Is that contract worth it?

     In today’s competitive market there is always a feeding frenzy that circles around many good contracts. This of course leads to bidding wars and not unintentionally either. Big businesses like this type of behaviour because it drives the cost for them down dramatically.

     However from my limited perspective when I see this vulture feeding session, I cannot help but feel like the customer is losing. If companies have to undercut the price down far enough to get the job then there unfortunately going to need to recover that cost from somewhere. Usually this will occur by rushing a job to completion in much less time then is required to ensure a proper job. These tight margins mean the job that was widdled down in price is now done incorrectly. Shortcuts were taken and less visible items were not done. 

     Now depending on what this job is that may not matter that much. Lets now pretend its something core to your business like your firewall. That piece of hardware your relying on to keep your data safe. Well sure you now have a firewall and it may be a top of line brand name firewall like Fortigate. Capable of protecting you like no other but there is a problem. Just because you have a state of the art firewall does not necessarily mean its actually doing anything. Maybe it has been setup just enough to pass through traffic with a handful of rules to make it look good but all those extra features you pay for in your annual service agreement are not being configured and used. The reason is not enough time and money in the budget for the job to be done properly.

     I guess in my mind I would rather not take those jobs because I would not want my company reputation based on that type of work. I would rather do 10 jobs really well then 50 thrown together ones. This method of work may seem like a good idea today. However I can assure you it only takes one data breach on that firewall you setup to ruin your reputation and leave you looking like the trunk slammers who give IT a bad name. Your reputation will land you the right jobs for your business without playing the price wars.

Always challenge your mind!  

Frustration day

     So In light of more recent events I have determined that we are losing something in today's workplace. Some maybe have not have heard of this little thing called Integrity. When did this happen that you could hold a door for someone just for them the slam the next one in your face so they get to be first in line?

What happened to cause a shift in what makes a model employee? Why does it seem like the ones who do the least work but suck up the best get ahead while those who work hard, push themselves and give up a huge part of themselves get held back.

We all know someone like that in the workplace. There the ones who always seem to have an answer to everything and the perfect excuse when things go wrong for why its not there fault. There the ones who come along when the work is done to happily bring it to the boss to look like the hero while distancing themselves things go bad. 

There the ones who shutdown at the end of the day with no willingness to help there fellow co-workers unless of course the boss is looking. These guys somehow get the better pay, perks and positions.
Where would the world be if we always had this mentality? How is it that business owners not see this?

What about a company that comes and asks you to go above and beyond your job for them but wont go above and beyond in pay. How many people have been asked to step up for there employer when times are tough, but when the times are good and you ask for money get met with excuses or conditions.

Where does integrity need to take a back seat. Many of us still hang on to this antiquated idea and refuse to let it go for anything. In the end that silly notion is going to leave you out in the cold and given just enough crumbs to keep you from starving.

The way I see it is this. You cannot make a good career working for someone and keep your integrity. So if you do not care how you get ahead then by all means go get a job where there are a lot of hard working folks you can trample to get ahead.
You want to work and keep your integrity and dignity your unfortunately going to need to work for yourself. If you do work for yourself then you also better keep your eyes open for that company man who clings to you and always seems to be around for the victory lap and not the race. Distance yourself from them because they will only be by your side as long as it serves them and gone when they get a better offer.

Always challenge your mind!  

Pokemon Go Fever

Pokemon Go Fever

     So the new App Pokemon Go, although limited in the locations on its initial release have far surpassed I am sure the developers expectations. The basic concept involves exploring your natural world for Pokemon to add to your collection. I may not be a Pokemon person I certainly love the concept.

Unfortunately it also appears this app is quickly becoming a victim of its own early on success. Now the limited release locations have people trying many clever work arounds to try and get this game running in areas that are not yet supported. This of course opened the flood gates to all sorts of malware and exploits. 

Getting the software from untrusted sources to install on your device early has been one of the effective delivery modes for many types of mobile malware. This leaves your device exposed and your identity potentially compromised.

     The next part is the physical dangers that are now apparent with this neat little game. People are being lured into places where there being robbed and putting themselves at risk without giving it a second thought. This more then anything i find disturbing. This is a game so many are out there playing and many of these players are kids. 

This type of game is so clever I have even thought up many interesting app ideas that would use the great augmented reality I will call it. Social side of this could be fantastic. I envision an app where you can leave digital bread crumbs to lead others on a trail you like to walk. Or to a little romantic dinner for your love interest. The possibility of something like that would be limitless. The only problem i have besides not having the technical skill to write this program would be how do we educate people before they use it.

All good ideas like this will always attract undesirable people to try and exploit it for bad reasons. 

