Category Archives: Security

Security

SocGen report highlights management/monitoring errors

Leave a comment

The BBC story seems more interested in the fact that the SocGen trader was not acting alone, but I find this part the most revealing:

The bank’s management was accused of being “negligent” in not identifying the problem, the report said.

It also found that Mr Kerviel’s direct supervisor was inexperienced, with insufficient support to do his job properly.

“The fraud was facilitated, or its detection delayed, by supervisory weaknesses over the trader and the market activities checking,” it said.

“The trader’s hierarchy, which constituted the first control level, showed itself negligent in the supervision of his activities.”

Mr Kerviel’s supervisor “showed inappropriate tolerance to the positions taken”, it added.

Blaming this on his immediate supervisor is a lot like blaming it all on the perpetrator himself. Surely the controls for this kind of error should be visible at the highest levels. The consequences have been devastating, which suggests security information and event management at SocGen were not integrated into an executive’s view.

Poetry, Security

Waka waka, bang splat

Leave a comment

< > ! * ' '#
^ @ ` $ $ -
! * ' $ _
% * < > # 4
& ) . . /
| { ~ ~ SYSTEM HALTED

Transliterated: Waka waka bang splat tick tick hash, Caret at back-tick dollar dollar dash, Bang splat tick dollar under-score, Percent splat waka waka number four, Ampersand right-paren dot dot slash, Vertical-bar curly-bracket tilde tilde CRASH!

History, Poetry, Security

Surveillance as Art: The Oxford Project

Leave a comment

Some people are constantly playing up the down side to video surveillance. Bruce Schneier is one example, and I have commented on his blog many times about the fact that image capture is just like any other data capture — the use and abuse of surveillance depends on the operator and governance.

I guess you could call my point a “don’t blame the tool” position. However, I admit am not a fan of the “guns don’t kill people” argument. I think the saying that a tool can not be used to kill is absolutist and therefore an illogical statement. I would only agree to a statement that said guns can be used kill people. Thus, I would agree with a statement that surveillance can be used to violate people’s rights, but that does not mean all surveillance is a violation.

Right, all that being said, I really just wanted to give an example of surveillance as a form of art. There are other examples, including the time-lapse project in London (which I find boring and trite — like watching paint dry), but this one is particularly well done.

I suppose I should give a disclaimer, Peter is a former mentor of mine and I really enjoyed the work I did for him (information security for digital artists!) many years ago.

Oxford Project URLs: http://oxfordproject.com and http://welcomebooks.com/theoxfordproject/

In 1984, Peter Feldstein set out to photograph every resident of his town, Oxford, Iowa
(pop. 676). Twenty years later, he did it again. But this time those same residents did more
than pose. With extraordinary honesty, they shared their memories, fantasies, failures,
secrets and fears with writer Stephen G. Bloom. The result is a riveting collection of
personal stories and portraits that tell much more than the tale of one small Midwestern
town. Because beneath Oxford’s everyday surface, lives a complex and wondrous
community that embodies the American spirit.


History of the future will be a study of surveillance databases, and art (including poetry of course) is already derived from new forms of analysis of these repositories of data. Peter has done an amazing job as a pioneer in this field.

Security

Santa Cruz Fire Map

Leave a comment

The cool thing (pun not intended) about using dynamic maps for emergency services, is that real-time data is easily visualized. This is a huge benefit to disaster recovery and incident response groups, as well as friends and family: The San Jose Mercury News has created an excellent example of just such a map:

Firefighters are evacuating residents near a wildfire that is burning out of control in the Santa Cruz Mountains.

Topographical Santa Cruz Fire

Your company should have something like this ready to go as part of your continuity and emergency plans.

Update August 2020: The San Francisco Chronicle has a real-time air-quality map that tracks fires in the region

See air quality in your area in near-real time. This map shows ratings for the Bay Area and California, updated hourly.

Bay Area Fire Map
Source: California Air Quality Tracker

ArcGIS is hosting a CalFire map of evacuation areas:

National Fire Situational Awareness maps are on the National Wildfire Coordinating Group (NWCG) site

And Esri offers an embedded #FireMappers Wildfire Early Notification Map

And data.thecalifornian.com has its own fire map pulling from the NWCG site

San Diego’s Supercomputer Center WIFIRE project is trying to use all this data to predict wild fires of the future.

Source: WIFIRE

And Google has just announced a new real-time fire-tracking feature in maps:

Type in the name of an ongoing wildfire into Google search, and the site will now bring up a map featuring a near-real-time boundary of the fire.