Gone to the dark side..

Of companies and operating systems..  As a long term Window and Linux user with very little experience of Macs I recently made the move to the word of Apple.  While this is outside of the scope of my usual posts that tend to relate to enterprise security and architecture, I thought I would share as this is a pretty fundamental shift in my personal computing world.

I’m still not a fan of Apple as a company as I’m fundamentally against the whole ethos of locking people into a specific ecosystem with the clear intention of letting you only use that companies products and making it very hard to shift away once all your music etc is in iTunes / iWhatever.

However as a piece of hardware I totally love the Mac Book Pro, and the retina screen is amazing.

First impressions of the O/S are that it is OK, I seem to be getting around alright, and the ability to drop to a Linux command line is a great help.  The multi touch mouse pad is excellent, as is the ability to use it to ‘right click’ on links etc.  which is a great help!

So far I’ve installed Chrome, M$ office for Mac, Parallels, VLC, a few utilities and photo editing software.

I’m also pleasantly surprised by the battery life, given that this is a fairly powerful i7 CPU, Nvidia graphics (with automatic switching to Intel) etc.  even with the screen reasonably bright, and running a couple of virtual machines it still lasts several hours on the battery.

Overall so far very impressed, amazing screen, excellent battery life, great performance even when running multiple VMs, I think in part due to the decent SSD, and all in a lovely, relatively light weight aluminium package.  As mentioned still not really a fan of Apple as a company, but then how many large profit driven businesses really care about anything other than maximising profit? But I am a convert to the Mac Book as a useful and great to use tool.

I’ll likely post the odd update during the year as I get more used to the O/S and start exploring the performance and features of the device.

K

Advertisements

Been a while.. and 2013 plans

I realised it has been getting on for three months since my last blog post.. Getting back into writing posts has been on my mind for a few weeks, but things in life have been extremely hectic recently!  Briefly life has involved getting engaged, planning a rather cool wedding and honeymoon, redecorating an entire house, and not to mention starting a new job.

Work wise I am now a Senior Security Architect for WorldPay which is pretty much exactly the role I have been aiming to get for some time.  As with most roles the first few weeks have been a hectic time of getting to know the company, policies and processes, people as well as rapidly picking up constructive work.

I thought I’d start this years blogs with an overview of some of my plans relating to work and learning for 2013.  Obviously as it’s now nearly the end of February I am using ‘start’ or the year fairly loosely!

So looking ahead for the year, what are my plans / projects for 2013?

1. Complete my Masters project;  Due to everything that has been happening I requested as have been granted an extension until May of this year to complete my project.  I have completed and passed the rest of my Masters, so this is the final piece between me and being awarded the post graduate degree.  With continuing to get to grips with my new role and everything else that is going on, this will be a challenge, but something I need to complete.

2. Improve my knowledge of secure, always available multi-site data centre networking; Network security is one of my key focus areas, and this links nicely with the environment I am currently tasked with ensuring the security of.

3. Continue to lead and contribute to the Cloud Security Alliance Security as a Service working group.  This has become a major project for me that I have been leading for nearly a couple of years now.  This is another one that also ties in nicely with my WorldPay role as I will also be covering cloud security and strategy as one of my responsibilities.

4. Various smaller / side tasks including getting round to taking my TOGAF exam, attending various useful industry conferences such as RSA and Infosec (work budgets permitting of course), along with being successful in my new role and progressing at WorldPay.  This may of course lead to further projects this year depending on the tasks I need to achieve as part of my role, I’ll obviously keep you posted around any of these I can publicly discuss.

I’ll keep you all posted with my progress around these projects / tasks, along with other interesting things that happen during the year.  Hears to a productive and interesting 2013.

K

Consumerism of IT..

I have recently been asked a few times, by multiple companies, for my thoughts on the trend for consumerism of IT, and more importantly what it means for IT departments.  This is likely due to consumerism being up there as one of what seem to be the top three buzz terms at the moment;

– Cloud

– Consumerism of IT

– BYOD (Bring Your Own Device)

Putting cloud to one side for a moment as I like to cover that separately, consumerism of IT and BYOD are to me very linked so let’s discuss them both together.

First I’ll briefly cover what consumerism and BYOD are, then in a subsequent post I’ll give my thoughts on their current and future impacts on IT (or ICT as is now becoming the more common term) departments.

What is Consumerism of IT?

–         Consumerism of IT is concerned with the blurring of the lines between consumer and business IT devices.  Obvious examples include smartphones that can easily provide access to both personal and work emails from a single device, and tablet PCs such as the iPad that can be used for viewing and updating business presentations and emails along with consuming media and accessing the internet as a personal device.  The fact that devices like these have been driving change in the business world via their use as consumer devices is leading to the consumerism of IT.

What is BYOD?

