The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Archive for the ‘Personal Note’ Category

I pulled a Peacock today

Posted by Xavier Ashe on August 8, 2013

As if today wasn’t “exciting” enough, I just broke up a domestic dispute.

I am at a hospital with my wife who is recovering from some surgery. I decided to wonder the halls around 10 pm, looking for a snack. There was this guy following a few feet behind a girl saying things like “What? What am I doing? I’m just walking”. The girl was visibly upset and was telling him to go away, over and over. I watched for a while, acting like I was playing on my phone. I was hoping to see a silly argument, but it was apparent that he was just harassing her.

I walked over and told him, “I think she’s made her self clear. You need to turn around now.” I was prepared for him to get angry and take it out on me, but he just seemed broken. His shoulders slumped and his voice changed.

“But she’s my wife.”

I could see the pain in his eyes. “I’ve been there man. Sometimes it’s better not to push too hard. She needs her space right now”.

He kept repeating, “but she’s my wife” and, “where am I supposed to go?”

“Somewhere else in the hospital. I don’t know what you guys are going through, but she doesn’t want to be around you right now.”

“She’s got my baby in her belly.” He looked down the hallway in the opposite direction, wrestling with something in his mind.

I kept him in still, chatting away to let the girl get some distance. I walked on, hoping that was enough. I didn’t think this was going turn ugly, but your never know.

As I rounded the corner, she reappeared looking for a way out of the building. He started to approach again, but I walked her to the nearest open exit. As we exited, he got closer. I let her leave (I think she was was looking for a place to smoke).

“I don’t know anything about you two, but you are doing nothing but harassing her right now. You could be nicest guy in the world, or you could be violent type. Right now you need to back off.”

There was an intense glare from him. You could see the rage building in his eyes. “Oh shit, here we go” I thought. I put one foot back, leaned back for balance, and prepared for him to go ape shit. Then something broke inside his eyes. His muscles loosen and he looked at his feet. He silently walk outside, but in the opposite direction of the girl.

I noticed a police car in a adjacent building, and walked over. It was a sheriff. I gave him a run down of what was going on and he pulled his car around to the girl. I had to walk half way around the hospital to find a door that was opened. I headed back to my wife’s room.

Did I help or hurt? It’s so hard to tell. My southern upbringing makes me defend the girl, but I wish I could help the guy. He wasn’t a clear asshole or jerk. Things are never that black or white. He didn’t need to be “taught a lesson”. She might have been the biggest bitch in the world. Or, considering where we are, there could be a huge decision that she has to make.

So many possibilities, so many outcomes. I just hope I made the right call.

Funny enough, as I was walking around trying to get back in the hospital, I thought of Joe Peacock’s stories. It made me laugh out loud as I thought, “What would Joe do?” It would have probably involved a Waffle House.

Posted in Personal Note | Leave a Comment »

Hackers, too Close to Home

Posted by Xavier Ashe on March 25, 2013

I live in the far outskirts of Atlanta, Georgia.  It’s rural/suburban, with lots of horse farms and country clubs.  You never expect to have bad things happen near you home, myself included.  However, we do have some local drama that has bled in to my domain of information security.  It all started with this:

Acworth Teen Accused of Posting Nude Photos to Porn Sites

Authorities are investigating an Acworth teen who allegedly posted naked photos of at least eight children on pornographic websites, according to a Cobb County criminal warrant.

Interesting.  At this point I find it odd, but not too interesting.  Some kids getting in trouble.  Stupid trouble, but it sounds like this guy is not a pedophile.  Then more information came out.

Police Seek More Victims in Acworth Teen’s Alleged Child Porn Scheme

The Acworth teen who allegedly posted naked photos of at least eight children on pornographic websites created a company to gain the trust of the juveniles.

Cobb County Police Sgt. Dana Pierce said today that authorities believe Harrison High School senior Michael William Cook operated under the company name Maxi Focus Photography between Nov. 1, 2012, and Jan. 1, 2013, the time frame that he allegedly posted to pornographic websites “naked” or “erotic” photos of people that he obtained through fraudulent means.

Okay, now that steps it up a notch.  If true, this guy even got himself a fake business to entice girls.  So he may be more of a predator than I first thought.  At this point, it’s a wild story, but still a local quirky story.  It just happens to be walking distance from my home.  I was reading my security blogs this morning and came across this:

17-year-old arrested for hacking into phones, stealing and distributing explicit images of children

A US teenager has been charged with distributing child pornography he allegedly hacked out of minors’ cellphones with a bogus mobile text ad that installed phone-controlling malware.

