Wednesday Feb 8

Archive for the ‘Random-izations’ Category

« Older Entries
Newer Entries »
Feb
05/10
The Rugged Software Manifesto: Walking the Walk
Last Updated on Friday, 5 February 2010 05:34
Written by jj
Friday, February 5th, 2010

I was excited recently when I learned a group of trustworthy, security-minded people had committed to a meme to promote the ideas and culture of secure coding. We hear talk daily among practitioners and victims alike, musing about secure applications, secure programming and building security into code from the foundation.

Here, my friends is an opportunity to BUY IN to the program and WALK the WALK instead of just talking the talk. Ladies and gentleman, I introduce to you The Rugged Software Manifesto.  

What’s in a meme?
A rose called by any other meme.. No, seriously. A meme is a postulated unit of cultural ideas, symbols or practices, which can be transmitted from one mind to another through speech, gestures, rituals or other imitable phenomena. (The etymology of the term relates to the Greek word ?????????? (pronounced /m?met?smos/) for “something imitated”.) … so says Wikipedia

The Rugged Software Manifesto

  • I am rugged… and more importantly, my code is rugged.
  • I recognize that software has become a foundation of our modern world.
  • I recognize the awesome responsibility that comes with this foundational role.
  • I recognize that my code will be used in ways I cannot anticipate, in ways it was not designed, and for longer than it was ever intended.
  • I recognize that my code will be attacked by talented and persistent adversaries who threaten our physical, economic, and national security.
  • I recognize these things – and I choose to be rugged.
  • I am rugged because I refuse to be a source of vulnerability or weakness.
  • I am rugged because I assure my code will support its mission.
  • I am rugged because my code can face these challenges and persist in spite of them.
  • I am rugged, not because it is easy, but because it is necessary… and I am up for the challenge.

Join

If you want Rugged Software, join us and help define the principles, and technologies that will help others become Rugged too. Our first project is to define how people and organizations can know if they are Rugged.

Learn more and join at http://www.ruggedsoftware.org/.
Follow on twitter http://twitter.com/ruggedsoftware.
OWASP Rugged page at http://www.owasp.org/index.php/Rugged.

# # #

Tags: , ,   |  Posted under Industry Insider, Random-izations  |  Comments  No Comments
Feb
05/10
Terrorizing Martin During My Interview by SFS Podcast
Last Updated on Friday, 5 February 2010 03:55
Written by jj
Friday, February 5th, 2010

If you’re up for a bit of audible Friday humour, check out the SFSP (Southern Fried Security Podcast) Episode 5, where I try to terrorize Martin with off-the-wall responses while he’s interviewing me. I definitely caught him off guard on a few early replies. While I was mildly successful in that piece, I was even more successful in dodging Andy’s harassment by confirming the scheduling on super short notice.

Martin caught me on a day when absolutely nothing was going as it should. I was at the office late, fighting with what seemed to be a firmware issue and what turned out to be a VM issue, after two days of wrestling with it.

All I have to say for myself is:
1. Who doesn’t like Asian women, really?
2. Newfirmware is only two words if you add space there. It’s like Newfoundland; that’s one word.
3. Sorry Andy, I was working on a tight schedule. *cough*
4. I slipped Valentino Rossi into my security interview.
5. NAC isn’t dead. NAC isn’t dead. NAC isn’t dead.

What did we talk about? We started with their customary (non-IT) 10 preliminary questions, followed by more serious discussions of information security, dealing with management, and of course NAC.

