Kevin's Coffee Break: March 2012

Thursday, March 29, 2012

Cloud Partner Security

As a podcast junkie, I have to give the Virtualization Security Round Table #74 a lot of credit for a great topic and good arguments. They brought up an excellent point. Suppose you are working with a cloud provider who claims to be completely secured and has the industry certifications to prove it. And then you put a cloud management engine or interface in front of that provider: perhaps Rightscale, Ylastic, Cloudsmart, or any other tool that requires you to provide your cloud credentials. You might have just negated all that great cloud provider security! You have allowed an 'unknown' to have keys to the front door. If that provider gets hacked, the hacker can own everything in your cloud and could use that as an attack vector into your company. Leason: put third party tool providers under the same scrutiny that you place cloud providers.

Tuesday, March 27, 2012

The Nano Watch

Have you heard about the Apple Ipod Nano watch? Neither had I until it was mentioned on the vChat Podcast #22 so I decided to check it out. Sure enough, it is an MP3 player with a clock face that you wear like a watch! If you aren't familiar with the Nano, it is like a small iphone without the cell phone capabilities. You can watch video, listen to FM radio, use Nike+ and more. There are dozens of different watch faces you can choose from. The Nano starts at $129 and watch bands are $30-80.

Monday, March 26, 2012

Office/Studio Update

This was a productive weekend. First, I finished framing the heat duct and then hung fire rated drywall around it.

Then I started the mold and moisture resistant drywall on the walls. There are tons of electrical boxes and each one needed to be cut out.

I finished around half of the drywall.

Thursday, March 22, 2012

The Micro Server

Everyone knows I am a podcast junkie. I listen to many podcasts and I make many podcasts. In the vChat podcast #22 they talked about creating home computer labs using the HP Proliant MicroServer, so, I thought I would check it out. The microserver costs around $250-350 and can support up to 8GB RAM. It uses the Turion Neo Dual-core processor from AMD, and allows RAID across its SATA drives. HP positions the server for small offices, but the price is ideal if you are an IT professional in need of a home lab.

Tuesday, March 20, 2012

Cloud Security

I am a podcast junkie. I like listening to and creating podcasts. I listen to many podcasts on many different topics.

The Virtual Security Round Table #74 provides great arguments around cloud security. They argue that cloud providers can claim they have all the industry security certifications in the world, but they won't divulge the details and scope of those certifications. There is no way to tell whether the scope of, say, the PCI certification matches your needs or plugs into your processes. The podcast producers would like to see providers settle on the Cloud Security Alliance certification, which provides transparency and visibility into those certifications.

Imagine that you have deployed company assets into the cloud and then get hacked. You have no way of knowing whether you did something wrong or whether the cloud provider left a vulnerability open. Customers can not see the audit logs. When signing up for service, customers sign-away all responsibility the cloud provider may have. You have been hacked, you have lost data, and you are responsible for that loss even if it isn't your fault and even if you have no way of performing root cause analysis. You might have no way of determining whether the exploit is fixed or if you'll get hacked again tomorrow.

Suppose the cloud provider makes a configuration mistake and allows another client onto your virtually secured private subnet. You would have almost no way of knowing, almost no way of proving the problem, and probably no way to seek damages from the cloud provider.

To make matters worse, you are responsible for securing your cloud deployment, but most cloud providers will not permit you to run a scan (such as a Nessus scan) in the cloud. Therefore, you have limited means by which to determine whether or not the cloud implementation is secure.

This has created a no-win security scenario for customers. Customers can't see the details of cloud certifications. They can't see into logs and configurations that would assure proper security. They can't perform root cause analysis against security problems. They can't perform security scans that make sure their implements are safe. Yet the customer is fully responsible for security.

Sunday, March 18, 2012

Office/Studio update: Drywall

$200 in mold resistant and fire resistant drywall: purchased, transported, and moved into the basement.

Saturday, March 17, 2012

St. Patrick's Day

To Celebrate St. Patrick's Day: the night before we had Hibachi. It was very warm on Saturday so for the first time ever we ventured into the city to watch the parade. After the parade we had some incredible Chicken Parm at an Italian restaurant. Irish, Japaneese, and Italian all in one weekend.

Friday, March 16, 2012

Erie Canal

Construction of the Erie Canal begain in 1817. It is believed the canal is the most important works of civil engineering in North America. Originally, the canal provided a water way through the wilderness to points west. The canal connected Lake Erie to the Hudson river, thus providing the Great Lakes with a water route to the Atlantic Ocean. It helped turn New York City into a huge port because New York City connects the Hudson River to the Atlantic Ocean. Fright moved on the canal until about 1951 when cheaper alternatives were put to use. In 1990 New York State turned the 524 mile corridor into a recreational area.

I lived on the canal when I owned a house in Albion. I have walked it, driven over it on bridges, explored it, taken dinner cruises on it, and today I work in the Aquaduct Building where the Erie Canal crossed the Genesee River. Most people in this region have no appreciation for the canal and take it as granted - to them it is just a river with narrow bridges. It is hard to believe the canal is nearly 200 years old!

Tuesday, March 13, 2012

Phone Books

I came home from work and found this sitting at my front door. Do people still use these?

Sunday, March 11, 2012

Office/studio update: High Voltage

The office's closet is now framed. All of the high voltage cable is ran. Next? Install 16 outlets.

Saturday, March 10, 2012

Office/Studio Update: Low Voltage

1300 feet of low voltage cable ran to 20 electric boxes - done!

Friday, March 9, 2012

Lunch Time View

This is a view from the cafeteria windows at work. The park located in the bottom left of the picture is owned by Thomson Reuters.

Wednesday, March 7, 2012

School Board

Last night Mike, my youngest, gave a presentation to the school board on Hilton's reading program.

Tuesday, March 6, 2012

Office/Studio: Covering the ducts

Running through the center of the room are two heating ducts: one hot and one return duct. My plan is to construct a ladder on each side of the ducts and cover with fire rated dry wall. My concern is that it spans 3.5 feet. Will the 4 foot wide dry wall sag in the middle?

Sunday, March 4, 2012

Office/Studio Update: Boxes Hung

All the electrical boxes are installed. Second door is hung. cable paths through the studs are drilled. Now it is time to run some cable!

Saturday, March 3, 2012

Office/Studio update: Walls are frames

I finished framing the home office/podcast recording studio's walls and hung one of the two doors. Next comes the high and low voltage electrical boxes. Since this is also a recording studio there are 40 boxes to be installed!

Thursday, March 1, 2012

Past Construction Projects

The home office/recording studio construction project isn't my first construction project. I try to do something every year.

2003 - My house was built. I worked with the architect, the general contractor, and ran the low voltage cabling. The house is in a "L" shape with a colonial-style front and a ranch-style side.