According to 9News.com, Sgt. Pierce claimed that Cook sent text messages to victims from a company called “Maxi Focus Photography”.

When victims clicked on a link in the text message, it installed malware that essentially gave Cook access to all information stored on the phones.

That includes access to victims’ accounts on social network sites, such as Facebook and Twitter, as well as sexually explicit photos stored on the phones.

Cook allegedly downloaded offensive pictures and sent them to pornographic websites, Pierce said.

Now things are getting very interesting.  This is more than just using a fake photography “studio” to convince girls to get naked.  This was a lot more sneaky, if true.  I’ve done security forensics before and they almost always are child porn cases.  For me, I was always helping prove that someone knowingly downloaded child porn, and usually disproving the “It must have been a Virus” defense.

This is different.  If true, my neighbor was hacking into phones and stealing nude photos.  In my line of work, we talk about the various type of threats we have and what are their motivations.  Now we can add perverted 17 year old boys trying to find naked pictures of teenagers.  What if can across your banking info?  Think he’d buy himself a couple of video games?

I can think of several lessons here:

  • Everything on a computer is discoverable.  If you have a naked photo of yourself, it could get posted somewhere.  Those files seem to live forever.
  • This is even more true on phones.  Did you know that many photos are automatically “backed up” onto servers (especially on non-smartphones)?  Things like IM and texting are unsecure and can be read by others?
  • Teach your children about security.  Do you tell your children about dark alleys at night?  Then tell them how to avoid getting attacked on the internet.  Here’s a few good links:
  • Install Anti-Malware on your Smartphone and Tablets. Here are two of my favorite (and they’re free!):

I’ll keep monitoring the situation and see how things evolve.  For this kids sake, I hope it’s not true.  We’ll see how the investigation goes.

Posted in Personal Note, Security | Leave a Comment »

A free tool to Scan to PDF that WORKS!

Posted by Xavier Ashe on February 18, 2013

My move from running RedHat on the desktop back to Windows 7 hasn’t been too bumpy.  Only one big driver corruption issue that took me a couple of days to solve, but it seems running Windows is like riding a bike.  I have a need to scan a good bit of documents into a single Adobe PDF file.  The driver & software package that comes with my Lexmark printer only scans to individual files.  I had been using PDF Creator, which has a tool to suck up all the individual jpegs and put them in a PDF.  It was clunky, and often files would be out of order.

I went on a search today to find another tool to meet my needs.  I tried 5 different freeware or shareware programs.  The first four didn’t function in some way.  Most just errored out, one didn’t even run.  I finally found NAPS (Not Another PDF Scanner).  The only problem I have is that the default permissions on the program folder in which it runs keeps it from saving a config file.  Running it as Administrator worked for setting up my profile.  Now it runs fine as under regular permissions.

Just wanted to share to possible save someone else some time.  Cheers!

UPDATE; well, NAPS ended up being too buggy for me.  I went back to the developer page on Sourceforge and saw a comment that some one else has forked the project.  Yay, NAPS 2 is better!  Open Source FTW!

Posted in Personal Note | Leave a Comment »

My Evolving Security Philosophy

Posted by Xavier Ashe on February 5, 2013

From the very start of considering a move from IBM Security Systems to Bit9, I gave a lot of thought to my security philosophy.  I really do believe strongly in IBM’s security portfolio, and I wanted to make sure moving to Bit9 didn’t undercut my security philosophy.  Working for IBM taught me a lot about holistic security and how good security products are usable no matter if you have basic security maturity, or advanced.  I generally focused on the network side of security, mainly in SIEM and NIPS.  I’ve shied away from endpoint security (for the exception of dabbling in forensics and TEM), because it’s such a headache. Virus scan software is a joke, letting just about everything modern in.  Case in point with the recent attacks at the New York Times:

Over the course of three months, attackers installed 45 pieces of custom malware. The Times — which uses antivirus products made by Symantec — found only one instance in which Symantec identified an attacker’s software as malicious and quarantined it, according to Mandiant.