In the end this is a great way to get off your butt and have fun while doing it. If your safe I see this having potential and hope to see some more open games like this for non Pokemon fans.

Here are my few simple tips if your planning on getting the Pokemon fever,

1. If possible bring a friend with you on your adventure

2. Never venture into places that you otherwise would not feel safe to do so.

3. Private property is never a good place to play without permission

Last but not least. Trust your gut, If it feels unsafe it probably is.

Always challenge your mind!   

New Horizons

     New Horizons

Today mankind has made a tremendous leap.about 365 million miles at there closest kinda leap.
Seems like we just did a close flyby with Pluto. Data will be trickling in for years because of that. What makes this Juno probe so exciting is not the little Aluminum Lego figures though they do certainly provide a garnish to the whole project.

We put something in orbit around Jupiter. Our big gas ball that has captured our imagination for years. The red spot growing and fading, the red spot Jr. that paid a visit. What is going on underneath that hostile outer layer. What mysteries our waiting to turn are conventional minds upside down.

Over the next few years I am sure were going to learn a tremendous amount and be left with even more questions.

     As a boy I grew up with Star Wars and Star Trek where a journey around the solar system would have been nothing more then a quick jaunt around the block. The books I read made the universe seem so full of adventure and excitement. Now while those were just stories they still captured imaginations of millions. These are what we need to drive our race to a greater future . When we look inward were faced with countries isolating themselves, separating and building more barriers. These barriers serve to limit the human race like the dark ages more then help. We identify with labels for who we are. This person is gay, this person is lesbian. Or Muslim, black Hispanic and so many other labels I cant keep them all straight anymore.

Maybe the idea is to stop labeling ourselves into smaller groups and start labeling us all as humans, people of Earth. A race of people who by uniting together can conquer the stars and planets. These milestones like the Juno mission should remind each and every one of use that were not separated by borders, languages, religions and any other label we walk around with, but united by one big blue rock filled with an amazing civilization.

     Lets start looking outward to bigger adventures and stop holding the bus with so much separation. There are still many more planets our there we can be sending probes too. Many opportunities to even start our own space adventures out among our neighboring planets. If we can inspire and drive everyone to look beyond our little differences.

As always do not be afraid to challenge your mind!  

Expectation of Privacy

Expectation of Privacy

So there was a court ruling I am sure everyone has heard about by now where a district court ruled the FBI hack did not require a warrant. The part that specifically has me put off is described in this excerpt from SC Magazines article

"The judge explained that IP address data is already shared with third parties such as ISPs and, in the case of Tor, anonymous node operators, and therefore such information is fair game for authorities. "

I should note I am not American but Canadian however we know many of these laws can effect us up here as well. How can your IP being shared with ISP's be an argument for no expectation of privacy? Who truly owns IPv4 addresses then? If using them is ground for forgoing privacy I think we need to really give another thought to the internet in its current form.

I wonder if someone was to hack the FBI network if they could use the same argument as a defense. They have no expectation of privacy when there IP is shared with ISP's. Or any government organization. I feel like this ruling serves to destroy the internet and everything it represents. While I do not advocate for the dark web, and have little desire for it I cant help but feel these types of acts regardless of the noble reason for it make that uncontrolled web a better place.

This level of policing would be no different then allowing law enforcement and government agencies the right to walk into your home as they see fit. No organization should have this level of power. I think the following quote from Benjamin Franklin really serves better in these changing times then it did back then.

"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. Those Who Sacrifice Liberty For Security Deserve Neither. He who would trade liberty for some temporary security, deserves neither liberty nor security"

Benjamin Franklin

     I do believe these 3 letter government organizations  believe there doing what is right. I also believe sometimes there actions do a lot of good. The question that nags at me is at what cost? At what point does a groups good intentions become controlling? When they can operate without any rules then that power will ultimately corrupt the system. Sure there is always talk about outside overseers to monitor these groups. How much do they really get to see. It is no secret anymore with the Snowden leaks and many others that the ones who are there to oversee and protect us from our own power groups is just a feel good gesture more then effective body.

     Where will the line in the sand be drawn? How much privacy are you prepared to give up for a fabric of security that seems more like farm where we are the cattle penned in our own little paddock? I for one think the debate about law enforcement having the right to all decryption keys will come to a head very soon.

     My prediction for the future if we don't make a stand today will be simple. They will continue the cat and mouse game only until they can no longer bust current encryption. That will be the point where it will become illegal to use without being branded a criminal.

I for one love living in a Democracy and believe its worth fighting for. However it is starting to look like maybe we do live in the Matrix. The illusion of course is democracy, and if you discover this then you might find yourself in your own bit of trouble.

