Terry Zink's Cyber Security Blog

Discussing Internet security in (mostly) plain English

What I’ve been up to lately

What I’ve been up to lately

  • Comments 1

It’s been a long time since I have written anything on this blog. I haven’t been idle, though. I’ve been doing several things that I have prioritized over blogging. Here's a summary:

  1. Trying to get an iPad app developed

    As I wrote about in February, I launched a Kickstarter project to create a travel-themed app for iOS. I needed about $25,000 to fund its development to do a quality job, but unfortunately my fundraising goal fell short. The iOS app is dead, it's too expensive to create.

    However, I re-incarnated it as an HTML5/CSS3 web page. I'm working on it when I have time. I first have to learn HTML5 and CSS, not to mention javascript, and I was doing that for part of February and much of March. One of the most difficult parts is creating the theme of the webpage; my graphic design skills are very weak.

     
  2. Supporting unauthenticated email over IPv6

    In February, we received a request from one of our customers that they wanted to receive unauthenticated email over IPv6. "Unauthenticated" means:

    a) Senders must not need to getwhitelisted ahead of time before sending email to the receiver. This renders my previous plan for IPv6 useless (for more details of that plan, see my post A Plan for Email over IPv6, part 1). 

    b) Receivers must not require an SMTP transaction over TLS in order to accept email over IPv6 (which is something we already do today).

    By combining both of these two requirements, we were going to have to come up with a solution that scaled in IPv6. To figure this out, I had a series of discussions with people smarter than myself - both within the company and requesting help from people outside of it. I learned about how various email receivers are dealing with this problem and decided to align ourselves with them. The result is that we have a workable IPv6 plan. I will describe this in more detail in a series of posts in the future.

     
  3. Reading other books not related to spam or security 

    In addition to working a regular day job, I like reading books about neuro-science (how our brains work) and behavioral economics (how we really behave, vs. how rational economics predict we will behave). But I also like reading books on anthropology (the study of human development over the course of history). These are the same area-of-interest in my articles on Practical Cybersecurity.

    I started reading more and more books on my Kindle devices. Most people I talk to about this say they prefer books, and I like physical books, too. However, the ease at which I can go online and download a Kindle book... the instant gratification is too strong to resist! Anyhow, here are a few books I have read over the past few months that fall into this field:

    The World Until Yesterday, by Jared Diamond. For much of our existence as a species, we humans were hunters-and-gatherers. It is only in the last 10,000 years since the agricultural revolution that we settled in large groups. In evolutionary terms, this is only around 0.1% of development. In this book, Diamond looks at the last remaining hunting-and-gathering tribes left in the world and compares how they live to how we live, how we all may have lived only a few tens of thousands of years ago, and what lessons we can draw from it.

    - The Signal and the Noise, by Nate Silver. In 2008, Nate Silver of the FiveThirtyEight blog rose to fame by correctly predicting the outcome of 49 out of 50 states in the US Presidential Election. In 2012, he predicted all 50 of 50 states. In this book, Silver looks at why we are so bad at forecasting (for example, elections, the weather and earthquakes) but also goes over how much our forecasting has improved over the past thirty years (for example, earthquakes and the weather, but not the economy or elections).

    - Predictably Irrational, and currently reading The Upside of Irrationality, by Dan Ariely. Dan Ariely is a professor of Behavioral Economics. In his two books, he describes how we as humans do things that are counter-intuitive and not always in our best interests (contrary to what rational economists predict), but that these counter-intuitive behaviors are predictable and can be used for improving performance. As an industry, computer security can probably learn from these.

    - The Honest Truth About Dishonesty, by Dan Ariely. Why are we as people so dishonest? What factors influence us to cause us to become more dishonest? What factors influence us to become more honest? Did you know that the probability of getting caught doesn't really affect it one way or the other? I didn't. It's one of the things I learned from reading this book.

    - You are not so Smart, by David McRaney. This book goes into all the cognitive biases that we as humans have. After identifying these behaviors in myself, it's a wonder that I ever get anything done. 

    - The Wheel of Time Series, by Robert Jordan. When I went to Argentina, I took along a couple of fiction books. I've been reading these books of Robert Jordan's fantasy series off-and-on for the past couple of months and I am enjoying them.

     
  4. Trying to exercise more

    Perhaps this is TMI, but it's my blog and I can write about what I want. As a computer guy, I don't get enough exercise. This is especially bad because I sit down a lot all day, and sitting is terrible for your health. It wreaks havoc on your lower back and hips. While my back is still fine, I have had problems with my hips for years. I need to exercise to get the health benefits because I do feel better after I go, move around and stretch.

    I have a gym membership but I don't go as often as I could or should. To motivate myself to go more often, I decided to apply something I learned from the above books on behavioral economics. We, as humans, will feel the pain of a loss far more than we feel the joy of a gain. We also feel the effects of short term behaviors (I don't want to go to the gym tonight since I am too tired) more strongly than long term ones (going to the gym to stave off the effects of a sedentary lifestyle). This is known as hyperbolic discounting.

    To combat my lackadaisical approach to exercise, I told my wife "If I don't go to the gym at least 8 times in the month of March - which is twice per week - I will give a friend of mine $250." $250 is a painful amount; enough to hurt if I don't comply but reasonable enough for me to follow through and not write it off.

    And it worked in March - I went to the gym 7 times and went hiking twice (a hike counts as a gym session because I typically go for several miles up a couple thousand feet of elevation gain). I'm currently behind in April but I am working on catching up.

When you combine all of those points together, it adds up to less blogging. I plan to change this blog a little bit so that I post less original content (my own analysis) and more pointers to other articles with some commentary by me. In that way, I hope to get my post count back up.
 
So that's what I have been up to this year so far.
Leave a Comment
  • Please add 6 and 8 and type the answer here:
  • Post
  • Hey Terry!

    Glad to hear you're back :) Sent you a message via contact form. Check it out and get back to me!

    Cheers,

    Daniel

Page 1 of 1 (1 items)