I see this all the time.  That’s why products like QRadar and IBM Security NIDS are so popular.  You have to fall back to the network, if can’t get control of the endpoint.  Why attack the endpoint?  It’s seems to be the easiest and most successful.  There’s typically three categories of attacks:

  1. Remote attacks launched from the internet (DoS, SQL Injection, etc.)
  2. Insider threats, and
  3. Infect an endpoint, then launch attack from within (phishing, drive-by downloads)

Network based protection is very useful at blocking and/or detecting all three of these attacks categories, but that leaves you with a perimeter based security protection.  With perimeter based security, one tries to tackle the channels of infections like email and web browsing.  There are tons of solutions that help with this, but nothing helps as soon as that endpoint walks out the door.  Network security should be used to protect infrastructure, not endpoints.

So what can be done to protect the endpoint?  IBM Tivoli Endpoint Manager does a lot to manage all the small stuff like patch management, software delivery, compliance, and virus scanning.  I say small stuff, not to dismiss its importance, but they are processes that should be in place already.  Having TEM take care of it all is just easier.

When I was at IBM and a customer was worried about the Insider Threat, we would use either TSIEM or QRadar to pull in system and audit logs.  What we usually found near pure chaos, since it’s very hard to figure out what is what within system logs.  The best approach I have found is using white list policies.  We would build profiles of acceptable behavior in an environment, filter it out, then analyze the rest.  It was a great approach and bled over into some of my other SIEM and NIPS scenarios.

The reason I bring this up is that one of the reasons I like Bit9’s software is that it employs a similar white list approach, but looks to be MUCH easier than the rat’s nest that is system and audit logs.

Let me summarize:

  • Network security is best when focused on protecting infrastructure like hosted applications and databases.  It loses effectiveness when trying to secure the endpoint.
  • As for hosted applications, security vulnerability testing and security development should be a closed loop.
  • Insider threats can only be managed if you are doing system and audit log analysis.  It’s a costly investment, but worth it to certain business sectors like banking and military.
  • Endpoint protection must include basic measures including patch management, lifecycle management, and basic written security policy.
  • I believe SIEM is critical to tie it all together and should be the single pane of glass.
  • Maturity in other security processes like identity management, access management, policy, compliance, encryption, and asset management help all your other security investments.
  • Overall security policy governance has to be tailored to the size and type of organization.

As I write this out, I see that going after endpoint security with Bit9 fits for me.  I am looking forward to learning more about its capabilities and how our customers would like to use it.

Posted in Personal Note, Security, Uncategorized | 2 Comments »

Impressions of Windows 8 for the family

Posted by Xavier Ashe on January 25, 2013

I’ve been running Windows 8 on one my laptops since it’s release and put in the kitchen for my family to use.  It’s a powerful laptop, i7, 12 gb RAM, nice graphics card.  I’ve used it, as has my wife and my three elementary age kids.  My teenagers have their own PCs and laptops.  I’m now replacing this laptop (need to give it back to IBM) with another.  It has Windows 7 on it.  Note, neither laptops have a touchscreen.

My first thought was to reformat with a fresh Windows 8 install, since it will be the new family machine.  Windows 8 has family controls built in to the OS, has PIN logons, and the Metro look and feel is very nice.  But I started thinking about how many family uses it.

My wife was constantly frustrated about trying to get stuff done on it.  The Metro version of IE has some shortcomings, mainly not running flash unless Microsoft approves it.  She googled how to recreate a Start button, and if she uses this machine, she goes directly to the desktop.  She never used one of the Metro apps, but she also has her own laptop with Windows 7.  She installed Chrome and stopped using IE 10.

My boys (ages 6 and 8) love the Bing app.  They can spend hours just searching various star wars names and looking at the image results.  But IE has problems with various sites like starwars.com and lego.com.  I put a Chrome icon on their Metro home page.  It of course runs in the desktop.

My 10 year old daughter does a lot of homework online.  Half of her sites don’t work in IE 10, so she uses chrome, too.  My 8 year old boy attends an online school.  Again, IE 10 doesn’t work.  Word processing is via Symphony, on the desktop.

Even though I installed a bunch of free Metro games for the kids, they don’t use them.  They want the games on PBS, Star Wars, Lego, American Girl, and other web sites.  They each got their own Android tablets for Hanukkah, so all those Metro games have similar ports on Android and are more fun to play on a touchscreen device.

The only positive things out of Windows 8 is the Bing Search app, parental controls built it, and my kids learning how to use the new OS.  But in the end, most just go to the desktop and launch Chrome.  The new laptop has a fingerprint scanner, so there’s no reason for a password or PIN.

I think I will leave Windows 7 on the new family laptop.  I get my new work PC next week.  I will contemplate putting Windows 8 on there for a while and see how it works for work.

