On September 11th, Rick Rescorla successfully got 2700 employees of Morgan Stanley out of the south tower of the World Trade Center. He was last seen on the 10th floor going back to look for stragglers.
I’m not sure if this photo is from 9/11 or not. Rick regularly ran escape drills for the employees of Morgan Stanley so this could have been from earlier. It is known that on that day, he did reassure people as this picture shows.
God bless Rick.
http://www.medaloffreedom.com/RickRescorla1.htm
http://www.rickrescorla.com/
Archive for the ‘Offtopic’ Category.
Still Remembering Rescorla
On Net Neutrality
The folks over at Movable Type are very proud they they are the technology behind a new website called Its Our Net, sponsored by Google, Microsoft, Yahoo, AOL, Haliburton and Enron.
It seems to me that these huge companies want to provide big bandwidth items. They dont want the ISPs to stand in the way of these big companies getting eyes on the content.
They say they dont want a tiered Internet. There is already a tiered system between dialup and broadband. Even in broadband, I can pay more and get a faster connection. They don’t want quality of service. Quality of service is important in keeping my neighbors bittorrent downloads from affecting my ability to surf the web.
I checked out their site, and it looks like scare tactics. Imagine a world where you can’t successfully research health issues online! I dont see that happening today. What I see is the opposite. Big company ESPN is making ISPs pay so their subscribers can access premium content. They imply that any ISP not paying is providing degraded service. Why don’t they just go the subscription route like every other premium service? They are just following their lessons learned from the cable world. Its easer to force a cable company to make all their customers pay, than it is to get them to sign up individually.
I wonder if so-called net neutrality would allow ISPs to block malicious traffic or undesirable traffic? Would porn filtering family friendly ISPs be allowed to exist anymore? I kind of wonder? They aren’t exactly “net neutral” if they are blocking.
Hands off The Internet has much better arguments in my opinion.
OWA 2007 and Mail Headers
In a long overdue move, OWA 2007 will be allowing users to see the mail headers.
- source You had me at EHLO
HP Cuts Back on Telecommuting
An article in the San Jose Mercury News reports that HP is cutting back on telecommuting within one of its divisions. This is seen by those discussing the article as a man bites dog story. They ask how could any company be backing away from telecommuting? After all, the federal government is doing all it can to encourage telecommuting to ease traffic congestion.
The answer is found within the article. For starters they are banning full time telecommuting, not telecommuting in general. It sounds like you can still telecommute multiple days per week. It seems that what started as an incentive program to keep valued employees was now seen as an employee right. The head of the division felt that it is important to build teamwork, and that only occurs when you actually work together. The younger workers needed to learn from the older workers, and that doesn’t occur when everyone is at home working in their PJs. It is those moments of downtime around the water cooler that provides bonding and creates corporate culture.
tip of the pen to Rod, saw this article linked from his blog.
Myitforum.com mailing list migration
If you take part in the mailing lists over at myitforum, you need to resubscribe. They’ve moved to a new server and are not migrating subscriptions. If you’re not subscribed, your missing some great discussion.
http://myitforum.com/cs2/blogs/myitforum/archive/2006/05/27/20658.aspx
Something Foreign
So I had one of the oddest experiences I’ve had at work for a really long time.
I had a vendor coming in to do a pitch on their product. Originally they were going to do this online as a webdemo, but they realized they’d be in town so they might as well come by and do it in person. A couple months ago I got yelled at by security for bringing a foreign national by for a meeting without filling out some paperwork first. In that instance they let the person upstairs for the meeting. I wanted to do it right this time so I look on the company intranet for the proper procedures and find the Foreign National Visitor Form. It pretty much has 5 things. Their name, their nationality, their company, my signature and my directors signature. I turn the form into security and ask if that is everything they need. They respond that it is. I also provided date of visit and purpose of visit although there is not a place on the form for that.
My meeting was about 4 business days later. On the morning of the meeting, I get a phone call telling me they will have to have their passport xeroxed. First of all, it does not seem like a good practice to have people xeroxing identification papers. Second of all, its the morning of the meeting. Its too late to contact them and ask them to bring a passport. I had told them to bring ID such as a drivers license. At least of the people works locally and of course only brought a Virginia drivers license.
