firstinitiallastname

Sloppy Sysadmin

Tim Erlin — Mon, 30 Aug 2010 21:14:12 +0000

I just booked a room for an event at a Starwood hotel (Westin, W, Sheraton). I wanted to start the process over, so I just cut the URL back to the TLD and I got this page. Um…okay.

Analyst 2.0

Tim Erlin — Mon, 30 Aug 2010 17:38:34 +0000

If you need a laugh, and ever deal with analysts, take a look at the Harvester Fave, Magic Kingdom and DreamCycle in this report.

Security Through Obscurity and the TSA

Tim Erlin — Wed, 09 Dec 2009 19:20:03 +0000

My post, just not here.

Vulnerability Management Panel Featuring…

Tim Erlin — Mon, 27 Jul 2009 14:12:27 +0000

…me, Ron Gula, Sheldon Malm, and Bob Greenbaum. You can listen to the recording here.

Will Code for Food

Tim Erlin — Tue, 23 Jun 2009 20:55:27 +0000

Here’s a slideshow of the worst US cities for IT workers. Here’s the list of them:

1. Detroit, MI
2. Bentonville, AK
3. Cleveland, OH
4. Syracuse, NY
5. Boston, MA and San Francisco, CA
6. Any town in Alaska
7. Orlando, FL

You can compare that to the 10 cities with the best IT job prospects:

1. Atlanta, GA
2. Boston. MA
3. Chicago, IL
4. Dallas, TX
5. Los Angeles, CA
6. New York/New Jersey
7. Philadelphia, PA
8. Seattle, WA
9. Silicon Valley, CA
10. Washington D.C/Baltimore

Poor Boston seems a bit schizophrenic. Of course, one could argue that “Silicon Valley” and “San Francisco” are too close to each other to be counted differently. I mean, what percentage of IT workers employed in SF actually live within city limits? To be fair, ‘where the jobs are/aren’t’ is a different metric from ‘best/worst.’ You could have a high number of jobs, but still end up in the ‘worst’ group if the external environment is bad.

Easy

Tim Erlin — Mon, 22 Jun 2009 13:29:13 +0000

There are a lot of businesses that make it hard for their customers to actually buy something. They organize their stores in confusing ways, open and close at odd hours or on odd days, and institute policies that *seem* good for the company or shop, but really only serve to make it harder for customers to buy. Return policies are the best examples. Many companies institute policies that are restrictive about how and when you may return merchandise you don’t want. Operations like Zappos and Nordstrom take the opposite approach. It’s hard to argue that one way or the other is the right way to run a business. Both are successful, and when talking about return policies, there’s probably a right balance.

There are other ways, however, to ensure that your product is easy to buy. I walked by this shop called Gather (warning, auto-music on link) yesterday and it had this sign in the window.

Caribou, as you can probably guess or already know, is a cafe. Gather is located right next to Caribou. There are a lot of shops that post signs saying “no food or drink,” which is really saying that if you are eating or drinking, they don’t want your business. Gather could have posted nothing, implying that drinks are ok. This sign, however, simply suggests that once you have your half-caff, extra strong, skim, no-whip mocha, you might just enjoy drinking it in their shop instead of sitting in Caribou.

Finally Help That’s Helpful

Tim Erlin — Tue, 16 Jun 2009 16:53:52 +0000

I have a strong dislike for automated help systems that fail almost completely to actually help you. So I was really pleased to find that Whirlpool is actually quite helpful with my refrigerator. I heard a dripping sound from the fridge, checked out and found that it was indeed dripping and filling a pan underneath. I went to Whirlpool’s website, put in that I have a refrigerator, the type and ‘dripping water.’ The second search result was “A water dripping sound may be heard as water runs into the drain pan during the defrost cycle,” and it comes with an mp3 of the sound so I can identify if it’s the same sound I’m hearing. Nice.

Web App Vuln Stats

Tim Erlin — Tue, 16 Jun 2009 14:21:00 +0000

Some stats about Web Application vulnerabilities from White Hat Security.

Around 30 percent of Websites are likely to contain content spoofing bugs
18 percent, insufficient authorization
17 percent, SQL injection
14 percent, predictable resource location
11 percent, session fixation
11 percent, cross-site request forgery (CSRF)
10 percent, insufficient authentication
9 percent, HTTP response-splitting flaws

To be fair and accurate, of course, these statistics apply to the sample group of White Hat Security customers, not the entire Internet.

The Segway Problem

Tim Erlin — Sun, 14 Jun 2009 17:57:03 +0000

The Segway was a revolutionary feat of engineering. It’s called “dynamic stabilization” and allows the Segway to run on two wheels without falling over or causing the rider to tumble off. When it came out, people were interested.

The problem with Segway is that the thing that makes it unique, the feature that’s hard to replicate, isn’t actually that important to the market. See, you can deliver a personal mobility machine suitable for almost everything the Segway does without ‘dynamic stabilization’ technology. Just add a third wheel.

Not a Segway

Questions to Ask Yourself

Tim Erlin — Fri, 12 Jun 2009 17:14:21 +0000

Ok, it’s really only one question: Why am I here?

The link is to a short blog post that’s worth reading if your day generally involves attending meetings.