Posted in Other Technology, Personal Note | Tagged: | Leave a Comment »

Moving On and adding some Bits

Posted by Xavier Ashe on January 11, 2013

As of February 1st, I will be leaving IBM.   It’s been a great 7 years.   I never thought I could enjoy working for a large company, or working so long in the same position.   Man was I wrong.   IBM really has some great people, and I had the best quality of life during my tenure.   Even though I was in the same position, life was rarely dull with constant acquisitions (nearly one per year that affected me!).   I started off working with NeuSecure/TSOM, then TDI, then TCIM, then TSIEM, then AppScan, then Proventia and SiteProtector, then BigFix/TEM, and finally QRadar.   That’s a busy seven years!

Well, what’s next?  I have accepted a position at Bit9 as a client partner. I am excited about this on several fronts.   One, I think the technology is amazing.   I’ve never been a big supporter of virus scan products.   They just never seem to offer adequate protection.   Bit9′s approach is to whitelist the good stuff as opposed to trying to find all the bad stuff.   I really think this is a better way to secure endpoints.   I’ll be posting more on my security philosophy soon.

Secondly, I’m excited to be moving to a small company.   Not only is moving to a start-up* exciting, the people there are too.   Everyone I’ve talked to so far seems to be on the same page as me when it comes to security philosophy, business philosophy, and look to be very fun to work with.   I was lucky to find a good crew at IBM, and it looks like my luck continues at Bit9.

Also the client partner role looks to be very fulfilling.   When I look back on my time at IBM, I really enjoyed the time that I could form long-term relationships with my customers.   That’s also where I found the greatest success.   This position looks to mix engagement management, relationship management, and technical account management. I’m also planning on doing some evangelist work too.

I am so excited to get started at Bit9 in February.   I will have to spend some time deprogramming myself as an IBMer, but I think this is a good move with a good company with a great product.

* Bit9′s been around for about 7 years and can hardly be called a start-up anymore.   But every company seems like start-up when coming from IBM.

Posted in Bit9, ISS, Personal Note | 4 Comments »

Comments and WordPress links

Posted by Xavier Ashe on May 21, 2012

Looks like I missed a bunch a comments. I thought WordPress was emailing me alerts for new comments, but that broke at some point. I just happen to notice them when I finally got around to downloading the WordPress android app. So if your comment was just now posted, it’s all WordPress’s fault. I usually stay on top of that. I love getting your feedback.

Also, the comments alerted me to the fact that WordPress changed the directory structure, breaking some links. I’m going back through my recent posts. If you see any more, let me know.

Posted in Personal Note | Leave a Comment »

Leaving Vegetarianism to Eat Healthier

Posted by Xavier Ashe on February 4, 2012

My first beef in twenty years.

My first beef in twenty years.

As of this year, I have been a Vegetarian for twenty years. The beginning wasn’t that noble. I was a teenager and wanted to empress this pretty ballerina. It didn’t really work, but the move helped me start forming my self image. I dived into Native American spirituality and explored other aspects of the new age culture. I stood firm on three reasons that kept true for the last twenty years.

  1. Killing another animal is profound and should be done with respect for the life you are taking.
  2. Most the meat available is from factory farms. There are many reasons to despise these places.
  3. As poor as I eat, if I ate meat too, I’d be huge. I’m still the fattest vegetarian I know.

As my life started to settle down after marriage, house, and twins, I looked for ways to slow down and enjoy life. I wanted to improve myself in ways that would effect my children. They pick up on so much that I do. It’s my job as a parent to make the right choices for myself, as well as them.

I have tried getting into a regular exercise routine. I kept with several different programs for months, but saw little difference in my weight. I also used the exercise as an excuse to eat even worse (I’m burning extra calories, right?!). The only time I really felt a difference was when I was single and on the prowl. I’m married and lazy now.

My trips overseas helped me get some perspective. I have always been struck by grocery stores in many part of the world have 80% FOOD. Not processed food, but real food. I realized that I don’t eat real food. I mostly at things that come out of a box. Even when I cook, I take several things out of different boxes. This bothered me, but I no idea how to change it. I had grown up in the world of supermarkets and worldwide food transport. There are no seasons, all the “fresh” food looks perfect, and 80% of a grocery store is processed food. And nearly everything has some type of corn and/or soy by-product.