–         BYOD refers to the moves of some businesses / IT departments to allow users to bring their own equipment such as a laptop rather than using company owned laptops.  As an example; this is often part of a program where the company would provide a budget for the staff to purchase a laptop, with certain rules such as 3 year extended support must be bought, the staff would then be able to use the laptop as both their own personal device and as their business laptop.  This can also often applies to other devices such as tablets and most commonly phones / smartphones.

While technically the two things can be taken in isolation it is the consumerism that aids BYOD in many circumstances – if smartphones couldn’t easily sync to business and personal email systems at the same time there would be limited desire from users to make use of a BYOD phone policy. However this ability enables users to carry a single rather than multiple phones so has obvious benefits to them while also offering business benefits such as lower costs and reduced management overhead.

K

Linus Torvalds interview on BBC website

Linux creator Linus Torvalds was recently awarded the Millennium Technology Prize by his home country of Finland.  Shortly before receiving the award he gave an interesting interview to the BBC titled;

Linus Torvalds: Linux succeeded thanks to selfishness and trust

The interview can be found on the BBC News website here;

http://www.bbc.co.uk/news/technology-18419231

K

Your smartphone is your PC!

Well nearly..

You can now run a full version of Ubuntu on your Android phone;

http://news.cnet.com/8301-1035_3-57424335-94/androids-new-ally-against-the-iphone-ubuntu/?tag=nl.e703

While phones are clearly not yet as powerful as laptops, they are becoming powerful enough to run standard productivity applications and web browsers etc which accounts for the majority of non gaming PC / Mac use.

This clearly marks a leap forward in that direction as well, allowing you to run what is in reality a fully fledged O/S with full versions of Open Office etc.

Plug your phone into a TV or monitor, use a Bluetooth keyboard and you are all set with a mini PC..

Luckily enough I’m about at the end of my current contract so will be swapping to an HTC one X in the near future.  I’ll download and give this mobile Ubuntu version a try then report back.

The future with your PC in your pocket, literally, is almost here!

K

IOPS and latency are not related – HDD performance explored

Recently came across this interesting and thought provoking post around IOPS and Latency.

We all know we need to consider IOPS as well as and often more critically than overall storage volume – 10TB of storage can effectively be saturated from a performance perspective but under 1TB of data that is read / written to at a high rate.  This is a message that many people don’t consider when they just say project X or application Y just needs xx GB of storage.

However even with the understanding of the need to assess IOPS required by a solution it is still possible to get caught out if you don’t consider the profile of these IOPS, and the impact of random reads and writes on the actual performance of the drives / array.  Add to this the fact that many manufacturers’ figures for their products are somewhat on the optimistic side and it is very easy to deploy a solution that at first glance appears to meet the performance requirements, but turns out to be very inadequate in practice.

So; of course consider your storage volume requirements, but make sure you pay great attention to the IOPS and latency requirements along with the usage profile. Then carefully design and test the storage solution to make sure it works as expected.

Post can be found here, interesting reading;

http://blog.richardelling.com/2012/03/iops-and-latency-are-not-related-hdd.html

K

Malware everywhere, even on Apples..

Various sources have been reporting on the recent Java hole that enabled malicious individuals to infect upwards of 600,000 Apple Macs that were running the latest, fully patched version of the O/S.

This Java vulnerability was actually known about sometime last year and has been patched on other systems.  Apple in it’s continued, and frankly misguided, belief that it’s systems are safe and don’t need protection like anti-virus software chose not to patch the hole until 100s of thousands of it’s customers had been infected.

The reality is that all consumer computer systems have vulnerabilities and it should be the expected duty of vendors to patch these as quickly as possible to protect their customers and their privacy.

We have all knocked companies like Microsoft for the amount of vulnerabilities and attacks that have occurred against their software, but the reality is that over the last few years Microsoft has made huge progress in producing more secure software, patching in a very timely manner, providing free tools like anti-virus, and working with law enforcement to bring down criminal bot nets.

Apple has avoided many exploits being created as it has historically been such a niche player.  Why create an exploit for a few machines when you can create one for orders of magnitude more?  As Apple has become more successful and there has been an increased uptake of it’s products in office it has become a more interesting and valuable target for criminals to try and exploit any vulnerabilities.

It is time for Apple to pull it’s socks up from a security stand point, and to become both more proactive and transparent in how it deals with issues and helps protect it’s customers.

For us users of any operating system it’s yet another reminder that we should keep our systems patched and run software to protect us from viruses etc.  Oh and not to trust vendors when then tell us their systems are safe and don’t need further protection.

Some detail and commentary on this issue can be found here at the links below;

http://nakedsecurity.sophos.com/2012/04/04/apple-patches-java-hole-that-was-being-used-to-compromise-mac-users/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=a6d16b7680-naked%252Bsecurity

http://news.cnet.com/8301-13579_3-57410476-37/apples-security-code-of-silence-a-big-problem/?part=rss&subj=news&tag=2547-1_3-0-20&tag=nl.e703

K