Interview with Jennifer Jabbusch
    – Martin sits down with JJ to talk about life, security, and Asian women
    – Notice how Martin conveniently schedules interviews when Andy isn’t available. :)
    – Notice how Martin is the person all of the nice interviewees *want* to talk to…  ;-)
    – In all seriousness, the audio quality of the interview isn’t 100% (Skype drops and Martin thinking he was muted) but what Jennifer has to say is so good we want to be sure you get a listen

Here are the links you’ll be looking for:

# # #

Tags: , , ,   |  Posted under Industry Insider, Random-izations  |  Comments  No Comments
Oct
16/09
Mystery Solved: SQUIRREL (An Ode to…)
Last Updated on Wednesday, 10 February 2010 06:20
Written by jj
Friday, October 16th, 2009

An Ode to SQUIRREL

For months I’ve wondered
with eager anticipation
how Hoff, Jack and crew
created this new SQUIRREL Nation

I prayed, I questioned, I pondered
for mental emancipation
but the enigma just grew
until I clicked the Disney station

And so now I’ve uncovered
the source of SQUIRREL’s creation
I bet no one ever knew
about the SIMP-elation

I present to you all
for your viewing pleasure
the definitive source of SQUIRREL

Happy Friday !

# # #

Tags: , ,   |  Posted under Random-izations  |  Comments  2 Comments
Aug
17/09
Quick Update for Feed Subscribers
Last Updated on Saturday, 28 January 2012 06:43
Written by jj
Monday, August 17th, 2009

If you’re viewing this in your feed reader of choice, or perhaps just online at the site, I wanted to let you know about the email updates I’m sending out.

This is your notice and opportunity to hop on the email subscription list before the next set of sneak preview content is sent. (more…)

Tags: , ,   |  Posted under Random-izations  |  Comments  No Comments
Aug
13/09
Support HFC and Sport a Three-of-a-kind Shirt
Last Updated on Thursday, 13 August 2009 10:50
Written by jj
Thursday, August 13th, 2009

As most of you may know, we have had the pleasure of hosting Johnny Long to speak at several events in the Southeast area, including our own Carolina Advanced Digital-hosted IT Hot Topics Conference hosted annually for customers.

And many of you probably know Johnny and his family embarked on a great adventure this year by MOVING to Africa. You can read the entire story of “The Long Journey” on his blog site to get a little background on the story.

We have a pretty tight community here, in the security world. When one member of our community undertakes a challenge such as this, we all tend to adopt the burden and try to help however possible.

And so, now we’re asking you to participate too – by checking out these one-of-a-kind t-shirts up for auction on eBay. You’ll see these shirts have been signed by some prominent names, including Johnny, Dan Kaminsky (he who keeps breaking the Interwebs), Jeff Moss (founder of Black Hat and Defcon), Kevin Mitnick (famous hacker turned author), Joe Grand (from Prototype This) and many others.

Right now these shirts are bidding from $30 – $70. This is to support a family’s efforts in Africa. I’d like to see them each go for a few hundred dollars. It’s a great investment!

Bid now. Auctions end Tuesday, August 18th around 9:00pm Eastern.

About the Charity T-Shirt Auctions…
All of the proceeds from these auctions except the ebay auction cost will be donated to “Hackers for Charity” http://johnny.ihackstuff.com/

These Shirts were Signed by Most of the Big names at Defcon 17.
Anyone that attended may have seen these shirts displayed at the “Hackers for Charity” booth on Sunday.
Everyone online and at defcon has seen the black “I hack charities” T-shirts. But not many have seen the white ones.  Well that is because there were only 4 white shirts printed!  Johnny Long has 1 and the
other 3 were all signed by the people below for these auctions. Each shirt is unique with the location of the signatures and the quotes written by the signers.
These shirts were signed by:
• Johnny Long 
• Dan Kaminsky
• Jeff “The Dark Tangent” Moss
• Kevin Mitnick
• Joe “$Kingpin$” Grand
• Bruce Potter
• Nikita
• Priest
• The Entire 2009 CTF winning team
• and many others.

Where to Find the Auctions

# # #

Tags: , ,   |  Posted under Random-izations  |  Comments  No Comments
« Older Entries
Newer Entries »

More Content

Find more of my content at
- Low Tech Hacking book
- Dark Reading
- Network Computing
- IANS
- SearchSecurity
- TechTarget

Get Social

RSSFacebookLinkedinYoutube

Topics