Leah and I also started going to Ner Tamid, a Jewish Congregation here in West Cobb. I was really struck by a good explanation of why reform Jews follow Kosher rules. It’s all about mindful eating. When you set forth and think about the foods available to you, and you stop and ask your self if it follows God’s laws, you think about God. You’ve now brought your spirituality to the table. I liked that idea. I don’t give much thought to my eating. I just eat want I want as long as it’s not meat. I wasn’t giving much thought what goes in my body. I wanted to have food be a more important part of my life, to know where it came from, what it does to my body, and what it may do to my children eating this over a lifetime.

I knew I wanted to make a change, but I didn’t know how. Then Leah stumbled on the Paleo plan – a way of eating that mimics the way our human ancestors ate for the vast majority of human existence. The more we read about, the more it made sense for us. I wasn’t a real vegetarian, I was more like a starch and carb-o-tarian. Once I was better educated about how our bodies deal with starches and carbs, I knew I needed to shift.

There are a ton of different Paleo diets out there with slightly different takes on the same premise. Leah and I decided on the Whole30 plan.

There was a big problem. It’s a hunter and gatherer diet. Hunter’s ate meat. Plus, once Leah named out all the restrictions, I realized that was nearly my entire diet. I knew I ate poorly, but never this poorly. The decision was surprisingly simple once it came to it. I had a diet plan that I liked and I wanted to make a change. Then when I realized I had reached my 20th year as a vegetarian, it all came to a head.

I started a few weeks ago. I removed dairy and sugary food. Within 2 weeks I noticed a change in my face. At 3 weeks, I weighed myself and had loss 6.5 pounds. I felt good and it was pretty easy. A week ago I cut out grains, legumes, and everything else on he paleo plan. I accidentally picked up some older slacks for work on Thursday and was delighted to see they fit.

Today I had my first bite of beef in 20 years. It was a bunless grass fed beef burger at Yeah Burger. It was very tasty. Eating meat will round out my diet and help my body reset it’s metabolism and glucose tolerance.

Leah and I also watched Food Inc the other night. It made me realize that I can eat meat and do so in a humane and sustainable manner. Since then we found a local butcher that had all sorts of local humanely raised meats. Plus, we found a farm only 15 minutes away from out house that sells locally.

It all feels good. I feel confident that I can stick with this. It’s a bit tough when I am traveling to find something, but I am getting better at it. And it forces me to be midful, to remind myself that this is good for me, my wife and my kids. I lasted 20 years skipping out on meat. Let’s see if I can do 20 years of mindful eating.

EDIT: I just found this on the Whole30 website and it’s a good summary:

I eat real food – fresh, natural food like meat, vegetables and fruit. I choose foods that are nutrient-dense, with lots of naturally occurring vitamins and minerals, over foods that have more calories but less nutrition. And food quality is important – I’m careful about where my meat, seafood and eggs come from, and buy organic local produce as often as possible.

This is not a “diet” – I eat as much as I need to maintain strength, energy, activity levels and a healthy body weight. I aim for well-balanced nutrition, so I eat both animals and a significant amount of plants. I’m not lacking carbohydrates – I just get them from vegetables and fruits instead of bread, cereal or pasta. And my meals are probably higher in fat than you’d imagine, but fat is a healthy source of energy when it comes from high-quality foods like avocado, coconut and grass-fed beef.

Eating like this is ideal for maintaining a healthy metabolism and reducing inflammation within the body. It’s good for body composition, energy levels, sleep quality, mental attitude and quality of life. It helps eliminate sugar cravings and reestablishes a healthy relationship with food. It also works to minimize your risk for a whole host of lifestyle diseases and conditions, like diabetes, heart attack, stroke and autoimmune.

Posted in Personal Note | 6 Comments »

Autism Scholarship Program

Posted by Xavier Ashe on January 15, 2009

My two step sons, Jorge and Leo, are part of a Autism Scholarship Program that is being hosted by Myles-A-Part.   Myles-A-Part is partnering with two other Atlanta organizations to offer its first family therapy grants for families living with Autism.  Please take a few minutes a watch the video below.  If you or your company would like help our boys get the services they need, go to http://www.mylesapart.org/scholarship.html to get more information.

Autism: Hope & Help for the Journey (HD Version) from Matt Gibson on Vimeo.

Posted in Main Page, Personal Note | Leave a Comment »

Bill Cosby likes my first Computer

Posted by Xavier Ashe on August 21, 2008

My dad got one of these for Father’s Day when I was 6.  It was the TI-99-4a. I still have it and it still works.