So security has a freaking cow because they dont have the correct identification. I was told they would not let them upstairs. To that I asked I could use a conference room on the first floor. Since outsiders are allowed in the cafeteria on the first floor, could I use a conference room on the first floor not in the secured area. Security responded that the conference room is in a controlled area. I asked how it could be in a controlled area when there is not a locked door separating it from the “public” areas of the building. They responded that I could meet in the cafeteria. The cafeteria is certainly a great place to meet with a vendor. I wonder if I could set up a projector and a screen in there. I’m seriously thinking about next time just hooking their computer up to the plasma screen in the lobby and using that for our meeting. I asked to speak with their Director in the hopes that he would allow us to meet in the conference room on the first floor which is in a non-secured portion of the building. That is when things began to get interesting.
Rather than listen to my concerns about the Foreign National Visitor process, or my experience in getting foreign nationals into the building in the past, the Director cut me off and repeatedly said I was not within policy. He would not answer my questions as to why I was not informed of a passport requirement before the morning of the meeting when I had turned in my visitation form the previous week. This Facilities Director basically called me a liar by denying events that I have experienced (having foreign nationals visit without this hassle), he then made up policy that is not recorded on the company intranet, and basically belittled me. Somehow he managed to do all this while making sure to only say things about how he wanted to help. It was a thing of beauty how he was able to humiliate me while at the same time verbally maintaining his desire to help. He put the cherry on top by sending out an email to me about how much he wanted to help. He certainly knows how to play the game of politics. If only he actually desired to help people with the same ardor. For people like this power is their aphrodisiac. And the wielding of it better than any sex they can have. The satisfaction that comes from crushing power games is still there even when wielded against people many pay grades below. This is a man to be pitied. For he is nothing if not a Dilbert cartoon character.
I understand that given the nature of the facility that we have requirements regarding foreign nationals. But policies need to make sense. I’m just trying to talk to a couple of vendors, not make a huge production number of it.
I still dont know exactly what a foreign national is. Is it a non-U.S. citizen? What if they have permanent residency or a work permit here? I guess I could have learned something if the Facilities Director didn’t have such a huge attitude problem. So now I’m supposed to attend a reeducation session with security. That was the trade off for getting my vendors into the building. Right. I dont think so. I cant wait to see what happens next. Will they lock out my badge (again)? Will they “write me up”. Will they try to yank my clearance (if I have one, you aren’t supposed to admit to having such)? Or perhaps they will merely slow walk the renewal process for it.
I thought about putting this in my personal blog. It would have less potential to cause trouble. I keep that one under password protection. But this issue directly relates to what we do in security. Make the security irrational and people are going to resist it. If you respond by protecting your sandbox and lashing out as this Director did in his passive aggressive way, you will find your kingdom despised. Sooner or later the important things you are trying to do will be trivialized, marginalized and ignored. Piss off enough people and you’ll be on the outside looking in.
Graduating Saturday
I’m receiving a Master of Science in Computer Science concentrating in Information Security from James Madison University. Its been a long road, and I can hardly believe I’m at the end of it. So I’ll be down in Harrisonburg on Saturday at graduation. George Allen is speaking. Weather looks to be 68 and mostly cloudy with a chance of showers.
Two Year Blogaversary
On saturday it will be two years since I started this blog. I’m going to be out of town Friday and Saturday, so I’m posting this now.
While I do this mainly for myself, it is nice to see the the visitor count. Hopefully I’m getting one or two readers and the traffic isn’t just all blog spammers.
Just Call Me Oscar the Grouch
Maybe its just because I’ve got actual work to do this weekend, but I find the April Fools websites to be really really lame this year. Its the same old joke. The site is closing. Oh no. Or perhaps its some funny new product. Did you see Google Romance (Beta). It a barrel of laughs…Not. Actually its something we could all see them doing. They already know everything about me through their storing of my email and my search data. Hey, match maker match maker make me a match.
Last Minute Work
I’ve got a project due today in my computer forensics course. Right now, I’m frantically trying to learn everything I can about FAT and how recover files when the file allocation table has been erased. It looks like its been done in such a way that I need to recreate the FAT table by hand. I haven’t found any utilities that can recover these files for me.
12 hours to go. Full panic mode now. 
