All posts tagged cissp

What Linkedin is good for

Alistair Dabbs posted a nice, curmudgeony anti-social-media rant over at The Register. In part, he asked what Linkedin is good for, noting it’s never netted him a job or a useful contact. I found his piece entertaining, so I thought I’d talk about how I use Linkedin, besides dodging recruiters who blindly type “cissp security […]

Spritz promises to revolutionize speed reading

I found a reference this week to Spritz, a promising smartphone/tablet app to help people read faster. Much faster. I tried the demo of the technology and could almost keep up with its 500 word-per-minute pace right away. Now, I’ve always been a fairly fast reader, though I’ve never felt any need to have someone […]

Another day, another router backdoor

Ars Technica dropped this bombshell toward the end of the day yesterday: A backdoor in Linksys and Netgear (and possibly other) routers. The exploit works on a weird port, so it’s not remotely exploitable, nor is someone going to drop it with some crafty Javascript like the recent D-Link backdoor, but it’s not out of […]

How to get started in regulatory compliance

I had a search query about getting started in regulatory compliance, which I’ve written about before, but more from an organizational perspective. That won’t help you much from a career perspective. I think most any CISSP will answer that question similarly, so I’ll take a stab at it.

Don’t be too impressed with Snowden’s “ethical hacking training”

I saw this new headline regarding Edward Snowden, discussing his NSA hacking training. Don’t be impressed. For several years, I lived in that same world Snowden lived in. I’ve gone out of my way to avoid mentioning this, but from 2005-2012, I was a consultant. I worked for several different companies, due to contracts changing […]

Looking to hire IT talent? Write a good job description

I had lunch on Friday with the recruiter who placed me at my current gig. We talked about a lot of things, including our families, but we talked a lot about the tech labor market. It’s growing, finally, and going to grow a lot more in the next few years as Boeing relocates its IT […]

Deconstructing my conversation with “Computer Maintenance Department”

My tell-all about my encounter with “Computer Maintenance Department” was a little heavy on the jargon yesterday. It occurs to me that explaining what some of the terminology means, and the problem with their reasoning, may be helpful. I’ve also heard a few questions through various channels, and I think those are worth answering.

This “Computer Maintenance Department” sure doesn’t know much about computer maintenance

“Peggy” from “Computer Maintenance Department” (1-645-781-2458 on my caller ID) called again. Lots of people are aware of these phone calls. They call, make vague claims about receiving a report that your computer is running slow and giving you errors, and are very careful not to say who they are or who they work for. […]

“They were bored and wished they had a job.”

I was catching up on security podcasts this week, and a brief statement in one of them really grabbed me. The panel was talking about people who steal online gaming accounts, I think. The exact content isn’t terribly important–what’s very important is what this person found in the forums where the people who perform this […]