Category Archives: Security

Poetry, Security

We Won the TSA Slogan Competition

Leave a comment

I am happy to announce that it has been confirmed that the U.S. Department of Transportation Security Administration (TSA) has chosen a flyingpenguin slogan as their winning entry in a Security Awareness Slogan Contest: “Control, Alt, Delete Before You Leave Your Seat.”

The slogan was posted back in 2006.


Few of us are probably lucky enough to invent something as contagious as a Security-Tubby or a Barney character. Instead, we are stuck with the task of creating “fun” posters with slogans.

One of my more successful ones so far has been based on the saying “Ctrl-Alt-Del when you leave your seat”.

People tell me that no matter how rediculous they might find security slogans at first, eventually this one grows on them and they can’t help but sing it aloud when they leave the office. You know you have won over your users when they start to beg for more effective ways to comply with the “Ctrl-Alt-Del song”.

Apparently it will be used throughout the TSA and perhaps even in other departments. It already is one of my most popular (#6) blog entries of all time.

I thought I should mention it also because a Government CIO article recently suggested there was no good marketing in security awareness:

In short, our users are experiencing the same vacuum of effective messaging about security that the average person watching nothing but fast food commercials would be receiving about health.

Watching nothing but fast food commercials would be a health knowledge vacuum for the average person? Not sure I agree, although I don’t watch them so what do I know?

In any case, as I have presented in “There’s No Patch for Social Engineering“, slogans are not miracles and language is just a tool. But if users are open to communication from their IT department a little word smithing and some poetry can go a long way.

Security

vCloud Health Assessment with VCM

Leave a comment

Amusing video from VMware on how easy it can be to get a clear health assessment of a Cloud environment using VCM.

I love the doctor joke at the start. It reminds me of the joke about a man who asks a Yogi for the meaning of life:

The Yogi says “go to the furthest corners of the earth, drink from the rivers and streams, climb the tallest peaks and you will find what you seek”. The man leaves, does as he was told but after years and years of searching he comes to no conclusions. He returns to the Yogi and complains “I went to the furthest corners…did all that you said but nothing happened”. The Yogi looks deep into his eyes, holds his hand and says “Ok, maybe I was wrong. Here’s another idea…”.

Even if you could find a cloud Yogi you probably would be better served by a product like VCM to automate assessment of your environment’s health.

History, Security

EFF: Historical Facts are not Property

Leave a comment

A database of events in time was in dispute, as explained by the EFF Press Room

The Electronic Frontier Foundation (EFF) is pleased to announce that a copyright lawsuit threatening an important database of time zone information has been dismissed. The astrology software company that filed the lawsuit, Astrolabe, has also apologized and agreed to a ‘covenant not to sue’ going forward, which will help protect the database from future baseless legal actions and disruptions.

[…]

In a statement, Astrolabe said, “Astrolabe’s lawsuit against Mr. Olson and Mr. Eggert was based on a flawed understanding of the law. We now recognize that historical facts are no one’s property and, accordingly, are withdrawing our Complaint. We deeply regret the disruption that our lawsuit caused for the volunteers who maintain the TZ database, and for Internet users.”