Thursday, April 30, 2009

Sneaky Twitter Tweeting

Ok, so I was bored. And then I saw the challenge -

It came, ironically enough via Twitter.

It is a Twitter client that looks like Excel. If you boss walks past then he doesn't spot you wasting time.

Nice idea but lets see if we can take it further.

Twitter inside Excel. No tricks, no fake screens. Just the real deal. Create one sheet for work and one for play.

Ok, so how?

Step 1
Open Excel

Step 2
Click "data" then "xml" then "import" and put in the following URL:

http://twitter.com/statuses/friends_timeline/[userid].rss

UserId is your userID which you can get by logging into twitter, going to twitter.com and hovering your mouse over the RSS logo on the right.

Step 3
It will ask you for your twitter username and password (unless you are logged in) and pull the information into excel. As a bonus you can right click, select XML and refresh the information.

Step 4
Different versions of Excel will work slightly differently.

Note that the information doesn't just magically appear in Excel, it is loaded via your browser (running in the background with no window) so if your employer has a proxy server (they should) with logging on (it should be) and they have suspicions about you (I hope not) they can still see your twitter browsing even if your boss can't see it by glancing over your shoulder.

Thank you Dominic for the challenge.

PS. using the Twitter API, it should be possible to post to twitter and see DMs and @ messages and your own status etc etc but I didn't feel like playing with it that much. Maybe I will. At the moment, you only get your personal stream, unsorted. In Excel.

Do I live the first suburb in the world to be smurfed?

So, strange reports started coming in to the media this week about neighbors whose gate remote controls and car remote controls had stopped working. It was across my neighborhood but not those around us. It didn't affect us thank goodness. No-one knew what was causing it.

It turns out that new special meters that have been installed are to blame. They consist of the bit that measures the electric usage and a bit that reports it back to the electricity company. They communicate with each other using the same frequency that gate and car remotes use.

Somehow they have been "over-communicating". This has led gate remotes and car remotes to stop working due to all the signal-noise. It made the press because in South Africa a non-working gate remote on a dark night can lead to some pretty ugly crime.

The electricity department denied that it was their machines until it was proven otherwise with signal measuring tools. Now they claim that it was a third party device that caused their meters to start shouting to the world at large. They have a 'patch' for the machines that can stop this issue.

Exact details are sketchy but it sounds like someone managed to launch either a smurf attack or a DoS attack on the machines which in turn made things like electric gates, garage doors and cars not work. Parts of the neighborhood were essentially shut down. So, I'm claiming to live in the first suburb to be smurfed.

Friday, April 17, 2009

Analogy vs analogy. Let the games begin!

[Enforcement or Awareness? Whats best?]

Since my posting about how seatbelt legislation improved the use of seatbelts was very popular, I like the idea of traffic rules being used as an analogy for Information Security. So it was quite exciting to see some Gartner thinkers copying me (obviously they read my blog religiously, debate it at length and then copy it. I am that good).

So, the first one was about traffic light cameras causing more accidents than stopping them. And how the government won't remove them because they make some good money from them. Enough said there. The other was about how traffic speed signs have been around for years but not very effective but speed cameras are very effective.

Reading between the lines, it seems to me that the article puts down the idea of awareness in total as being not effective. Which is fair enough. In Information Security you can preach for hours but unless you actually capture the hearts of those in the room then you are lost. They will not listen. One way to go is to use a combination of things including awareness and enforcment.

Taking Then you've won.

Monday, April 6, 2009

The Issue With Cloud Computing

I really like the way The Hoff puts things sometimes:
We’re told we shouldn’t have to worry about the underlying infrastructure with Cloud, that it’s abstracted and someone else’s problem to manage…until it’s not.
I think that sums up in one line the problem with Cloud Computing. You are essentially making your job easier by dumping the responsibility for Security (and Availability) onto someone else's plate. Which is fine until they post a note saying "Sorry" and you are left with no service.

Or worse - data that has gone off somewhere that you don't want it going!

The Conficker Eye Chart - Really!

This Conficker Eye Chart is brilliant!

Information Security can get a bit drab and boring. Especially when the auditors start poking around and you are arguing about the minutiae of your security policy. And especially when you look at the designers with their Apples and the programmers pumping out new Web 2.0 frontiers.

But sometimes, someone out there comes up with something so silly but effective that it just has to be blogged about.

The Conficker Eye Chart is simple - it tries to download images from Sites that Conficker blocks. If you can't see them then it could be that you are infected.

But you really have to see it. I wish I had come up with that one!

Wednesday, April 1, 2009

Isn't Open Source Wonderful?

[Nokia releases Open Source Symbian and it is installed on a toaster]

There is a news story about a toaster running Symbian (the platform that newer Nokia phones run).

It does this so it can provide extra services like measuring the heat of your toast etc.

Full set of features:

  • BreadSense mode that uses internal sensors to figure out the ideal heat setting and time for the bread you have inserted.
  • The large touchscreen UI also allows you to tweak the settings to suit your personal taste.
  • Toast settings can be saved and assigned to individuals. A finger-print sensor on the side identifies the user and automatically displays their personal presets.
  • Additional presets and sandwich serving suggestions can be downloaded from the internet using the built-in WiFi connection.
  • Users can share their own presets and recipes online too.
  • Can connect to your phone via Bluetooth and upload reminders to buy more bread when you run out.
  • The screen can display useful online information such as news headlines, weather forecasts and video feeds to keep you entertained and informed in the kitchen.
  • Firmware updates are automatically downloaded and applied over the air to make sure you always have the latest features.
By the way, happy April Fools Day. Still, some April Fools Jokes come true...

Note: click through to see the image of this toaster, I want one. And I'm not sure why!