So I’ve been dropping hints about this since July or so. The biggest hint was on my “Raspberry Pi Projects” entry from September. Since then I have been told by the editor of The Linux Journal that the article is going to be published. It will be in either the December, or January issue. I hoping January, because that’s the annual security issue.
Short version, 6 Raspberry Pis, 6 wireless cards, a laptop, 1 switch. About 4% the cost of a large network vendor’s commercial version.
I’ll be submitting this talk for the 2015 Conferences I go to. (Planning on Circle City Con, DerbyCon, and GrrCon).
(oh, and this is the second publication I’ve done. The first one was a book review for “The Ethical Hacker Network” back in 2010.
This year a 17 year old woman, Malala Yousafzai, won the Nobel Peace Prize. Actually she had to share it with someone else, but that’s besides the point. She got it for her fight to get women in Pakistan education.
But around that same time, there was an article on NPR called “The Crime That Has Shocked Pakistan“. The story was about a philanthropist in Karachi, Abdul Sattar Edhi, being robbed. He created a private ambulance service, and some of the residents in Karachi trust his foundation with their money instead of the banks.
But the thing that stuck me, was his being robbed was a large enough story in Pakistan, that NPR covered it. From the sound of the article he sounded like he was bigger news than Malala Yousafzai winning half the peace prize. But the NPR article did touch on her briefly. “Pakistanis tend to portray the teenager as a puppet of the West“. (emphasis mine).
That kind of shocked, as at the time, even on NPR made it a big deal. Then I remembered from my time as an Anthropology student. It is all culturally relevant. To us, it’s a big deal, because she’s bringing our (the west’s) form of equality. To her media, she’s pushing the West’s agenda for the future, while he brings them medical services now.
Yes that seems like a generalization, but it is partly based on my own experiences. We seem to be great at talking to each other about what the message is, but if we’re talking to another “non-info security” professional, we can’t explain things in ways that work.
Selil, and I were talking about education before his panel talk. The thing that stuck me was his analogy of how education works. High school is about making people consumers. The Bachelor degree is about making sure people have knowledge and skill to make things. The grad schools after that are about focusing and specializing. Masters degrees are more skilled and focused than the Bachelor. The Doctorate degree is the pinnacle of focus. Thinking over some of the conversations I had at Derbycon, that makes a great analogy for our industry too.
Here is how I saw the the pyramid structure above fit to our industry’s conferences.
The Attendee badge holders really are the equivalent of the high school graduate. Some of them are just getting in to the industry, while others are just the consumers of what we have to say.
The Bachelor grads are mostly the vendors. They have things they make to be consumed in mass. This isn’t a bad thing. And some of them are groups, made up of people of different levels.
The Master and Doctorate students and grads would be the speakers. The specialized knowledge and content that the consumers are there to learn. Some of us are better than others, but we’re all the ones digging deep and submitting the talks. Yeah sometimes people at this level are at the con and not speaking for various reasons.
While I love Derbycon, and the people I meet, I think I’d like to see less of the consumers. I’m not saying become elitist and not invite them, I’m saying I want to see those of that have specialized in things enough to give talks to encourage others to get up and talk too. I know you can’t have a con with 2000 speakers, but I think we need to get people out of the consumer side and in to the skill and knowledge side.
The news wires reported General Keith Alexander moved in to the private sector, and offering his services to finance companies for a million dollars a month. This is the person that took control as the director of the National Security Agency on August 1, 2005 and left in October 2013 (Wikipedia). Remember, that was after the Edward Snowden leaks came out.
Which really leads one to wonder were those really leaks, or was that a case of we know this is compromised lets make it public knowledge so we can hide the real data. Here is an interesting thought, is Snowden really still working for the U.S. Government?
If you’ve read the Cryptonomicon or seen the Sherlock episode “A Scandal in Belgravia“, you probably know what I mean. For those that need a quick refresher – let assets of lower value go, to hide the assets of higher value. Blow up planes with dead people on them, instead of letting real passenger jets get blown up. Let a German U-Boat sink a freighter or get past the blockade to keep them from realizing that the codes are broken.
The C-Levels at banks should be asking some hard questions if Gen. Alexander is showing up offering them service. Like what really happened on the Snowden watch. How does that failure make his people qualified for the private sector’s needs? Yes while Gen. Alexander may have some Government related attack sources, we already have that in the private sector with Infragard, and the different breach reports.
I submitted two talks, to circle city con. Both were accepted.
One is a group presentation on EMU’s campus crime.
The other is my Intelligence Analysis 2 research project.