Tag Archives: Society

Время неприкрытого цинизма в политике

Лента порадовала с утра пораньше статьей о том, что Саудовская Аравия считает недопустимыми комментарии в адрес своей внутренней ситуации и прямо там же отправляет нас к внутренней ситуации в Сирии.

Ну вот так. Вот мы тут занимаемся внутренними делами Сирии, так что вы будьте любезны тоже заняться внутренними делами Сирии. А то, что вы позволили прокомментировать расстрелы демонстрантов в нашем собственном государстве, мы считаем “неприкрытым и неоправданным вмешательством во внутренние дела государства”.

Раньше политика была способом прикрыть и придать достойный фасад действиям государств, средством добиться чего-то не в лоб, а исподволь. Нет, всё, теперь это никому не надо. Они, видимо, так открытость понимают: ничем не прикрытый и откровенный цинизм.… -->

continue reading →

Jacek Lipski – a LinkedIn spammer

I am usually not one to indulge in public bashing of people even when they obviously misbehave but this time I am somewhat annoyed. This guy, Jacek Lipski, indulges in spamming the LinkedIn members in a very irritating manner and tops it off with a ‘fuck you’ attitude. So he deserves a mention for the annals of history.

So, here is the story. LinkedIn is a rather well behaved community. It is mostly for talking about work and business related things, at least that’s the perception, kept up by the service. Therefore you do not expect someone to send you a “friend invite” in order to peddle his wares. Well, not Jacek Lipski.

You see, Jacek Lipski has some kind of a company that he wants to sell but there are no buyers, understandably. So what does the guy do? He sends you an invite on LinkedIn. You think, “well, all right, he maybe wants to talk about my interests in security or just follow what I do” and you accept. And here you get hit with an offer to buy his stupid company.

I complained right back saying that this was not a good behavior, in my opinion. The answer I got back is as close to “fuck off” as one can get:

I am not interested in your private feelings.

Let me explain by analogy. You have an old rusty Chevy from your grandfather that noone in his right mind would even look at. So you come to people in the street and beg them to buy it. They rightly tell you off. And what do you do in return? You tell them to fuck off, of course! That’s same here, only Jacek Lipski is apparently not afraid to get punched in the face.

Well, tell you what. Maybe one day one of his victims will come across him in real life…… -->

continue reading →

Cultural change through the prism of movies

It is so strange to see some old movies nowadays. They have all the “wrong” values in them, did you notice? They teach being assertive, bold, funny, arrogant and non-compliant. That is totally not what we see these days, now it is all either fancy fantasy stories, or all sex and “regular life”. The movies nowadays do not give up on the principles and values, who would watch them then? But instead they place them in such stories that you cannot really associate with them. And the values you can associate with are totally different – being soft and understanding, suffering for your country or your family and so on.

If we accept the premise that all movies are a channel for brainwashing the population, just like every other public communication channel, we would have to ask ourselves the question “Why?” Why is all so different? Why is the change of the values propagated to the population? What are we being prepared for if we need to follow these patterns of behavior? Can you answer?… -->

continue reading →

Software security by problem setting

We had an interesting discussion with a friend of mine yesterday. The discussion was about corporate communication, its failures and difficulties. Well, that’s his job. My job is security. And today I suddenly realized that everything we discussed yesterday about communication was equally applicable to my situation simply due to the human nature.

We try and push security into the company, into the development, into management, into everything. And it does not work. Some people say that it does not work as well as we would like it to but it works a little. I say it does not work at all. All this fake interest in something that can be done instead of working – that is not an interest in applying security. That’s not what we are after.

But the problem is the sane here as everywhere else. Why would anyone want to have security? Why would my CEO want security? He wants some certificate that he can wave around at public speaking occasions and get recognition and, even better, money for it. Why would developers want security? They want to listen to funny stories about security to have a legitimate excuse not to work. But they do not want to implement any security, that’s extra work for them that is not recognized in any way. Why would my customers want security? It’s cumbersome, and annoying, and costly…

So we are stuck in pretty much the same situation: I am trying to give people a solution to the problem they do not have. Or they think they do not have. People are notoriously bad at recognizing future problems and seeing the not-so-immediate outcomes. And that’s why I am failing before I started. They will not accept it because it is not their problem.

And the main million dollar question remains: how to make software security to be their very personal and immediate problem? If I can figure it out, then and only then we will finally have software security.… -->

continue reading →

Advice from IMF: Eurozone must tie closer together

The managing director of the International Monetary Fund Christine Lagarde has figured it all out for us. Her advice is to integrate the Eurozone economies closer together. And introduce more central control over the monetary and economic side of things.

Yeah, right. If we wanted to make sure that the next economic problem anywhere in the EU takes the whole of it down under we would heed her advice. Oh, absolutely, the tightly integrated economies are a clear winner when it comes to sinking quickly.

But I hope the people at the top realize that they are not outside EU, they are inside it, and it is not in their best interest to build a Titanic out of the EU countries. The strength of the German economy and its resilience to all sorts of political and economic crisis lies in its loose integration and the freedom of every land to develop its own strengths. And that’s a good principle to apply to the whole of EU as well.

Sure, the development and this silly economic growth are not as fast as they would be in a tightly controlled and integrated economy but the advantages of a diversified locally directed economy were clearly seen during the last crisis when Germans could so rightly say “He who laughs last, laughs best.”… -->

continue reading →

Social Engineering

The Dark Reading asked a rhetoric question recently: “When Will End Users Stop Being Fooled By Online Scams?” Well, you probably guessed the answer right away and it is “never”. I do not think it is possible to train the whole population of the planet in the intricacies of security. So the social engineering attacks in all of their variety are here to stay.

From this point of view, the “training” you get early in life matters, I think, quite a lot. I would hazard a guess that people who tried various social engineering tactics on their environment when they were kids are less gullible as a result. So we should not be so hard on our kids when we catch them lying and trying to trick others. Yes, they should know it is not acceptable. But they also should know how it is all done and kind of come to expect this trickery so they can distinguish social engineering attempts directed at them easier. So, do not punish them so hard, better teach them how to do it in a harmless way.… -->

continue reading →

Калинаускас

Из всех социоников я, как выяснилось внезапно и неожиданно, больше всех всё-таки уважаю Калинаускаса. Мало того, что у человека всё очень чётко разложено по полочкам и в стройную теорию уложено, так ещё и всё, что он говорил, пока что находит подтверждение в том, что я вижу вокруг. А тут ещё выяснилось, что он уже тыщу лет с Бахтияровым знаком и вроде его даже уважает. Ну всё, не могу себе отказать в удовольствии такого знатного человека в любимчики записать.

Ну а интересующимся соционикой вкуривать лекции Калинаускаса начиная отсюда.… -->

continue reading →

Orwell’s rules in security

I came across the “six rules of English language” set forth by George Orwell in his essay “Politics and the English Language” in one of the posts on Jordan Bortz’s Software Architecture Blog. They are:

  1. Never use a metaphor, simile, or other figure of speech which you are used to seeing in print.
  2. Never use a long word where a short one will do.
  3. If it is possible to cut a word out, always cut it out.
  4. Never use the passive where you can use the active.
  5. Never use a foreign phrase, a scientific word, or a jargon word if you can think of an everyday English equivalent.
  6. Break any of these rules sooner than say anything outright barbarous.

These rules are absolutely essential for good system or application security. All too often we have the situation where the real target is to provide an insecure system and it is obfuscated by the use of this “political language”. To turn the words of Orwell to our subject, the great enemy of software security is insincerity. When there is a gap between one’s real and one’s declared aims, one does not get proper security.… -->

continue reading →