An excellent story about collectors of old signs

Dave Farquhar St. Louis , , ,

The St. Louis Post-Dispatch profiled three local sign collectors this weekend. Bill Christman, Greg Rhomberg, and Jim May go around buying old storefront signage, particularly enamel-painted metal signs with neon lights.

“Most businesses are branded franchises, so you see the same signs over and over, repeating every few miles,” said Tod Swormstedt, who operates a sign museum in Cincinnati. “But the old signs — the hand-carved shoe or the gold-leaf lettering on a window — were iconic and what made each neighborhood unique. People miss that.”

So I guess I’m not the only one who misses that, but it sure seems like we’re a minority.

UEFI on ARM illustrates why we still have to watch Microsoft

Dave Farquhar security, Software , , , , , ,

UEFI is a technology that forces a computer to only load a digitally signed operating system. This has some security benefits, as it makes parts of the operating system unbootable if they become infected, since the viruses won’t be digitally signed by a reputable vendor.

Great idea, right? From a security perspective, absolutely. The more attack vectors for viruses we can eliminate, the better off we’ll be. But Microsoft’s policy on ARM systems shows how it can be abused.

Read more

If you don’t know what SOPA and PIPA are

Dave Farquhar Copyright , ,

If you don’t know what SOPA and PIPA are, I urge you to visit this site. SOPA and PIPA, among other things, completely undermine the idea of due process, without which we might as well still be constituents of King George III.

If we want a government of the people, for the people, and by the people, SOPA and PIPA have to be stopped. If we want a government of the corporations, for the corporations, by the corporations, SOPA and PIPA are a tremendous jump in that direction.

Write your congressmen. You can do it from the site linked above. If you have certifications, sign off with them. Any little extra bit of weight you can throw behind your argument helps.

Copyrights can be useful things, but SOPA and PIPA have too many unintended consequences. It’s like treating an illness with hemlock. It’ll cure the illness, but there’s this one side effect that’s a doozy.

Mozilla goes sane with the corporate ESR version of Firefox

Dave Farquhar security, Software

In what can only be a wise move, Mozilla decided to release an ESR version of Firefox, which will be replaced once a year and patched in the meantime. A six-week cycle is perhaps manageable for home users, but it’s downright lunacy for corporate environments. It’s hard enough to test and deploy pure security fixes in 4-6 weeks, let alone test something that introduces entirely new features and deploy it.

I’m not sure that corporations and Mozilla want each other all that much, but they need each other. It’s a cheap way for a corporation to improve its security posture, as long as testing, deploying, and keeping it up to date isn’t a full-time job for someone.

Why computerized information systems frequently fail to meet the needs of users

Dave Farquhar security , ,

Let’s take a look at another CISSP-type question today, because I think it has broad implications for more than just CISSPs.

Here’s the question.

Which of the following best explains why computerized information systems frequently fail to meet the needs of users?
A)Inadequate QA (quality assurance) tools
B)Constantly changing user needs
C)Not enough project management.
D)Inadequate user participation in defining system requirements

Read more