Posted in For Fun, Personal Note | Leave a Comment »

Most influential movie of my life: Wargames

Posted by Xavier Ashe on July 25, 2008

For me, the inspiration for the project was a TV special Peter Ustinov did on several geniuses, including Hawking. I found the predicament Hawking was in fascinating — that he might one day figure out the unified field theory and not be able to tell anyone, because of his progressive ALS. So there was this idea that he’d need a successor. And who would that be? Maybe this kid, a juvenile delinquent whose problem was that nobody realized he was too smart for his environment. That resonated with Walter. So I said, let’s actually go talk to people about how a kid could get in trouble and get discovered by a brainy scientist and take it from there.

Wargames was one of my favorite movies.  I was just getting into hacking and phreaking at the time while running a BBS.  I soon found my self at 2600 meetings and eventually getting interviewed by the feds (it wasn’t a job interview).  The only movie that comes close is Sneakers.  Wired has done a great job digging up some great interviews, and while I usually roll my eyes when Mitnick gets interviewed, he was impacted directly with this movie:

Mitnick: That movie had a significant effect on my treatment by the federal government. I was held in solitary confinement for nearly a year because a prosecutor told a judge that if I got near a phone, I could dial up Norad and launch a nuclear missile. I never hacked into Norad. And when the prosecutor said that, I laughed — in open court. I thought, “This guy just burned all his credibility.” But the court believed it. I think the movie convinced people that this stuff was real. They tried to make me into a fictional character.

Read the full article.

Posted in For Fun, Personal Note | Leave a Comment »

The Lazy Genius has been moved!

Posted by Xavier Ashe on May 19, 2008

If you are reading this, then you have found the new home for The Lazy Genius.  I was using Blogware, and while I loved the software, I was getting too much traffic and too few ad clicks to justify paying for it.  So I am on the free version of Wordpad and so far so good.  My biggest gripe is that I cannot add any javascript widgets.  So chances are I will be make another move soon to my own server.  We’ll see.

This week I am at a customer site implementing TSOM 4.1.  I hope that anyone that is still using 3.1 considers upgrading.  The new features and robustness is worth it.

Posted in Personal Note | Leave a Comment »

Open Call for Auditions

Posted by Xavier Ashe on May 13, 2008

DigiTribe Productions, LLC (Geekin’, After, The Statement of Randolph Carter) is pleased to announce open auditions for our newest feature film project, currently known as “The $1,000 Feature“.

The Project:
Our goal is to push ourselves to our creative limits and create an
entire 90-minute feature film for exactly $1,000. We will be keeping an
open production diary throughout filming and publishing the budget as
the money dwindles away. The film itself is a dark, violent drama about
one man’s quest to save a friend. For more information on the 1KF,
please check out our website — www.digitribe.net
Due to the ultra-low budget nature of the film – compensation will be limited to meals, credit & copy.

Characters: Most, but not all, roles are for early 20’s to mid 30’s, male and female. Further information on roles can be found at: http://www.digitribe.net/projects/1kfeature/audition/roles

When and Where: Auditions will be held Saturday, May 24th from 11:00 AM to 4:00 PM at Eyedrum, located at 290 MLK Jr. Drive, Suite 8, Atlanta, 30312. Performers will be seen on a first come – first served basis.

RSVP: Headshots and resumes will be accepted in advance and can be sent to 1kf-auditions@digitribe.net or PO Box 42 Jonesboro, GA 30237.
Some performers who pre-submit a headshot & resume may be selected
for the Priority List. These performers will be notified by email, and
will be sent to the head of the line when they arrive at the audition.

Posted in Personal Note | Leave a Comment »

You need a Mercedes Benz

Posted by Xavier Ashe on March 21, 2008

I am selling my Benz.  Who wants it?  $500 off the edmunds.com price by mentioning this blog.

2003 MERCEDES C320
Price:$18,268
Mileage:77,129
Color:Black
Doors:4
Features:
 Air Bag, Air Conditioning, Anti-Lock Brakes, CD player, Heated Seats,
Leather Interior, Power Seats,  Power Steering, Power Windows, Security
Features, Side Impact Air Bags, Sunroof, Traction Control
 
