Archive for October, 2013

You’re So Vain

Wednesday, October 30th, 2013

So you think the NSA has time to bug the likes of you? Please. You’re not that important, unless you’re doing things to make yourself stand out, like trying to use encryption and anonymizers for all your Internet traffic. Just think about it…

There are hundreds of millions of Internet users in the USA alone. If you’re in the USA, you’re one of them. That means your traffic is aggregated with all other traffic and dumped somewhere. There is no one person that will single out your traffic to hold up and mock: if you aren’t doing anything exceptional, you’re just part of the vast flow of sludge that passes through the Internet pipes. Even if what you’re doing isn’t particularly sludgeworthy, your traffic is in the mix, so you might as well know what’s flowing alongside your ones and zeroes.

We can start with the 166 million Facebook pages for USA users. Imagine wading through 166 million Facebook pages every day. The number of game spam updates alone would drive a mortal into madness. Then there are the people that post things Facebook has to take down, due to the content being explicitly sexual, overly violent, or slightly critical of the Turkish government’s treatment of its Kurdish population. All that goes to the NSA before it gets taken down by a Facebook drone in Morocco or Vietnam. Those guys usually lose their minds after only a few weeks of doing content review grunt work: there’s no way the NSA wants to expose its staff to that kind of attrition. Let a computer filter it and then file away the report where nobody sees it.

It’s not like the NSA is actually doing anything with that data. How many times do Americans get to see the making of a terrorist/murderer on his Facebook page after the fact? You’d think the proactive chaps at the NSA would swoop in on something as obvious as some of the stuff that these guys put out. The reason why they don’t is that they’re not looking at individual numbers. They’re looking at patterns formed by masses of users.

If you’re doing something unusual like using Arabic in Greenland, that’s going to get on the NSA’s list of things to monitor today. If you’re merely indulging in your favorite sins on the Internet, nobody in a spook lab is giving a flying flip about you. The Facebook traffic is just the start: think of how many times “Friday” or “Oppa Gangnam Style” wound up on an NSA traffic haul. Yeah. Just carry on, citizens, because there’s so much stuff going on that there’s no way you’ll get noticed unless you’re as unique as someone who gets noticed.

Go Cheap, Then Go Home

Monday, October 21st, 2013

There’s the old saw about being penny wise and pound foolish. If you’re a company officer, and you’re looking to skimp on network security and redundancy to save a few bucks up front, just ask yourself this one little question:

How much money will you lose when your network goes completely down due to a security incident or a major hardware failure of a key device? Those events are not possibilities, they are guaranteed to happen at some time in the future. Does the future cost justify the short-term savings?

Does your IT staff agree with your assessment?

If you pay up front and have a secure network with high availability, your network guys aren’t printing off this article in secret and sliding it under your door. They’re satisfied that you’ve followed due diligence and that they won’t have to try and find another job before the big meltdown hits so that they won’t be blamed for your stinginess.

If this article *does* wind up passed to you surreptitiously, then rather than going after the guy that dropped the note on you, how about you revisit those budget figures for network security and high availability and get a better set of solutions in line so that when disaster happens, your network guys are positioned to deal with it appropriately.

At the end of the day, it’s your call, but don’t be surprised if the good talent bails out on a bad network.

IT Personnel Areas

Thursday, October 17th, 2013

Most companies get this right, but there are a few outliers that haven’t gotten with the program. I’m talking about the right way to house your IT personnel at the workplace. Some people get it wrong and put their IT staff into a converted storage area.

Ideally, IT staff should go into an actual, unconverted, storage area. Just run an extension cord with a power outlet strip attached to the area and make sure they wear hard hats, if appropriate. If, however, you have insufficient warehouse space to allow your IT staff to office there, then you’ll have to get creative.

Inspect your building blueprints. You’ll notice that nearly everything will have a label. If you’re lucky, there will be a room without a label on it that’s next to the elevators and/or stairwell. It has a door and, when you see it in person, it’s half-full of building supplies and/or disused computer equipment. That’s the perfect spot for your IT guys!

If you don’t have that, don’t give up. You can still find them a suitable location. See if there’s an internal office – no windows at all on this one – that has very poor ventilation. You’re looking for a place that will either freeze or roast your staff, regardless of season, preferably with some airflow pattern that concentrates environmental evaporates – like 4-PC and Styrene from the latex backing in carpets – in that area. If you have more than one such room, pick the one that is furthest away from the data center and then be sure to use the one(s) that are closer to the data center for furniture storage.

If, for legal reasons, you have to provide a safe and tolerable work environment for your IT staff, there are still ways to optimize their work environment, even if you can’t encase them in a storeroom sarcophagus. If you have a satellite campus, removed from the main data centers, put them there. If there are other departments there, be sure to have your IT staff in their own section, as far removed from the amenities of the building as possible. If you do not have a satellite campus and you can’t stick them in a storeroom, it’s time to talk to a commercial real estate guy and get yourself a remote facility for your IT crew. If you can get your IT guys into a metal building in an industrial zone, that’s almost as good as a warehouse. Failing that, the far end of a light industrial park is another good spot.

Around the world, these are the kinds of environments IT people are used to. These are the environments they expect. If you actually give them windowed offices with close proximity to the data center, they will become disoriented and confused by their surroundings, and those stresses can lead to your IT staff losing their ability to lash out against passers-by. Should your IT staff acquire “people skills,” they’ll never get their work done as a result of having cheery interactions with other people. For them to be focused on their demanding tasks, they need to be kept in hellish, semi-barbaric environments, so that their only solace comes from fixing technological issues and vendor lunches.

How to Think Like a (bad) CIO

Monday, October 14th, 2013

1. Go to a magazine, blog, or website that purports to summarize IT information for executives. Alternatively, go to an airport men’s room.

2. Look at all the pictures, captions, and words in ads printed in large fonts. If in the airport men’s room, take note of whatever is advertised at eye level above the urinals.

3. Become obsessed with leveraging next-generation synergies with the emerging technology described, above.

4. Take the marketing to the next level. One way to do that is the expansion of benefits ad infinitum: if one of those devices/software platforms is good for a company, then one per user ought to be awesome. For example, if one firewall will protect a company, then one firewall per user will provide awesome protection. Another example: if one load-balanced virtual server cluster is good for a company, then getting every user his or her own load-balanced virtual server cluster will definitely deliver those leveraged next-generations synergies.

5. Present the next-level solution to your IT team and express confidence that they can get the implementation done right.

If you can do this and you are an IT professional, you will be ahead of the curve when the orders come down from above, and you’ll be ready to roll with the project.

PROTIP: having budget numbers ready to go on the outlandish ideas is a great way to get the project canceled. Don’t present the budget numbers with a negative attitude. Instead, present a can-do “we can raise the money!” attitude about the massive costs, wait a week or two, and it’ll be quietly moved to the back burner in the next big emergency.

PROTIP: If the big budget doesn’t scare the top brass, then celebrate! Your company is awash in cash and you will get loads of experience on some sweet new equipment. Don’t worry about the waste. Seriously, if you can get it all to work, you’ll have some of the funnest days at your job, ever. If not, well, keep up appearances and it’ll still probably get moved to that back burner in the next big emergency.