Silicon Shecky

Infosec Practitioner

Connect

Over Complicated?

By Leave a Comment

“Any sufficiently advanced technology is indistinguishable from magic.” – Arthur C. Clarke

“Any sufficiently advanced magic is indistinguishable from technology.” – 7th Doctor (Sylvester McCoy) in Battlefield

So which do we have? Talk to people and computers is magic, is technology is both. Those of us that understand computers are wizards, magicians, technological experts. To put in terms that someone on Facebook might understand, “It’s Complicated,” and it gets more complicated every day.

I am not going to get into the usability question the way that Wendy Nather did. She does it so much better that I could. Instead lets look a bit more at how the complication has come about and why it keeps increasing.

We have a ton of “solutions” for security. As we get more granular and more “advanced” each solution is more and more targeted and creates sub verticals inside the world of making things more secure. This is the wallpaper that Wendy talks about. Each layer actually makes things less secure overall. Now, I am not saying we do not need controls and software in place. I wish I could find this clip on YouTube, but in Doctor Who back in the Tom Baker era, he opened a really electronically complex door with a bobby in. When asked why he did not use his sonic screwdriver he explained, “The more complex a thing becomes the more susceptible it is to the overlooked simple way around it.” We are headed in this direction. Think about the extra code, the more ways there are way to look at the problem. Just look at the living off the land that teams are using now to avoid detection. This doesn’t though explain how all this complication came about, just where it is all heading. So how did we get to this point?

The way I see it there are two base reasons for the increase in the complexity. The first and foremost one I think is ego. Ego drives us, and it is no inherently a bad thing, actually it can be a very good thing. It also can easily get in the way. Ego drives us at least partially to find bugs, to find new solutions, because we want that recognition, even if it is only on a subconscious level. It also drives us to start up derivative companies in an area of cybersecurity. Why? Because company A won’t listen to our solution so we strike out on our own. this can lead to the second reason, money.

Plenty of solutions start out without money in mind. Small project of love. Then we realize we might be able to recoup costs or even make a living off our labor of love, but to do that we need to bring others in that want to be a part of such a labor of love. Wait, to be able to pay them, we need money, so we either take out loans or get investors. The investors though want to see a profit, so we start making things more complex or entering into side projects that might be related to the original, because we have a name people trust. This creates the other subset that money creates. Lack of collaboration.

The lack of collaboration is easy to see in the anti-virus industry, but it exists across all the verticals. It comes from each company having its own secret sauce to their solution. That secret sauce is what makes each solution different, but also can leave blind spots in said solution. If all these vendors really had security first and foremost in mind, the would be working together in the development of the solutions. Yes this would make the solutions similar across the vertical, but considering each vendor has areas of strength that the others don’t, it creates a solution that is going to be more secure overall, that actually should not have the integration problems that we currently run into. How many times have you run into using multiple vendors items and found an incompatibility between them? I see it quite often. That incompatibility is now a security hole. There is an area that gets opened up. This creates a spot for a third vendor to come in with a solution. More cost, more complexity, more advanced technology, more wizardry.

So how do we fight back on this? Honestly the only thing I can think of is opening collaboration between each other and companies. Work together to bring the simplest, most comprehensive solutions forward. This happens occasionally when alliances and partnerships or buyouts happen. At least they try to happen until the ego gets in the way again. Still collaboration is going to be the key going forward. Many of us talk about the great community we have. We need to work together to simplify the complexity, to remove the wizards and magic, because if we can get out of being looked at in that fashion, those outside of our field will have an easier time helping keep things secure, it gives a way out of the conundrum that Wendy mentions. It is not an easy road, but then again, nothing worth doing is easy. We are the problem solvers, so let us solve this problem.

Microsoft Surface. Hit and Miss.

By Leave a Comment

Microsoft entered the tablet hardware business with the launch of the Surface line starting with the RT back in October. The timing on it for me was pretty good because my office was getting ready for a technology refresh, and I got to test it. Now, months later, what I call the new shiny syndrome has worn off.

When you look at what works and what doesn’t in the world of technology you come to realize a few things. First, so much is subjective. Second, people tend to dislike change. Third, change is inevitable. With this in mind, looking at the past 9 months with the Surface RT I have found a lot to like about it. There are pitfalls with it also, but it really is a solid tablet.

The Windows 8 interface is perfect for the RT. I find live tiles to be a great idea that matches and surpasses the widgets I have on my Android Tablet. iOS of course does not have anything like widgets or live tiles to compare to. The problem with the live tiles is the way they update, or at times don’t update. I find news stories to be on the older side half the time. I don’t get decent updates often enough for my liking. These problems though I have found to be true of widgets also.  There also is no intuitive way of stopping the live feed on the tiles.

Metro style apps are easy enough to get use to. Gestures for bringing up menus and doing things inside these apps are very consistent, which makes the learning curve a lot simpler than iOS or Android. The issue with Metro Style though is that same thing. If you are use to the way an app works on the other OSes, odds are you will have trouble finding the same features easily. Also the swipe down partially to bring up menus can be a bit trying at times, although not as difficult to master as the swipe completely down to close apps. If you don’t start from the right spot and go at the right speed, closing apps does not work, and I still find myself taking 3 or 4 swipes to close apps.