Additional Comments:
This car has served me well, but I am getting married and need to get a
bigger car (more kids!). It is priced to move. It's in near perfect
condition. This is a very fun drive. Give us a call to schedule a test
drive any time (we work from home). More details: AM/FM Stereo;
Multi-CD Changer; Cassette; Premium Audio System (Bose); 4-Wheel
Anti-Lock Brakes; Dual Control Air Conditioning; Alloy Wheels; Cruise
Control; Front And Rear Head Air Bags; Rear Window Defroster; Power
Seats; Leather Seats; Power Door Locks; Power Heated Mirrors; Power
Windows; Power Steering; Front And Rear Side Air Bags;
Sunroof/Moonroof; Tinted Glass; Power Tilt Wheel; Bucket Seats; Fog
Lights; Lighted Entry System; Automatic Climate Control; Memory Driver
And Passenger Seats; Power Telescopic Steering Wheel; Clock; Trip
Computer; Stability Control; Anti-Theft Alarm System; Rear Bench Seat;
Remote Trunk Release; Leather Steering Wheel Trim; Center Console;
Garage Door Opener; Keyless Entry System; Wood Interior Trim; 16 Inch
Wheels; 3.2L V6 SOHC 18V FI Engine; Tachometer; Traction Control; Audio
Steering Wheel Controls; Leather Shift Knob Trim; Intermittent Wipers;
Daytime Running Lights; Turn Signal Mirrors Contact Xavier Ashe
404-229-8905, xashe@digitribe.net

Posted in Main Page, Personal Note | Leave a Comment »

New IBM Redbook – Deployment Guide Series: IBM Tivoli Compliance Insight Manager

Posted by Xavier Ashe on February 19, 2008

In order to comply with government and industry regulations, such as Sarbanes-Oxley, Gramm-Leach-Bliley, and COBIT, enterprises have to constantly detect, validate, and report unauthorized change and out-of-compliance actions on their IT infrastructure.

The Tivoli Compliance Insight Manager v8.0 solution allows organizations to improve the security of their information systems by capturing comprehensive log data, correlating this data through sophisticated log interpretation and normalization, and communicating results through a dashboard and a full set of audit and compliance reporting.

We discuss the business context of security audit and compliance software for organizations, and we show a typical deployment within a business scenario.

This is the second IBM Redbook covering IBM Tivoli Compliance Insight Manager – the first book being the Compliance Management Design Guide with IBM Tivoli Compliance Insight Manager, SG24-7530.

This IBM Redbooks publication is a valuable resource for security officers, administrators, and architects who wish to understand and deploy a centralized security audit and compliance solution.

Download the Deployment Guide Series: IBM Tivoli Compliance Insight Manager
Publish Date:   February 15, 2008     ISBN Number:   0738485705

Posted in IBM, Personal Note, Security | Leave a Comment »

More feedback about IBM Security

Posted by Xavier Ashe on November 3, 2007

I am getting word if more and more coverage on these announcements that IBM made on Thursday. Here are a few excerpts from new stories:

Investor's Business Daily: “It's an extremely ambitious strategy but also one that plays well to some of the company's fundamental strengths,” said analyst Charles King, of research firm Pund-IT, whose clients include IBM. It “does very well at developing end-to-end solutions and its view of enterprise IT is quite sweeping in comparison to some of its competitors.”

eWEEK: “We've been seeing the security market itself lurch form headline to headline, and customers in particular need to stop thinking about their strategy in terms of the latest crisis,” said Lovejoy. “We're trying to elevate risk management above other security conversation; starting with PCI fits that mold well, because it dovetails with this concept of starting with a risk management plan.”

Investor's Business Daily: “The more we engage with our clients, the more it becomes clear that security as it has been until now is broken,” said Val Rahmani, general manager of infrastructure management services for IBM Global Technology Services. “Many clients have 32 different vendors doing security for them. Who can manage 32 different vendors doing related aspects of the same thing?”

InfoWorld: “[IBM is] in a position that few others in IT can match or challenge when it comes to having a fairly complete story across multiple aspects of enterprise IT and systems integration—but security had long been an obvious gap in that story,” said Scott Crawford, an analyst with Enterprise Management Associates. “What they are pushing towards with this announcement is a strategy that takes a more comprehensive approach to security across multiple fronts. With the rise of focus on a more strategic approach to GRC, I would expect more vendors to take a more strategic approach to the IT security and risk management market,” he continued. “This is an example of a company that can take on such an initiative with more credibility than many.”

And we also have some video and radio coverage:

Posted in Personal Note, Security | Leave a Comment »

IBM Security, a good place to be right now!

