How not to back up servers....

from the BBC:

Flight simulator site Avsim has been "destroyed" by malicious hackers.

The site, which launched in 1996, covered all aspects of flight simulation, although its main focus was on Microsoft's Flight Simulator.

The attack took down the site's two servers and the owners had not established an external backup system.

While I feel terrible for what the avsim owners/admins/users must be going through, the truth is there was an obvious flaw in their backup plan. Either they did not take the threat of destruction by hacker seriously or they hadn't even considered it. We don't know if the two servers were in the same room or not, which would have been another major flaw in their backup plan.

They obviously were backing up in response to the most obvious threat - a server failure - but the lack of a comprehensive plan means that avsim might be closed for good. Desigining a good protection plan requires analysis of all potential risk, failure to do so could be costly.

FAA web apps contain more than ... what?

According to DarkReading:

A government audit (PDF) has pinpointed more than 3,800 vulnerabilities -- 763 of which are high-risk -- in the Federal Aviation Administration's Web-based air traffic control system applications, including some that could potentially put air travel at risk.

3,800? That is amazing. There must be something very wrong with their processes. The FAA has a lot of data and I get the impression they are struggling to interconnect their systems securely but 3,800? 763 high risk? I wonder how FAA/DOT's leadership will respond.



Security isn't an add-on product or something you worry about later. Security is inordinately expensive and marginally effective unless it's part of the entire process, aka "baked-in". I wonder what the cost will ultimately be.

Man sentenced for stealing, selling gov. laptops

Unbelievable.

I am a contractor, I hate seeing anything that gives contractors a bad name.

You have to see this.

I can't describe it any better than APOD:

What are these humans doing? Dancing. Many humans on Earth exhibit periods of happiness, and one method of displaying happiness is dancing. Happiness and dancing transcend political boundaries and occur in practically every human society. Above, Matt Harding traveled through many nations on Earth, started dancing, and filmed the result. The video is perhaps a dramatic example that humans from all over planet Earth feel a common bond as part of a single species. Happiness is frequently contagious -- few people are able to watch the above video without smiling.

Where the Hell is Matt? (2008) from Matthew Harding on Vimeo.

JSF supporting systems hacked

I don't know how well the JSF support systems are maintained and monitored, even the most secure systems are crackable.

JSF program systems hacked


That being said there are still far too many reports of military, infrastructure, and corporate systems being broken into and sensitive data being stolen. If you consider that only a great minority of actual events are reported and many may not even have been discovered then you must come to the conclusion that there is a real problem with how security is currently being implemented and maintained.

Security is not an add-on feature, it must be part of the solution during the entire life cycle. Failure to consider a broad scope of security issues in at every step of a system from design to decommissioning can only result in failure.

Most security specialists working in production environments should primarily be auditors and advisers; the real security is executed by engineers, admins, and users. Managers, train your non-security folks on security regularly. Failure to do so could land you or your company in the next newspaper story.

Art, creativity and copyright

I lifted this from Amy Stein's excellent blog. (link to post)

** WARNING ** the video embedded in this post contains music clips that contain potentially offensive language. You have been warned.

Most art is a derivative work. The foundation that a work relies on - be it a song, painting, short story, etc. - is a body of knowledge that provides us with reference. The artist ultimately provides the context.

Nate Harrison provides a short history of works derived from the amen break and does an excellent job of placing it in the framework of copyright law and culture. Fascinating stuff!

I'm back

... at least I think I am. I had to kind of close up shop for a while and focus on some family goings on, but I am trying to get back into my old routine.

We will see how it goes.