As always do not be afraid to challenge your mind!   

Sources used:

The fantastic article written by SC Magazine and there talented staff

http://www.scmagazine.com/district-court-judge-fbis-hacking-trick-does-not-require-warrant/article/505615/ 

The Ben Franklin quote

https://en.wikiquote.org/wiki/Benjamin_Franklin      

The Human element

The Human element

     In an age where we cannot live without mobile devices and all our information is online most us us never give a passing thought to what this means and more importantly how to keep it safe. If you employer hands you a check for a million dollars and asks you to keep it safe, you rush off and put it in the bank or a safe. We know what to do to protect the tangible things we are given. 

     What were not so good at is knowing how to protect the confidential document that we were emailed by the boss which we were equally entrusted with to keep safe. The computer age in the modern workplace is still relatively new. Many of the workers in the work place may have even predated the computer on every desk revolution. 

     

     I am sure if you have worked anywhere by now you have been given the line that I am not good with computers or they don't really like me. A good number of people in your office will likely fall in the group of non computer users. These users can be a challenge and may even be safer using an old paper and pen method. How do you protect these users? Do you just shrug them off and leave them to there own devices? Do you even think of them as a part of your Cyber Security defenses? Are these users you need to continue to repeat the same lessons over and over?

I see in many of the companies I visit the shrug them off strategy. We fix there immediate problem and wonder off. Yes I do get these users are sometimes a tremendous challenge and can be a burden to your IT staff. However much like learning to walk or ride a bike we fall over and over much to the frustration of our teacher until we don't. There is that moment when it all becomes very clear and all the repeated lessons just make sense.

     So why when we know that our users are the biggest risk in our organization are we prepared to spend tens of thousands of dollars on a single Firewall are we hesitant to spend a few thousand dollars to develop and maintain an on going education program for our employees. We have an IT budget that encompasses the hardware and software, even our IT staff. Why do we not also put some aside for use here? 

     Imagine the cost of a single data breach. or the constant flow of accidental data outside our company infrastructure. These costs usually lead to the termination of the IT Manager and a lot of lost revenue. Usually just one of these breaches equal the cost of a decade of training.  The threats to our network change every day. This increase is going to cost billions of dollars that may have been saved if we took the initiative. As an IT guy I know the challenge of keeping up with all the latest threats. Many are technical certainly but the way these end up in our network is often not.

I guess the point of this is simple. We need to view our employees as part of the entire IT infrastructure and like our annual licensing costs we need to be spending an annual amount to ongoing training. You may never see this in a monetary return of savings, you will see the loss of money if you do nothing.

As always do not be afraid to challenge your mind! 

Your Identity

Your Identity

     Over the past few months there have been literally hundreds of millions of user accounts compromised across many large sites and services from Twitter to UTorrent.

Each time your personal information ends up in jeopardy and on an auction block in the DARK WEB.

     I am starting to wonder why we even bother. As it stands we know our personal information is not safe as the last year has demonstrated. What should we do. How much money is the criminal element making off of your life.

     I am starting to think I may as well sell my own personal information in order to put the profits in my own damn pocket. What recourse is there when you lose this sensitive information. What do we get when this happens besides a password reset and an apology. 

     

     Now let me ask this. How many people just decide they have had enough with certain sites and the lack of security so they close there account. Do you really think they remove your account information thus putting your identities security back into your own hands. Or do they hold it close until the end of time? What if when you close your account you want all your data completely purged do you get this choice. I am guessing no to all the above questions.

     So if my assumptions are right on the above that once your in there systems your now permanently forced to trust they wont lapse in security. One thing is clear is the need to improve the protection of people who are signing up to online sites and services. What this protection is remains a challenge as many of these sites could be in different countries in the world. This is evident in the lack of effect the Anti-Spam laws introduced in Canada were. Foreign entities just do not have to play by our rules.

     I guess if I was to pick a starting point for how I would shape the future of online protection for the people it would be as follows. I would mandate sites must identify the countries there servers will live in. Giving users an opportunity to make an informed decision on if they want to put there personal information in an environment that is not in a country with strict cyber protection rules in place. 

     The second part is the ability to have a user submit a request to close there account and the site/service hosting this would have a window of time in which to remove ALL personal data for this user. Sure if they want they can provide an option for people to opt out of this purging though i cannot imagine anybody wanting to.

     One thing is clear through all of the breaches is that doing nothing just is not an option anymore. You have one identity unless your a super spy and should have the right to protect it. There needs to be an international body that can help create a set of rules and policies that all countries should follow and publicly identify those who do not.  The future is coming fast and our policies are just not adapting quick enough. 

As always do not be afraid to challenge your mind!