ToddHDow Studios

Category: Technology

  • SC Congress – Day 1 – 9:50am – The Honey Stick Project

    SymantecDay 1 – Tues June 11 2013:
    9:50am – “The Honey Stick Project: Opportunistic threats and human vulnerabilities”, Scott Wright, @streetsec, security coach and consultant, Security Perspectives

    Scott’s presentation was one of my favourites at SC Congress 2013. Here’s a summary of Scott’s presentation:
    In 2011, an experiment was conducted where “lost” smartphones were allowed to be picked up by the public in order to gather data about human threats to data accessible on those devices. What were the results?

    Some additional links:

    What a fantastic experiment! Scott shared some statistics from his experiment:
    Of all of the people that “found” the phones:

    • 50% of people offered to return the phone;
    • 89% of people accessed personal data;
    • 83% of people accessed business data;

    I was interested to hear how Scott’s work was funded by Symantec. This is a great example of industry funding some great independent research.

    Scott also talked about the need to limit the collection of personal data during his research. In a project like this, the potential to capture photos, location info and behavioural information from those that took the phones could lead to embarrassing or otherwise awkward disclosures of data. Scott did a good job of avoiding the collection of personal info by stating which info he would and would not collect during his research.

    Scott left me with a parting thought that still resonates: “We still need more innovation in human studies. People pay attention to stories about other people.”

    And, Scott also left me wondering, “what will Scott work on next?”! I look forward to hearing about future projects.

  • SC Congress – Day 1 – 9am – Addressing today’s security challenges

    SC Congress – Day 1 – 9am – Addressing today’s security challenges

    Trend MicroDay 1 – Tues June 11 2013:
    9am – “Addressing today’s security challenges in the data centre”, hosted by Peter Cresswell, senior solutions architect, Trend Micro.

    Peter provided a good overview of the security challenges that face the industry today. Of particular interest to me was the Cloud Security Alliance GRC Stack Toolkit. GRC = Governance, Risk Management & Compliance. The kit includes the following tools:

    • Cloud Audit
    • Cloud Controls Matrix
    • Consensus Assessments Initiative

    The GRC toolkit can be found at https://cloudsecurityalliance.org/research/grc-stack/

    Peter talked about the types of attacks that are out there and he spent time reviewing Advanced Persistent Threats (APTs). A couple of resources that he referenced include:

    One final resource from this presentation is ISACA.org’s APT Infographic:

    ISACA.org APT Infographic

  • SC Congress Toronto 2013 – A Summary

    SC Congress Toronto 2013 – A Summary

    SC Congress Toronto 2013I attended SC Congress Toronto 2013 this past week. It was a great conference and I want to share my experiences. So, here goes…

    Conference Name: SC Congress Toronto 2013 (hosted by SC Magazine)
    Dates: Tues June 11 and Wed June 12 2013
    Location: Metro Toronto Convention Centre, Downtown Toronto

    Overall summary:
    I was impressed with SC Congress 2013. The speakers were good, the content was current and helpful and the facilities were perfect for the size of the conference. My only complaint is with the food – compared to other conferences I have attended (Sector.ca, for example), the lunch food portions were small and the variety of breakfast food available was limited. Overall, I would like to attend this conference again next year.

    Here are my summaries of some of the more notable sessions that I attended.

    Day 1:

    Day 2:

    Let me know if you have any additional information or if you think I’ve misrepresented or neglected to mention anything.

    Talk soon!

    Todd

  • I’ll be speaking at WordCamp Hamilton 2013

    I’ll be speaking at WordCamp Hamilton 2013

    wordpressIt’s official – I’ll be speaking at WordCamp Hamilton 2013 on Sunday June 23 2013 at the Art Gallery of Hamilton. I’m excited to be able to participate in what looks to be an awesome day:

    All attendees who purchase a ticket (only $20!) enjoy:

    • Continental breakfast
    • Catered lunch
    • Event t-shirt
    • Up to 7 talks from great WordPress speakers on a variety of topics
    • Panel Q&A session with the speakers at the end of the day
    • Complimentary beverage at the after party location (TBA)
    • Free WiFi internet access at the venue
    • “Swag bag” with WordPress and sponsor goodies

    And, participants will be helping to encourage and support a great community of developers in the Hamilton area.

    Check out the event (wordcamphamilton.com), buy your ticket(s) and enjoy a great day with the Hamilton software development community!

    Be sure to follow along on Twitter for the latest updates: @wordcamphamont

    Talk soon!

    Todd

  • Google+

    Google+

    This is part 5 of my blog series entitled Set Up Your Tools.

    Google+

    Google+ is another big player in the social media space. Google+ offers the same things that Facebook offers:

    • a newsfeed
    • photos – integrated with Google’s Picasa service
    • events – tied in with Google’s Calendar & Hangouts tools
    • communities
    • and a bunch of other options like circles, local and games

    Like Facebook, Google has developed a Platform that users can build upon. You can add social plugins like:

    • +1 buttons – these are Google’s answer to Facebook’s “like” buttons
    • badges – your Google+ profile can be embedded almost anywhere
    • share – users can share your content with their “circles of friends”

    And, Google+ has the customary mobile apis as well, which ensures that you can build cross-platform support for Google+.

    Google+ has taken a circular route to fruition. Where Facebook started as a social platform, Google+ has grown out of a variety of tools that used to be separate and are now being weaved together as a larger fabric. This has worked well in some ways, and it has been challenging in other ways.

    Google has built some really good tools (Picasa for photos) that are now being used as a key component of the Google+ experience. Google Search, Google Reader and various other Google tools also integrate quite seamlessly with the Google+ experience.

    One area of confusion for some users has been Google’s permission model, referred to as Google Circles. Circles are Google’s way of allowing you to segregate your audience. You can create one circle for your family. Another for your co-workers. And a third circle for your friends that know about the gambling habit that you keep from your family and co-workers. And, you can post info to each of those circles without the other circles knowing about them. This is great for keeping your social circles up to date in one place. But it’s confusing for some. And thus, the barrier to entry can be daunting.

    I love the concept of segregated user groups. The ability to share what I want with a select subset of users is fantastic. I can target my content to those that I think will be interested in it. Some of my friends that I am connected with on Facebook comment that some of my posts are too geeky for them. Targeting my content to certain circles would help in this way. This mirrors targeted advertising – another market space that Google excels in. I don’t think this “mirroring” is by accident.

    Something to note: definitive stats are hard to come by, and they are even harder to interpret when they are available, but many perceive Google+ to be the geekier cousin to Facebook. Google+ adoption rates have been growing over time, but at one point (Dec 2011) largest group of users of Google+ tend to be males between 25 to 34.

    But perhaps the bigger barrier than building discrete circles within Google+ is simply the daunting task of recreating your Facebook friend list on yet another social media tool. This is, to me, one of the greatest barriers to adoption for Google+. People invested heavily in their Facebook networks. And many of those people don’t want to do it again. So, until people have a compelling reason to rebuild their social neighbourhoods, Google+ and others like it will play second fiddle.

    Regardless, Google+ is a force to recon with. Its growth is accelerating: Today Google+ is the fastest-growing network thingy ever.. And Google+ is only going to become more dominant as it continues to integrate itself into all of Google’s services (think Search, Gmail and YouTube: There’s No Avoiding Google+.

    Feel free to look me up on Google+ and add me to your circles!

    Todd