Nov 262016

(actually we don’t usually sit in the data centre; it’s too noisy and usually the wrong temperature for people)

There is a perception amongst people that security “gurus” who work in network security are spying on all your network traffic. Not the hackers (which is a whole other matter), but the people who run enterprise firewalls. We do, but we’re not interested in what you are doing but instead what is being done to you (and the enterprise as a whole).

Frankly nothing strikes me as more boring than spying on someone’s porn browsing – if I really need to, I’ll hunt down my own porn thank you very much! And we’re busy; you could probably double the size of every network security team in every organisation on the planet and still nobody would be sitting around twiddling their thumbs.

On the subject of porn (as an extreme example), it is not a security issue. There is an argument that browsing porn sites is putting yourself at greater risk of picking up some kind of nasty infection, but avoiding porn sites to avoid getting infected with malware is a tactic that results in your computer being infected. So the intended content isn’t a problem as far as security is concerned, but we’re interested in unintended content.

Now there are places that enforce browsing censorship – blocking anything that isn’t work-related. That role is usually dumped on the network security people because they have the tools to do the job.

Does porn browsing on the office matter? Of course it does – some people are upset by the sight of such things, and almost as important, when someone is browsing porn they are not working. But such matters are best dealt with in the office by the line manager – if someone isn’t doing their work it doesn’t matter if they are browsing porn, hitting Facebook, or snoozing under the desk. All should be dealt with appropriately by the line manager.

And centralised censorship is a rather clumsy tool – blocking Facebook is all very well if it is to prevent personal usage of the Internet, but what about the Marketing department using Facebook for publicity? Or the Customer Service department keeping an eye on Facebook for product problems that they need to look into? These can be allowed through on a case-by-case basis, but it highlights that censorship is a clumsy tool.

The word from a nameless vendor who is in this space, is that in many cases this censorship has less to do with preventing people from doing “naughty” things, and more to do with controlling bandwidth usage. And as bandwidth becomes cheaper, there is less interest in censoring Internet activities – certainly from a personal perspective I notice a decrease in the number of people who complain they cannot visit certain sites because of work’s “firewall”.

There is also the subject of TLS inspection where firewalls intercept and inspect TLS or SSL encrypted traffic between you and “out there”. Again there is a suspicion that we are for whatever reason spying on your activities. The answer to this is the same as previously – why should we bother? It is too much like hard work, and frankly most of the information that passes through a firewall is unbelievably boring.

No, TLS interception is used to do the boring task of inspecting traffic for malware, spyware, and other security threats. And with the increasing use of TLS to encrypt traffic it is becoming more and more important to do TLS interception for security reasons.

Yes there are those who would use that sort of technology to spy on your activities, but those organisations are typically nation states … and repressive ones at that. But it is extreme foolishness to blame a useful tool for the abuses that an abusive government perpetrates.  Your average enterprise just isn’t that interested in what you’re up to.

And if you still don’t believe this, there is a simple answer: Do anything private on your own private network.


Jul 192016

(because everyone else has some)

  1. Stay in the shade; the big shiny thing in the sky is the heat source.
  2. If you are in the sun, wear white; it absorbs less of the heat from that big shiny thing. See point#1.
  3. If you are in the shade, wear black; it radiates more heat. See point#1.
The New Defence

The New Defence

Jul 142016

You do surprise me. Who would have thought it? If you go to work in a place with zillions of sick people each of whom gets a stream of visitors, you get sick more frequently than other jobs?

The accountants have been at work and decided that the NHS could save up to 2 billion by “doing something” about the sick days. Perhaps they should consider banning sick people going to hospital.


Apr 102016

Every so often, my view of youtube shows up videos about Americans visiting the UK, and when I’m really bored I’ll try one out.

There are a number of differences between the USA and Britain, but I’m going to concentrate on the differences in language. Some words have entirely different meanings in the UK. But first, just for your own safety, here are the different words for different parts of the UK :-

Name Description
United Kingdom of Great Britain and Northern Ireland The formal name of the country. Usually shortened to UK or Britain.
Northern Ireland The 6 counties of Ireland that refused to become part of an independent Ireland.
Wales  A country to the west of Britain that was conquered by the English in the mists of time. The Welsh have refused to be called English ever since; don’t start as it won’t make you popular.
Scotland A country to the north of Britain that was conquered by the English in the mists of time. Don’t call them English; they’ll be as Scottish as possible when trying to correct you, and you probably won’t understand them.
England The largest part of Britain. The English are polite but not necessarily nice (you don’t take over the countries of the Welsh and Scottish by being nice).

The key fact to remember from that table above is that England is not Britain as a whole. We might be polite about it, but we won’t forgive you.

Now there’s plenty of spelling differences between what you Americans call English and real English, but I’m going to concentrate on the spoken differences. Just about the only serious point is this: As soon as you start speaking, we know you’re American (or Canadian) so we know you don’t speak English properly (it’s English not American). So when you make the occasional gaff (that’s a mistake BTW), we’re going to know you don’t really mean what you said. We might make fun of you, but usually we’ll be polite about it.

To give an example, way back in the mists of time when the film “Shag” (that word means sex in the UK) was launched in the UK, we may have made a few jokes but we were not expecting to see pornography when we went to see the film.

gas: In the US, you stick gas into your petrol-driven cars; in the UK we put petrol in instead. Gas is of course either what happens when you heat up a liquid so it enters a gaseous state, or what happens when you eat too many beans.

fags and faggots. In the US these two words are derogatory terms for those of a homosexual persuasion. In the UK the first refers to a cigarette, and the second is a meat dish whose sole purpose in life is to appear on menus to horrify American tourists.

pants: In the US this is outer clothing; in the UK they are underwear. Don’t talk about pant stains; there’s just too many opportunities for off-colour jokes.

fall: In the US this is the season between summer and winter. In the UK if someone trips you over, you have a fall; the season is called autumn.

bathroom: In the US this is used for the room that contains a toilet; in the UK we get clean in the bathroom and name the room with the toilet after the porcelain found within it.

sweets and candy: In the US, stuff with lots of sugar is called candy; in the UK they’re called sweets. Although frankly you would have to work quite hard to get confused about this – whether it’s a candy store, or a sweet shop, the contents of the window are self-explanatory.

mailbox: In the US this is where you find the stuff printed on dead trees that people have sent you. In the UK we call this a postbox, or frankly more commonly a letter box. In the UK, we use mailbox to refer to where our electronic mail is kept.

fanny: Refers to a different body part in the UK than in the UK. Without getting too explicit, in the UK a fanny-pack would be a good alternative name for a tampon.  Not a good area to get confused!

There’s a whole lot more, and I’ll add to this list when I feel the urge.



Feb 202016

2012-05-19-sheep standing guard.small

The whole Welsh carnally like sheep thing is pretty funny? Plenty of opportunities for jokes in there. But do you know where it comes from?

Unfortunately I don’t have a source for this (I’m a bad historian!), but I do remember reading it from a respectable history book.

In medieval times, there were two crimes you were likely to be charged with if you were caught in possession of sheep you didn’t own back then. One charge (sheep stealing) was dealt with by the King’s courts and dealt harshly with any property crime – sheep rustlers could and frequently were hung for stealing sheep.

The other charge (unlawful carnal knowledge of a sheep) was dealt with by the Church courts who were somewhat more lenient, and the punishment was more likely to be a fine or a short imprisonment.

Anyone with half a brain would opt for the Church courts, and it seems from the records that the Welsh picked up on this legal loophole very rapidly. After all being known as a sheep-shagger is somewhat preferable to being hung.

WP2Social Auto Publish Powered By :