Tuesday Sweep: 14 Mar 2017
Weekly Round Up
Where do you scan for news? I keep an eye out for recent exploits and breaches that have come to light, new tools, interesting idea’s, etc.
Here’s 5 topics to think about today:
- It’s PI DAY!!!! Did you know they use this manic-pixie-constant for space travel???!!
- I’m following along with the Stanford iOS class… “ish”… but what’s more intriguing is one of the possible prerequisites, CS107 Programming Paradigms. The 2008 videos with Jerry Cain on videos only YouTube. Tod and I are watching one a night and they’re awesome. Professor Cain is marching through C, Assembly, C++, Python talking about not so much about how they use them, but how they work. Within the first couple of classes you’ll see basically how something like Heartbleed can happen at a pretty low level. Programming Methodologies and Programming Abstractions come first, so there is seriously no shame if 107 is over your head. If it is, try learning how to build projects on an Arduino! Making blinking halloween costumes while easing yourself into a C based platform seems like a win win.
- Joe Biden weighed in on Medical Data, but Bruce Schneier‘s TedMed talk “Who controls your medical data?” is a better watch. This goes along with the Gattica level news that employers may soon be able to require genetic testing from employees. If this bothers you, call your members of congress and tell them how disgusting you think this provision of HR 1313, the Preserving Employee Wellness Programs Act is.
- I have watched not a single one, but here are the list of talks at SXSW 2017 tagged “#Privacy & Security,” but honestly the design track might be better for improving threat modeling skills. A more specifically relevant conference happening locally-ish (La Jolla) in June is the “Workshop on the Economics of Information Security.” It’s an interesting interdisciplinary premise that has carried the conference through its 16th year. Financial pressures do tend to leave the deepest mark on the flesh of the C-suite.
- SANS has a pretty good reputation, so I’ll be watching “I Don’t Give One IoTA: Introducing the Internet of Things Attack Methodology” this Thursday at noon PST.
Reflect
What’s are the frictions keeping you from doing “what’s right”? Regret is only useful if it leads to a plan on how to improve.
Sweep
This list will be getting longer, but lets keep it simple while folks are still setting up.
- Updated software recently? Pick a new device to check on today.
- Backups still up and running? When was the last time you made a clean disk image? Here’s a new great article on how to design a backup system.
- Reduce your attack surface: Delete a low quality app from your phone. Delete an account.
- Add a password to your password manager… and delete it from everywhere else.
- Anywhere you could add two factor authentication?
- Double check privacy settings on your phone, social media accounts.
Continuing Set Up
We’ve covered so much so fast. You’re not behind, you’re just where you are. Pick something to do.
- If you’re having trouble with all the set up, the coach tool at the Crash Override Network has a great step by step break down for many of the same introductory steps we did here.
- Review the list of OneThing articles so far and pick one to catch up on.
Engage
We are a community. You are a welcome part of it.
