Filippo Valsorda wrote a test to check whether your PC is vulnerable through the Superfish Malware, that Lenovo decided to preinstall on it’s devices.
Check here if you trust the Superfish CA.
Blog
-
When a Project dies
When is a project dead?
One question that somebody asked me a few days back keeps me thinking for a while now. Mostly, because it should not have a clear answer. Have you ever had to ask yourself, what to do when your heart-project is at risk to co
me to an end? A project that just dies, has had some serious problems. A dead-end, that leaves no next steps, along a final decision. In a way that no project goal materialized and no other milestone is reachable? If that is looming to happen, one should consider to check the project plan and answer a couple of questions about the failure. How did all the tasks and work packages depend on each other, that they made an entire project fail? Were some assumptions to optimistic? Was budget too tight? Was the project to ambitious?The show must go on
Depending on size, no project is barely ever dead. Typically, a project consists of multiple components. Milestones, Tasks, Work-Packages, are just common terms for break downs structures of a project. Such fragments, re-used or re-arranged, can help achieving a modified goal. There are reasons, one or another milestone had difficulties. There are hard facts, like budgets, technical dependencies or necessities, required skills, availability of material or combinations of anything. And there are soft facts, like project team engagement, stakeholder opinion, even hubris may result in milestones not being reached.Failure
A roadblock, identified early enough, allows to realign a project plan, to cope with any trouble, endangering tasks and milestones. In an iterative project approach, the project lead can change a goal, aligning with changing requirements. This way, the project may not reach it’s initially intended goal, but it will not fail in its totality. When a project dies, it will leave bad feelings with the budget owner, with stakeholder and the team. A goal that the team reached, maybe through a more creative approach, will still be a goal reached.
-
Lenovo compromises SSL.
As if governance surveillance wasn’t in the news enough these days, hardware vendors are more or less trusted. Hardware with Windows OEM versions are long known for coming with adware pre-installed. Lenovo comes into the limelight for having installed Adware, that comes with a certificate to allow “Man in the middle” attacks, intercept secure connections and insert adware into trusted brand sites. Having software from a company named Superfish installed is a nightmare for any consumer. That adware removes any trust in online content and Lenovo as a vendor.via Marc’s Security Ramblings.
Update:
Erratasec.
-
OWASP Internet of Things Top Ten Project
The OWASP Project is looking at the Internet of Things, too, and published a top 10 of security concerns for that matter. While all of this is reasonable for the Internet of Things, it can be applied very generally for the Internet of anything. Good security pays in every environment, it’s just the Internet of Things has potentially more attack surface. -
Disk Forensic Evidence after Equation Group
After Kaspersky found hard drive firmware malware, @dragosr makes a valid point about disk forensic evidence. In particular, since the published timeline of the Equation Group reaches back as far as 2001.
Whoosh and there goes "beyond a shadow of a doubt" for any disk forensic evidence used in any court case.
— dragosr (@dragosr) February 17, 2015
-
Uber: Privacy Issues
A few days old already, Richard Gutjahr reported Uber has a privacy issue. Apparently, the now 404ed Lost and Found page listed not only lost items, but also usernames and contact details.
via Richard Gutjahr.
-
Henry Rollins on attitude.
For a punk, Henry Rollins is always worth quoting for his attitude.
Happy Birthday Henry Rollins. pic.twitter.com/UQQ4BI9qqN
— Letters of Note (@LettersOfNote) February 13, 2015
-
Don't aim for disruptive
The tech industry is optimizing everything around us, disrupting every aspect of social, business or whatsoever. The thought everything will be easier is just so tempting to everybody remotely involved in anything remotely digital. And that’s why so many app-developers, start-ups, evangelists feel inspired by the opportunity. Every new idea needs to be ground breaking, revolutionizing. And that’s why that concept of “disruptive” became so popular, even while interpreted fundamentally wrong by this group of technologists. Clayton M. Christensen who coined the term, explored development of disk drives and described generational change in the technology, each disrupting the market of the previous generation.
However, none of the following generations of disk drives was designed as “disruptive“, but to have advantages over the previous one. (more…) -
15 years neumeier.org
neumeier.org is 15 years old today.
Domain Name:NEUMEIER.ORG Domain ID: D19886705-LROR Creation Date: 2000-02-15T13:24:23Z
-
Everybody should code.
Just read a blog that made quite an argument against the education of coding. The core argument cited Henry Ford with hist famous saying, if he had listened to his customers, he should have built a faster horse. The derivation in this argument is, that with everybody able to code we, as an economy, are continuing what we are doing, only faster, but in reality need a car.
However, the derivation is based on the assumption code was for apps alone. Using Henry Fords citation as an argument against learning to code, is like saying “Education in engineering is wrong because it will just produce more engineers doing their engineering thing”.
While it is true, not everybody needs to be an software engineer, not everybody needs to be a mechanical engineer, either. Still everybody today taking a drivers test (in Germany, [1]) will have to be prepared to answer fundamential technical questions. These include questions for tires, lighting, breaks, steering, liquids and liquid levels, as well as the meaning of indicator lights. It makes using a car more convenient for the consumer, just as it makes driving a lot safer for the rest of all road users.
Today, all work disciplines are confronted with computers in one or another way. Code is the integral ingrediant that makes them work. In computer engineering, there are different levels of code, that are more or less abstract to the bare machines. Just above machine language, patterns emerge that repeat all across all applications one can think of. May it be loops, conditions, basic algorithms to bother the comparison once again, are the equivalent basics of steering, liquids and breaks.
A basic understanding of how these machines work should be as fundamential as the ability to read, write and math, without which the car wouldn’t exist. It will allow us as an economy to built the next “car”.