This weekend has been so much slower than last and I can’t even begin to explain how good that is. I think the problem with last weekend was that it was the culmination of my sister’s birthday and mother’s day. Combine that with my family, Sara’s family, having to celebrate with my sister in silos to prevent interaction between my mum and dad.. it felt like we never stopped.

Today on the other hand had me up and about, but not rushing about, caught a coffee with my mum and wandered around the city prior to me ending up in the rehearsal room for 4 hours and then just spending some time catching up some Internet reading.

Some of the more interesting things from today’s reading include:

• The new Google Analytics. With all its revised Web2.0 web site statistic goodness. The only problem I have with the new version is the fact that it’s still so good at telling me how poor my hits are.
• Another Google statistic item, this time the Gapminder World 2006. Provides you more information on global statistics, for example life expectancy versus income per capita, than you can poke a stick at.
• Finally, the Remind Me video clip from Royksöpp. Saw this on the core77 blog and was really impressed with it. I love this style of art.

This is a great article on a flaw in how aol.com handles passwords whereby the site would truncate passwords down to 8 characters.

Reminded me a bit of how the good ol’ Microsoft LM Hash worked.

I’ve been really enjoying darkreading as of the last couple of months and their recent article on Security’s Top Five Priorities is no exception. It’s also good that they mention that their recent findings are different from similar research they performed not more than five months ago. This is a clear sign of how volatile this industry is, and I guess why I find it so interesting.

In short their top 5 priorities are as follows:

1. Portable Devices leading to unauthorised information disclosure OR malware introduction
2. Web application security, especially as these are becoming ubiquitous and often slip through firewalls and IDS without too many problems
3. Security leaks and insider attacks, good examples of how the old “egg-shell” paradigm just does not cut it these days, you can’t just install firewalls to block the Internet when you give your 100+ inside employees access to sensitive information without controls. This problem also steps outside the boundaries of technology which is quite nice.
4. Endpoint security. This can mean so many different things but this article is talking directly about Network Admission/Access Control
5. Botnets

Personally I’m surprised that Botnets made it into the list over something like compliance or security awareness training (read social engineering), but their sample base is probably quite varied and I guess a lot of ISP/Marketing type companies might rate Botnet threats quite high compared to other issues.

I also find it interesting how some of the items are so closely related, in particular portable devices, endpoint security and insider threats. These three threats, in many cases, would not exist without the other. A good example is software which may be used to place controls around authorised USB memory stick access, directly related to portable device security but also acting as an end-point control usually trying to minimise the likelihood of an insider taking away sensitive information. This is of course referring to end point security which is not directly network access based.

Another interesting point is how their results differ slightly from the most critical issues that were highlighted in the 2006 CSI/FBI Computer Security Survey, being:

1. Data Protection, including classification, identification, protection and application software vulnerability security
2. Policy and regulatory compliance
3. Identity theft and leakage of private information
4. Viruses and worms
5. Management involvement, risk management, or supportive resources such as HR

It’s been a little under a week since I turned 25 and I have to say I’m doing a fantastic job of making it last. I mean there is still some cake left in the fridge 6 days after!

As far as birthday presents go I was spoilt rotten, as usual, here is a pic of some of the goodies.

For birthday cakes I was lucky enough to receive not one, not two, but four different cakes. My favourite was easily the chocolate cake made by Sara and adorned with Strawberries!

In addition to being long lasting it’s also been a fantastically interesting week, work wise. It’s been the 2nd week of my new job and every day is exposing more challenges and more things which are interesting me. The more I get to know my colleagues the happier I am at the decision I made to shift into this job.