Job hunting on your own vs. using a recruiter

A former coworker contacted me last week. He’d been employed in the same place for the last 16 or 17 years and he couldn’t remember how to look for a job. Who better to ask than a guy who’s changed jobs 9 times in the same timeframe? One obvious question to ask regards job hunting on your own vs. using a recruiter.

In fairness to myself, government contracting causes a lot of job-hopping. And in fairness to him, the game’s changed a lot since the last time he had to play. IT Recruiters existed back then, but back then when you wanted a new job, you found it yourself.

I still use both methods.

Read more

Worried about the wrong things? It’s always the wrong thing.

Guy Wright’s piece titled Internet Security: We were worried about the wrong things is a bit old but it’s an important point. Security is a moving target. It’s always a moving target.

I disagree, however, with the assertion that SSL (and its successor, TLS) were a waste of time.

Read more

Why the Target data breach news keeps getting worse, and what you need to do

As you probably know, last year some still-unknown criminals stole a whole bunch of credit and debit card data from Target. And the story keeps changing. First there weren’t any PINs. Then they got the PINs, but no personally identifiable data. Well, the latest news indicates they got credit card numbers, names, addresses, phone numbers, e-mail addresses, and for a whole lot more people, and probably from a longer length of time than just late November to mid-December.

There are a few things you ought to do if you shop at Target, which many people do. Read more

Dvorak is wrong about the cyber war

So John C Dvorak (I’ll call him John Dvorak because he hates it–John Dvorak John Dvorak John Dvorak) says that cyber warfare, like Y2K, is a bunch of hooey.

I lived through Y2K, and I’m fighting the cyber war. He’s wrong on both counts. Read more

CISSP vs. CASP vs. CEH

One of my coworkers invited me to watch a webinar with him today that promised to compare CompTIA’s new high-end certification with the CISSP.

I was skeptical at first, especially when I heard it was an 80-question, 150-minute test. But by the end, I mostly liked what I heard.

Read more

And speaking of SSDs, here’s how Oracle performs on an SSD

Andy Black is a former colleague and an Oracle DBA. Several times in the last few years, I ran into problems where I wished he wasn’t a former colleague, because my team got into some jams that I was pretty sure he could have fixed. (And let’s not even mention the time I got blackmailed into building an Oracle server.)

Last year, Andy did a thorough investigation of Oracle performance on SSDs, and observed very favorable results. Read more

How to start over with MySQL in Debian

I got my new 64-bit web server up and running today. Now the main task that remains is to get my data moved over to it. I talked myself into going with an Apache setup, since one program I want to run (Webtrees) is designed for Apache and its search engine optimization seems to work better under Apache than Nginx. It’s fast anyway; displaying the 17-person family of Andrew Davis McQueen of Leesville, Mo., briefly consumes 2% of the available CPU time in Webtrees with the APC PHP cache installed and enabled. And that should get better, seeing as newer, faster, better versions of both Apache and PHP were released in the last month.

As I built my new 64-bit web server, I messed up MySQL a couple of times. When you break MySQL beyond repair, here’s how to start over with a fresh MySQL install and a fresh /var/lib/mysql without doing a Windows-like reformat and reinstall of the entire operating system:
Read more

A cloud computing-related Security+ question

Someone tossed a Security+ study question my way this week. This is an example of Security+ trying to be CISSP Lite, but it’s still a valid question–probably for either test, and for SSCP and CISM too.

A small not-for-profit organization needs to invest in a new expensive database. There is no budget for additional servers or personnel. Which of the following solutions would allow it to save money by avoiding hiring additional personnel and minimize the footprint in their current datacenter?

A. Linux
B. Software as a Service (SaaS)
C. Infrastructure as a Service (IaaS)
D. Platform as a Service (PaaS)

Let’s take it one at a time.

Read more