Posted by Xavier Ashe on November 1, 2007

Just to name a few…  So, yeah, I've been busy.  I am now working on both Tivoli Security Operations Manager (TSOM) and Tivoli Compliance Insight Manager (TCIM).  These products work very well together in what is dubbed “The IBM SIEM Solution”.  The articles above speak of Tivoli and Watchfire (part of the Rational brand) in Software Group and ISS in Global Technology Services.  So the $1.5B will be spread around a bit.

The comforting thing is that IBM is making a significant investment into allowing it's recent acquisitions (Consul, Micromuse, ISS, Watchfire) work together to meet the customer's needs.  No longer will people doubt me when I say “I'm a security guy” and “I work for IBM” together.

Here's the official press releases:

Posted in Personal Note, Security | Leave a Comment »

This security boy got religion!

Posted by Xavier Ashe on May 24, 2007

Hello to all you security geeks out there.  This is just a quick note to let you know I have another blog that I just started.  I just joined the Unitarian Universalist Congregation of Atlanta (UUCA) and wanted to write up some of my spiritual perspectives.  So if any one is interested, the name of the new blog is Gnu UU.  See… I may have went and got all holy and stuff… but I'm still a geek.  Look for continual erratic updates to this blog.  Thanks to all my readers, keep the emails coming, but feel free to comment every know and then too!

Posted in Personal Note | Leave a Comment »

This is just too much fun…

Posted by Xavier Ashe on May 4, 2007

[15:21] olgafun01: Hello,How are you doing?
[15:21] me: good
[15:22] olgafun01: Okay
[15:22] olgafun01: Can you still help me
[15:22] olgafun01: ?
[15:25] me: help you?
[15:26] olgafun01: Yeah
[15:26] olgafun01: I told you before that i wanna clear my goods down there in African and i need your help
[15:26] olgafun01: By given me some money to clear the goods out of threre and get it sell and after bthat i gonna pay you back as soon as i get the mony paid from him
[15:27] me: sure, how much are we talking about?
[15:28] olgafun01: $750
[15:28] me: no problem, send me your account number and routing number and I'll get it to you
[15:31] olgafun01: Okay
[15:31] olgafun01: But i dont have that
[15:32] olgafun01: Dont need of account number for now.you gonna make the payment through western union
[15:34] Meebo Message: olgafun01 is offline

It's nice to be entertained every now and then.  I can't believe the persistence.

Posted in Personal Note | Leave a Comment »

Scammers don't know when to quit

Posted by Xavier Ashe on April 18, 2007

Except when you mention the FBI:

[13:53] olgafun01: How are you doing?
[13:53] olgafun01: Hello
[13:53] olgafun01: Buzz!!
[13:54] me: Ever get back to the US?
[13:55] olgafun01: Yeah
[13:55] me: Good, what city is it that you live in again?
[13:56] olgafun01: Am still in UK
[13:56] me: So are you in the US or the UK?
[13:57] olgafun01: UK now
[13:58] olgafun01: But i wish to get to you before next 2 weeks okay
[13:58] me: okay… You live in Atlanta right?
[13:59] olgafun01: Nop
[13:59] me: where do you live?
[13:59] olgafun01: I live in Clarksville TN
[13:59] olgafun01: That is where am really from
[13:59] olgafun01: And you?
[13:59] me: oh yeah, that's right. So whatcha doing in the UK?
[14:00] olgafun01: I tolld you before that i wnet to UK for some project
[14:01] olgafun01: U there?
[14:02] me: What is that you do for a living?
[14:02] olgafun01: I work as an interior Decorator / computer Consultant for interior/remodelling companies….
[14:02] me: sounds fun.
[14:03] olgafun01: Ohh yeah
[14:03] olgafun01: What do you do too?
[14:04] me: Internet Fraud Investigations
[14:04] olgafun01: Okay
[14:05] olgafun01: So where are you?
[14:05] olgafun01: Tell me what you really do for you living?
[14:05] olgafun01: Coz that is not wor
[14:05] olgafun01: work
[14:06] me: yes it is. this is part of work I do: http://www-935.ibm.com/services/us/index.wss/summary/imc/a1026055?cntxt=a1000451
[14:07] olgafun01: Okay
[14:08] me: But I am more on the consulting side. I go help companies track down the bad guys
[14:08] olgafun01: Okay
[14:08] olgafun01: That is a good work
[14:08] me: yeah.. it's fun. I get to work with the FBI alot.
[14:08] olgafun01: Brb please

She may be back, but it's been about 45 minutes.  I think she might be a bit scared now.  We'll see.

Posted in Personal Note | Leave a Comment »

 
%d bloggers like this: