General, Podcasts, Security

Podcast #58 – Bill Brenner, CSO Online

29 Sep , 2008  

This week Bill Brenner, senior editor at CSO Online, joins Alan and me to discuss the impact the financial crisis will have on security in enterprises, small businesses and the security industry itself. We're likely to see a lot more federal regulations and this could actually be good for network security (see my Network World blog post about recessions, transparency and network security.) The interview is also a good insight into the world of a media writer/editor, as Bill shares why he move from reporting on the everyday security news to his new position where he gives his own insights and comments into what's happening.

Alan and I also talk about a host of items including the every evolving M&A activity in the security industry, Apple's wonderful blackbox "we know better" iPhone (which wiped out all of Alan's music during a recent upgrade), and "green IT" press releases by Mirage Networks and others.

Enjoy the podcast. If you are interested in sponsoring the podcast, feel free to contact us.


Our”Near”Economic Depression and What Its Likely Cost Us

21 Sep , 2008  

 600,000 jobs lost already this year. 6.1%unemployment rate, which increased during the last six-months more thananytime in the last 25 years. Record numbers of mortgage foreclosures. $700billion emergency federal bailout debt plan to buy up bad mortgage debt. Newgovernment backed insurance and $50 billion in Federal funds as a backstop formoney market funds, because of a record $169 billion drop in money market fundassets during the week. And, an $85 billion bailout of AIG, $29 billion tosupport Bear Sterns, $25 billion to bailout for Fannie Mae and Freddie Mac,and Lehman, the largest corporate bankruptcy in US history. And that was justfor the week of September 15th. We're adding over $1 trillion to our nationaldebt and we don't even know if we're out of the woods yet.

Everybody hinted at it but no one would use the word "depression" untilSenator Chuck Schumer publicly said on Saturday that a depression was a possibleresult if the federal government didn't take the action of buying up badmortgage debt from banks. I only hope congress will not only put the mortgagedebt legislation in place, but also include some obviously needed regulatoryoversight controls, help for the likely mortgage defaults and personalbankruptcies still to come, and recoup the executive compensation of theofficers and execs at the failed institutions the taxpayers now own. In arelatively few days our financial market system will have gone from anunfettered, corrupt and under enforced market to one that we the taxpayers ownand operate a great deal of.

After concerns for my own investments, my next thoughts turned to my hopes wewould fix our out of control health care insurance system and make serious movesto becoming the global leader in alternative energies. If the federal governmentis willing to plop down $1 trillion of our money to save our economic systemfrom utter collapse, will we have the focus, willpower, and cahoonas to investin alternative energy development and reforming health care? My fear is we'llspend the next 3-4 years tied up with hearings, investigations, commissions, andwork on legislation to re-invent our financial system. Will we have the nationalwill to address health care and energy or will we be consumed by the fallout andresponses to our current economic meltdown?

Certainly, fixing our governmental and financial system failures is toppriority. We've also got to get the economy growing again, and get theunemployed back to work. But no matter who you choose to blame, Republicans orDemocrats, the Congress or the White House, under enforced governmentregulations, lax governmental agency and congressional oversight, sub-prime mortgage lenders, or corrupt Wall Streetcompanies and executives, creative financial instruments virtually no one understands, etc., we still have to get our economy moving again. Fixing ourfinancial crisis may costs us a lot more than just the $1 trillion we're puttingdown right now. We may have sacrificed our chances for healthcare reform andenergy independence in the process. I certainly hope that's not the case. And keep your fingers crossed that we're through the worse of the financial meltdown events and no more taxpayer dollars are needed to come to the rescue. Someday we'll have to get back to figuring out how to help the actual taxpayers in all this mess.


Turn off your computer tonight

18 Sep , 2008  

Chris Dawson at ZDnet links to an article in the Boston Globe about the state saving money by turning off computers at night. From the Globe Staff written article:

Massachusetts officials say they have found a simple way to save $2million a year and reduce carbon emissions by more than 5,000 tonsannually: turn off computers that aren’t being used.

The state announced today that it has issued a new computer powermanagement policy that calls for tens of thousands of state computersto be shut down or switched to "sleep" mode when not being used.

I recently did a podcast and put up a blog post about Power IT Down Day, an awareness day event sponsored by HP, Intel and Citrix to help the federal government save money by powering down users’ computers at night.

Since then, I’ve powered all my unnecessary equipment down each night to save energy by turning them off at the power strip. That way laptop and other power supplies don’t sit there and still consume power. It’s small step but a good practice to get into, and actually it only took a day or two to get used to the change.

So turn off your unused computer at home and at work tonight.


Google and GE Think Green but Is There Enough Research?

17 Sep , 2008  

Google and GE announced todaythey are collaborating to help promote the development of more powertransmission lines for wind farms, smart-grid technology, software for a moreflexible power grid that can accommodate demands of hybrid vehicles, andgeothermal visualization software. I know one of the big issues for wind powergeneration is getting the generated power transmitted from wind farms to citieswhere it’s needed. There’s a good sized wind farm north of Ft. Colins (north ofDenver) but from what I’ve heard, it’s growth limited because the powertransmission runs east and west, and doesn’t have enough capacity to deliver thepower south to the Denver area.

But one of the disturbing factoids I saw in the CNET articlewas from GE’s CEO. "Immelt [GE CEO] noted that the energy business typicallyspends about 1 percent of revenues in research and development, compared to 7percent in health care."

1% investment in research? Yikes, that’s atrocious. Not only does congressneed to renew the tax credit incentives for renewable energy investments, weneed to demand our energy companies heavily invest in renewable energy. Whyisn’t Xcel Energy building transmission lines so we can have more wind farmpower generation? What about government incentives for other investments? Tobecome the renewed kind of USA Tom Friedman talks about in Hot,Flat, and Crowded, our investment and startup capital has got to drasticallymove into renewable energy and technologies.

I’m sick of the extreme green makeover TV commercials by ExxonMobile purporting them as somehow doing great research into alternativeenergies. Don’t get me wrong, I’d love it if the oil companies really did investheavily into developing alternative energies and technologies, but I find theirTV commercials trying to just do an image makeover offensive.

I do applaud Google and GE for taking a stand and collaborating in theprivate sector.


The Green Green Garage of Home

16 Sep , 2008  

If you follow my blog you know I’m working to make our home and my family’slife greener, more environmentally friendly. I’m much more conscious aboutturning off lights, running the air conditioning a little less andkeeping electronic gadgets with thirsty power supplies turned off. But mybiggest struggle has been getting rid of our Suburban SUV. Part of it has beengiving up the roomy vehicle and part of it is balancing buying the right vehicleI really want. Anything that gets 30 MPG or less doesn’t even seem worth it, andI’m just disgusted our automobile industry can’t produce more vehicles that getwell over 30, even 40 MGP. Our country has just been down right lazy aboutfuel economy and me right along with it. But I’m not going to buy an SUV thatgets 22 or 24 MPG when what I want is 30 to 40, or more. I’ll just drive my"subhuman" (my nickname for the Suburban) a lot less. My alternative has been toride scooters.

My garage now has two scooters, a 150cc for my wife and a 250cc for myself.They get around 70 to 75 MPG respectively, and that’s driving around town, nothighway mileage. The biggest compromise in changing my driving habits to ascooter has been safety on the road. I took the motorcycle safety training a fewyears back, and I "strongly suggested" my wife take the course, which she didthis past weekend. Still, I try to be extra cautious when driving the scooterand always wear a helmet.

We traded out the dirt bikes (sold them) we owned and used the cash forscooters. You can get an amazing deal on scooters if you are willing to shoponline, and do some basic set up and maintenance on the scooters. Frankly, it’sreally easy. Just pull the scooter off the crate (wood or metal cage, on awooden pallet), put acid in the battery and seal it up, hook up and charge thebattery (charger included), put on the mirrors and stuff like the riding deck(where your feet rest), check the tire pressure, and go through andcheck/tighten bolts and screws (a little Locktite helps too).

I found our Chinese manufactured SUNL scooters online, for about $1000 and$2000 respectively, shipping included! Dealers want $2500 and $3500 for the exact same bike so youcan save a bunch of bucks on the scoots and on sales tax if you are willing todo a little (very little) work yourself.

Tonight Mary Ellen and I went for a ride over to Anthony’s Pizza for somedinner. We had cheese slices and soda. It reminded me of when we were first married and lived on LongIsland, NY. After dinner, we popped back on the scoots and drove through the neighborhoodon the way back home. It was fun.

While I can’t say we’re officially "green" since the subhuman is still around, but the garage has definitely gotten a bit greener recently. And with gas still around $3.65/gallon, it’s pretty satisfying when I need to visit the pump on one of the scoots. It makes my wallet happy too.

Hardware, Podcasts, Security

SSAATY Podcast #57 – Tom Noonan

16 Sep , 2008  

It's that time again and we really have a "big show" for you with episode 57 of the SSAATY Podcast. Industry veteran and luminary Tom Noonan joins Alan and me. Unless you are new to security, you know that Tom was the co-founder of Internet Security Systems (ISS) which was sold and is now part of IBM. Through ISS, Tom helped make intrusion detection, vulnerability management, unified threat management, and security research (through the X-Force team) commonplace within the security industry.

Tom's now retired from IBM following ISS's integration into the company and is now on the advisory board of Rohati. Rohati provides Network-Based Entitlement Control (NBEC), offering the Rohati TNS 100, 500 and Central Management System products. Tom's excitement about Rohati and the Rohati team is clear and you can tell he's enjoying his advisory role with the company.

 During the podcast, we reflect on Tom's early experiences with ISS and how that has shaped and relates to today's security industry. Tom's view is that it's still early in the life of the security industry and there's ample opportunity for new companies and technologies to emerge and make an impact.

Whether you are a security newbie or veteran, you'll find the interview with Tom informative and inspiring, so join Alan and me in welcoming Tom to episode 57 of the podcast.

As a wrap up, Alan and I talk about some of the acquisition rumors, including Citrix being in play with Microsoft, Cisco and IBM, and Juniper is looking at Aruba and Meru Networks. Alan also applies some smackdown on Mirage Networks for making such a big deal about running their NAC product as a virtual software appliance. Alan also surprises us with his less than enthusiastic experience with his iPhone 3G, and surprisingly is ready to bring back his Microsoft Windows Mobile 6 phone in place of the iPhone. I'm glad Alan's finally seen the light and sees Apple for what it is, a closed hardware and closed software company that's more about cool fads and cultish followings than easy to use, functional, customer centered products. Since recording the podcast, Apple's now taken to banning competitive products from App Store too! Looks like Alan isn't the only one with iPhone buyer's remorse.

Remember to send us your comments and questions to You can also subscribe to the podcast via iTunes or at

Podcasts, Security

SSAATY Podcast #56 with Michael Montecillo of EMA

7 Sep , 2008  

The latest installment of the SSAATY podcast is up and available. Michael Montecillo, a security practitioner and analyst with Enterprise Management Associates, stops by to join Alan and me on the podcast. After tricking Michael into a setup Brazilian Jujitsu match with Chris Hoff, we turn our attention to more serious matters; the roll of analysts in the network security industry. The discussion covers the influence analysts have on a vendor's fate, how much vendors can influence analysts and their coverage, and just how reliable predictions are by analysts. We have a good bit of fun and I know you'll enjoy the podcast.

The podcast was recorded in the Medioh studios in Boulder, Colorado, by Medioh CEO Scott Converse. Special thanks to Scott for hosting us one again and acting as our podcast sound engineer.

We have a new URL for the podcat, if you'd like to subscribe to the RSS feed or listen to other episodes.

Enjoy the podcast!


Blog, Security

New Blog: Security For All by Joe Webster

6 Sep , 2008  

A former co-worker and security software developer dude Joe Webster  started up his own blog, Security For All ( Joe joined StillSecure back when I was CTO and I remember he was interested in the whole blogging and podcasting thing back even then. Hey, Joe… I'm surprised it took you so long to start the blog! 🙂

Seriously, Joe's not only a sharp guy but is also dedicated to improving securty. Plus, he's a really nice guy and great keyboard/composer. So check out Joe's new Security For All blog. He has a good post up there in response to one of Joel Snyder's videocasts about Network Access Control.