Eddie Mize and his fantastic art at CircleCityCon

Catching up: CircleCityCon, ColaSec, and Astros hack

June 17, 2015

It's been a very busy week and it all started last Thursday when I departed for Indianapolis to be the photographer for CircleCityCon. 1300 driving miles and 25 walking miles later and I was back home with 3473 pictures to go through, a ColaSec meeting to get ready for, and a baseball hack to write about.

I've gotten the pictures down to 400+ shots I like and I hope to have something by next week, if not earlier.

Here is the wrap-up post from our ColaSec meetup on Tuesday.

Finally, here is my writeup on Astros County regarding new information involving the Astros hack from last year. The Cardinals did it!

This post first appeared on Exploring Information Security.

Productivity vs. Burnout

September 23, 2014

I recently read an article that talked about the amount of time you should work every day.

Science suggests how long you should work. More interesting is how long you should take a break. I'm going to try: http://t.co/P8afZD45XL
— MichaelSantarcangelo (@catalyst) September 22, 2014

One of the findings from a study done on people working is that the people with the most productivity are the ones that work for 52 minutes and then take a 17 minute break. Now, these aren't people that sit at their desk and surf Facebook or Twitter or the internet during their break; these are people who get up and get away for a break or read a book for their break. Another point of the article is that we only have so much psychological energy each day.

I've been thinking about the article the last day and trying to put into perspective my own work habits. I think that breaks are important, but 17 minutes is only an average and I think some people are going to be more productive with a five minute break and some are going to work better after a 30 minute break. We're all different. I also think that we can condition ourselves to be more productive with less of the break.

What constitutes work? Is something you're passionate about constituted as work? I think that can play a factor as well. I've had a full day of work and then had two college classes. One of which was a Spanish course. I only had about a 15 minute break at lunch, as the other 45 minutes were spent on Spanish homework. Yet, here I am writing a post for my site, because I forgot to do it last night. But this doesn't feel like work. Some people might view maintaining a website as work, but not me. I enjoy this. It makes me feel like I'm being productive and not just sitting around on my ass.

Last year I was putting out two to three articles a week on The Crawfish Boxes (TCB). At times it felt like work, but for the most part I enjoyed what I was doing. This season I've taken a step back. Partly because of some of the things that transpired with the Astros; partly because I wanted to focus on advancing my career in information security; and partly because I was burned out. One post a week of 300-500 words is a lot work. I was doing three of those, plus two weekly podcasts, a breaking news podcast and eventually I spun up a monthly podcast and bi-weekly podcast. It was a lot of work, but came to me easy, because I enjoyed it. Still I burned myself out and I've been having some trouble refocusing my productivity towards information security.

I want be as productive for the infosec community as I was for TCB, but I also don't want to burn myself out. Burnout seems to be a small issue within the infosec community and I already feel it at my day job. I think there's a balance to be struck; I just need to find it.

This post first appeared on Exploring Information Security.

Baseball and Information Security: Red Team vs. Blue Team

August 12, 2014

By day I'm an information security professional; By night I'm a baseball blogger.

I've been thinking a lot over the past few months about some of the similarities between the two very different areas of study. This is meant to be thought exercise to try and get down some of these thoughts as well as further fleshing out the idea.

Red team vs. Blue team

St. Louis Cardinals vs. Chicago Cubs; Boston Red Sox vs. Torongto Blue Jays; Texas Rangers vs. Los Angeles Angels of Anaheim; Washington Nationals vs. Atlanta Braves; Philadelphia Phillies vs. New York Mets; Arizona Diamondbacks vs. Los Angeles Dodgers.

All the matchups above are teams with red vs. teams with blues. The most prolific matchup is probably the first one: Cardinals vs. Cubs. There's a long history of those two fan bases disliking each other. A lot.

It's a little more complicated than that, though. Within each team is offensive players vs. defensive players, so maybe the analogy goes better in a single game, rather than a series. So within a game you have your hitters, red team, and your fielders, blue team. But what does that make pitchers? Would pitching be the business objectives or goals. Depending on the agency it could be sensitive information or the asset that makes the business profitable. So pitchers are the business goals and the ball is the sensitive information that makes the organization operate.

A good defense/blue team is going to help minimize the impact a ball hit into play makes. There are very few no-hitters and even fewer perfect games. The same idea applies to security measures, there is no perfect defense. Someone will, at some point, get a hit or breach the network. The impact of that breach will be based on how good your defense is, but we shouldn't just focus on defense. To win the game you need to score some runs yourself and having a good red team or at least understand red teams tactics is important to win the game.

Baseball players play both sides of the game. Some are good at offense; some are good at defense. They play both sides of the game and that's something that I think also needs to be done in security.

This post first appeared on Exploring Information Security.