary soil. He was also the last person to leave. As he wrote:

When we step on the battlefield, I will be The First Boots On and the Last Boots Off.

And he didn't just say it, he did it. That's a leader.

CIO Magazine Realizes "IT Alignment" Is Dead

I took a look at the newest print edition of CIO Magazine and saw the story IT Value Is Dead. Long Live Business Value. (Registration is needed for the whole article, but you don't need it.) The article includes these gems:

The end of IT-business alignment is nigh. And no one is happier about it than the business-focused CIO.

“If you stand in front of an audience of CIOs and start talking about IT-business alignment, at best you get eye rolls, and at worst you get people walking out of the room...”

[A]lignment, it turns out, is not the ultimate end for corporate IT. In fact, says Dave Aron, vice president and fellow in Gartner’s CIO Research group, the language of IT-business alignment—encouraged and endorsed for more than a decade by industry analysts, consultants and, for a time, this magazine—is now dangerously counterproductive, setting IT apart from the enterprise even as technology itself becomes more inextricably entrenched in it.


You heard it here already! For example in this Tweet:

I reject the notion that companies have "business" elements to which the "non-business" must align. There's only one business, or should be.

I'm pleased to see organizations like CIO and Gartner connect with reality. Now we have to see how long it takes to banish "IT alignment" talk from the mindshare of other publishers, speakers, and so-called thought leaders.

Rabu, 18 Mei 2011

Bejtlich Teaching at USENIX Security in San Francisco 8-9 Aug

For the first time in four years, I will teach for the USENIX organization! I'm pleased to announce that on August 8-9 at USENIX Security 2011 in San Francisco, I will teach a special two-day edition of TCP/IP Weapons School 3.0.

This class is designed for junior and intermediate security analysts. The "sweet spot" for the potential student is someone working in a security operations center (SOC) or computer incident response team (CIRT), or someone trying to establish one of those organizations. The class is very hands-on, and focuses on labs and discussions. There are less than 10 slides at the very beginning of the class, and I build the flow of the class based on what you want to hear.

If you would like details on the class, please see the linked site. You may also find my announcement for my Black Hat sessions on 30-31 July and 1-2 August to be helpful too. It will be a busy few weeks this summer but I'm looking forward to seeing you learn the investigative mindset needed to detect and respond to digital intrusions!

On a related note, I received a very positive response regarding a possible class in the northern VA area this fall. I will work out the details on that and try to post information as soon as I figure it out. Thank you.

America the Vulnerable Arrives This Fall

Today I attended a talk by Joel Brenner, formerly national counterintelligence executive (NCIX) and now a lawyer with Cooley LLP. He talked about the threat to national and economic security posed by our overseas friends. I was most excited to learn that he has a new book arriving this fall titled America the Vulnerable: New Technology and the Next Theat to National Security. Given his experience as NCIX, his former role at NSA, and his current role with intellectual property defense at Cooley, I am looking forward to reading this book!

Senin, 09 Mei 2011

Some tips for hand made cards


Growing up, I remember my older brother was always really good at making cards. I don't remember if he actually taught me how to make cards, or if I just picked it up from watching him make them, but I have also come to enjoy the art of card making. It is something that can be somewhat time consuming, but I think it means a lot more to someone that you spent the time to make something yourself than you going out and buying something.

I don't claim that my cards are anything super fantastic; it is just something I enjoy. Here are some tips for different things I do that might help you out when you decide how to make your own personalized cards.

Read article »

Kamis, 05 Mei 2011

RAW Photo Editing - Darktable Review/Tutorial



As I have continued to play with RAW images, and have been continually looking for the best software. Previously I had mentioned that RawTherapee was my favorite RAW editor. Looks like it has been bested by Darktable. Darktable is amazing! I have done a video tutorial/review as well as listed some pros and cons.

Read article »

Rabu, 04 Mei 2011

Opting Out of Junk Mail

This is a list of links to take you to company pages where you can opt out of receiving junk mail. If you would like something else added, please add it in the comments below.

Banks

Chase

Bank of America

Wells Fargo

Senin, 02 Mei 2011

Security Process Document

I've created four separate documents outlining The Security Process for a consultant. The documents detail work flow from initial client meeting, to engaging The Security Process, and transitioning to monitoring/training of completed work. My text is intended as an outline for consultants and clients interested in understanding the steps of the The Security Process. The text is intended to function as a guideline to the process of developing security independent of operating system, network or company size. Additionally, the document is designed to function independently of associated disciplines of computer security: cryptography, network security, auditing, forensics, REM (reverse engineering of malware), secure authentication, etc. This document is an outline only at present. I hope to update it with more information.

Chapters include:
First Contact: Small Business Work Flow for The Security Process
Designed to help screen client needs during the first phone call or meeting.
Second Contact: Templates for Managing Expectation For All Clients
Designed to generate ideas for the first PowerPoint Presentation.
The Phases of the Security Process
A brief overview of the phases in The Security Process.
Frequently Asked Questions
A list of questions you should be able to respond to with some level of competence.