Random links #14

Written on 26 March 2019, 07:01pm

Tagged with: , , , , ,

Kano allows your kid to build their own computer and learn to code. It’s an amazing tool that will help your kids improve their digital skills.

Make your own computer. Then learn to code

*********

Trypophobia is an aversion to the sight of irregular patterns or clusters of small holes, or bumps. Didn’t know this is really a thing…

Lego bumps

*****

Glass vs plastic when it comes to bottled water

When glass is recycled it gets turned in to more glass. It can be recycled over and over and never lose its integrity.
Plastic bottles, however, are not recycled into plastic bottles. The plastic loses its integrity and needs to be turned into something different such as plastic lumber or carpet padding. Because of this, some people say that plastic isn’t truly recycled; it’s downcycled.
Every time a product is packaged in a plastic bottle, jar, or other container, it’s new plastic. All new resources went into making it. Glass jars, on the other hand, can be made from recycled glass. 

https://www.mnn.com/food/healthy-eating/blogs/glass-vs-plastic

******

Protanomaly: a type of red-green color blindness in which the red cones do not detect enough red and are too sensitive to greens, yellows, and oranges.
As a result, greens, yellows, oranges, reds, and browns may appear similar, especially in low light. It can also be difficult to tell the difference between blues and purples, or pinks and grays. Red and black might be hard to tell apart, especially when red text is against a black background. Read more

******

How to Build a Successful Career in Information Security / Cybersecurity
Some great advice from Daniel Miessler:

  • learn to code
  • build your lab
  • build your portfolio of projects (make sure you own your data)
  • practice with bounties
  • get involved – contribute to open source projects
  • be active, engage in conversations
  • network with others
  • participate to conferences
  • find a mentor
  • get certified:
    CISSP is the closest thing to a standard baseline that our industry has. It’s actually better than a computer science degree in a lot of organizations
  • most importantly: have passion!


Some notes following the Identity Management Europe event, 14 March 2019, Frankfurt.

  • Ever wondered which are the biggest risks that we face? According to the World Economic Forum, a massive data fraud/theft or a large scale cyber attack rank in Top 5 most likely global risks, while the large scale cyber attack has the 7th most devastating impact. Worrying, no?
  • The fraud triangle: pressure (motive) – rationalisation – opportunity
  • Need-to-know – has strictly limited use cases (it comes from the military). In real life, we want the information to flow – don’t kill the business. There is always a fine balance between over-entitlement (leading to security risk) and under-entitlement (business risk).
  • MFA with yubikeys is the Graal of authentication – superior to everything else.
  • NIH: Not invented here: the strong bias against ideas from the outside.
  • Build vs buy: the main advantage of ‘buy’ is the fact that it allows the customer to concentrate on their core business.
  • In the cloud infrastructure there is the concept of zero trust. Deny all by default. Never trust. Always verify. Never trust the client. Never trust the server. Never trust the network.
  • Friendly reminder that the cybercrime became a 1.5 trillion business

Some emerging technologies:

Finally, some notes on automation:

  • Robotic process automation can be used for automatic testing (auto-filling of forms)
  • DevOPS (combining responsibilities of DEV, Q&A and OPS) – only possible if a big chunk of the work is automated
  • Workflow: Code > Build > Test > Deploy > Monitor – all of this automated (maybe except for the coding part 🙂 )
  • Remediation using automation: service not responding: auto-restart; load spike: auto scale instances; service fail: redeploy a new instance
  • Use automatic monitoring tools to detect bugs before your users (Splunk)
Rainy Frankfurt

Random links #13

Written on 19 March 2019, 10:20am

Tagged with: , , ,

Biohack is just a fancy buzz-word for common-sense advice about improving your life. The most important ones are:

  • sleep well
  • eat well
  • move
  • spend time in nature
  • socialize

********

I am currently reading Solenoid, by Mircea Cartarescu, a surrealist novel that shows, among others, the challenges of growing up in Bucharest during the communist era.

In a nutshell, the novel is presented as a manuscript of a failed writer who teaches Romanian at an elementary school in Bucharest, hates his job and wishes to find an escape route from the confinement of his body and the three-dimensional world around it.

https://theuntranslated.wordpress.com/2017/11/20/solenoid-solenoide-solenoid-by-mircea-cartarescu/

********

MCAS (Maneuvering Characteristics Augmentation System) seem to be the faulty mechanism behind the Boeing 737 Max recent failure.
If an outside sensor measuring the angle-of-attack reports that its nose is aimed too high, the MCAS is programmed to automatically lower it, allowing the plane to regain speed and lift. But if this sensor is broken (and it looks like there was no redundancy), then the MCAS will be incorrectly trigerred, causing the aircraft to dive.
A longer explanation here.

*********

– If you could convince an organization to take only one action to be more secure what would it be?
Collect less data and get rid of it faster.

*********

A good reason to use the dark theme whenever you can