The biggest plus is the Office apps that come with the Surface RT, and with Outlook being added to that with the 8.1 Windows release, this just becomes better.

The biggest issues for me though come in the touch screen itself. I find it inaccurate. For instance, if I am on Facebook and want to share something on a friends timeline, I find myself going through the steps 4 or 5 times because I think I am tapping on share to friends timeline and it reads it as share to group. I find myself hitting links multiple times before it registers the tap also.

The soft keyboard which I have is decent, but also has its issues. I have found it losing responsiveness when typing, or registering the wrong key. In fact there is no rhyme or reason for this as the keyboard winds up either overly sensitive, or not registering my pressing at random. The Tablet itself will type normal for a moment, then buffer oddly and take 30 second or more to show the next stuff typed, which makes corrections rather difficult and causes delays in getting work done.

The weight and feel of the Surface are my final complaint about it. It shouldn’t feel as heavy as it does. Also the way it is shaped can leave hard marks in ones hand and cause pain if held for extended periods.

Don’t get me wrong, I love the tablet itself, and it gets used way more than my iPad. My ASUS Android tablet is still my primary tablet overall, but the Surface makes a nice backup. People seem to be worried about the amount of apps for the Windows RT environment, but honestly, I find most things I use a tablet for have an app, and most of them are available across the board. A decent free IRC app is all I have not been able to find so far. With the recent price cuts, I would recommend this to most people, although I am sure there are better devices out there from other manufacturers with Windows RT on it.

There are 3 tablets, which one I prefer

By Leave a Comment

I have in my possession a Surface, an iPad, and an ASUS T300 Android Tablet. After having spent time with all three, I look at the pluses and minuses of them, from my perspective, which means that there are opinions in here that are just that, opinions.

Tablets are the new big thing. Everyone wants one, and plenty of companies are making them. Some tend to be designed for specific things (Nook, Kindle) while others make what seem like empty promises to me. I started out with a Nook Color e-reader not long after it came out. I had figured that it would be the tablet of choice for me. Problem was, the 7″ screen and lack of apps, especially free (Ad Supported) apps made me think of getting something else.

That something else came from my work. As we were getting iPads and starting to support them at client sites, they gave me one. this was for me to play with, learn about and use so I could support them. I enjoy the iPad experience. It is quick, and solid. I don’t like Apple, their holier than god and we know what is right for you attitude, and the lack of decent tech apps. Video playback on it has been nice on trips, but I am limited to the Apple formats, as usual.

The Surface is the newest of the Tablets I have. I really had high hopes for this machine, and maybe in the future it will reach those aspirations, but not at the moment. Right now, I deal with the frustration of not finding either the apps I use or an equivalent. Flip Toast is ok, but has bugs (They have told me they are working on fixing them). I can’t find decent Network tools, most apps that I can get free with Ads on other platforms, cost money, or are more expensive than they are on other platforms. Then there is also my Nook issue. I have the Nook app, or my Nook Color on everything else. My Library is there on all my other devices. Microsoft, which bought an 18% stake (IIRC) in Nook has no Nook App for Windows 8. In Fact if you search for Nook in the App Store, you get 2 choices as of writing this article, Kobo or Kindle. So much for partnerships. Don’t get me wrong, there is good about the Surface. Office works nicely, the hardware is responsive and the tile system looks nice. Plus there is the keyboard cover, which is pretty sweet.

Both the Surface and the iPad I got through my office for testing and learning purposes. We want to make decisions on what our sales and service techs are going to use going forward. Honestly, I would lean to the Surface, because of Office, and because of the ease at which it integrates into a Microsoft environment. I can access network shares easily (even though I cannot join an RT device to the domain), and it will do everything that our sales and service teams need. The iPad integration we were trying with a Mac server and we just could not get it to do what we wanted.

The ASUS Transformer T300 is a personal item. It was a birthday gift back in Sept. To tell the truth, I love it. Outside of Flipboard not being available for it, I have everything I want or need on it right now. Yes, I am using Pulse on it, but the lack of new sources I like, and the lack of aggregation from the social media world, makes Pulse a bit annoying, especially in regards to World/U.S. news. Still, I have everything else, including a free Office Suite (which is amazingly useful in its own right). The only drawback to the T300 as compared to the Prime, is the plastic back. I also got a 3rd party case/bluetooth keyboard for it which works as nicely as the Surface’s keyboard cover.

My recommendation right now to people would be the Android Tablet. The T300 does it all, and while a bit sluggish at times, is still is plenty responsive. There are more free apps available for it, and you are not tied into iTunes or Apple’s network. The Surface might be the thing in the future, bight right now, it doesn’t have enough to make it worthwhile, especially on price point. The T300 costs under $400 for a 32GB model. The iPad and Surface (with Type touch cover) are both at $600 for 32GB (Without the Cover the Surface is $499 for 32GB).