Monday, April 26, 2010

The message is the message

I came across a great new presentation tool recently and used it to create a talk on Cybersecurity for the Greater Baltimore Council last week.  The tool, called Prezi, gives you a single infinite canvas to write on, and then lets you create interesting presentations by moving around and zooming in and out of the scene.  You may be surprised at how effective this is for dynamic messaging. 

I've never accepted the adage by Marshall McLuhan that "the medium is the message".  It seems to my engineering mind that taken literally this cliche would mean there would be only a few different messages possible, one for each different "medium".  If not to be taken literally, then it falls into the broad liberal arts category of "it means what we mean it to mean when we say it, and is not subject to direct analysis".

Having done a presentation in a new medium now, I'm sticking to my original belief: the message is still the message.  However, this new tool sure does help to make the telling more effective.  I've made the presentation public so you can check it out too.  Click here to view it in your browser.

Friday, April 9, 2010

Beware inside the Hive



The observation "People are like bees"  caught my eye in a book I'm reading by Terry Pratchett and Neil Gaiman called Good Omens: The Nice and Accurate Prophecies of Agnes Nutter, Witch. 


The gist of the full quote was that the security systems that people set up are similar to bee hives.  Bees are very attentive about defending their hives from outsiders and will attack anything that tries to get too close.  But if you can get into the hive itself the worker bees will assume you're supposed to be there, that "management" is ok with the whole idea, and let you go about your business.

This analogy is not far off from what happens in our real offices.  Social engineering hackers like Kevin Mitnick used a variety of schemes to get under the radar and into the relatively safe regions "inside the hive".

Think about it: the photocopy repairman is walking around the office, the delivery guy is in the mailroom, the guy in the suit is looking for someone down in accounting.  What do you do when you see these things?  99% of the time you let them go if you're like most people.

It's a safe bet that this kind of vulnerability will persist as long as we have offices.  Your IT security, and office manager may be aware of it and have reminder programs in place, but chances are that unless you work in a government classified facility a motivated thief, attacker or competitor would have little trouble getting a look around. 

The conclusion: don't assume your workspace is private or secure.  Think about what you're showing on your desktop and computer screen, and take steps to keep it private.