OWASP Training Day στην Αθήνα: 2011-05-25

Αναμετάδοση από το blog του Ελληνικού OWASP:

“Το OWASP Greek Chapter διοργανώνει ένα OWASP Training Day την Τετάρτη, 25 Μαΐου στο Αμφιθέατρο της Γενικής Γραμματείας Πληροφοριακών Συστημάτων, Χανδρή 1 & Θεσσαλονίκης, Μοσχάτο. Πρόκειται για μία εκπαίδευση από αυτές που σπάνια έχουμε την ευκαιρία να παρακολουθήσουμε στην Ελλάδα και ταυτόχρονα μια ευκαιρία ανταλλαγής απόψεων με μερικούς από τους κορυφαίους ειδικούς στο χώρο του Application Security παγκοσμίως.”

(read more)

Αξίζει και τον χρόνο και τον κόπο.

God Emperor of Dune [haiku]

Finished God Emperor of Dune
The BeBook is lighter than the book
Time passes in the bus

Management and the Public Sector

Overheard this weekend:

The Number One rule of management in the Greek Public Sector is: “If you want something done, assign it to someone who already has too many assignments and is overloaded”.

This closely follows my decade long observation that management works with those who work, leaving the rest at peace.

“We” vs “They”

I remember reading a quote somewhere in the tubes that goes like this:

“Those who divide people between good and bad, are always with the good guys.”

I can’t remember who originally said it though

Solving the Dilemma of State Responses to Cyberattacks

These days I am reading “Inside Cyber Warfare” (among other things). Chapter 4 (Responding to International Cyber Attacks as Acts of War) is written by Lieutenant Commander Matthew J. Sklerov. It is a rewrite of his 111-page thesis on the subject which is available online:

→ “Solving the Dilemma of State Responses to Cyberattacks: A Justification for the Use of Active Defenses against States Who Neglect Their Duty to Prevent”

Like I said, I have not read the Thesis, but I am reading Chapter 4 from “Inside Cyber Warfare”. It is highly explanatory of the US strategic and military dogmas, including running cross-border operations against enemies who are non-state actors.

Δημόσιοι Υπάλληλοι

“Ξεφυλλίζοντας” το BeBook σήμερα στο κολυμβητήριο των μικρών ανακάλυψα τους “Δημόσιους Υπάλληλους” του Καρυωτάκη:

Οι υπάλληλοι όλοι λιώνουν και τελειώνουν
σαν στήλες δύο δύο μές στα γραφεία.
(Ηλεκτρολόγοι θα ‘ναι η Πολιτεία
κι ο Θάνατος, που τους ανανεώνουν.)

Κάθονται στις καρέκλες, μουτζουρώνουν
αθώα λευκά χαρτιά, χωρίς αιτία.
«Συν τη παρούση αλληλογραφία
έχομεν την τιμήν» διαβεβαιώνουν.

Και μονάχα η τιμή τους απομένει,
όταν ανηφορίζουμε τους δρόμους,
το βράδυ στο οχτώ, σαν κορντισμένοι

Παίρνουν κάστανα, σκέπτονται τους νόμους,
σκέπτονται το συνάλλαγμα, του ώμους
σηκώνοντας οι υπάλληλοι οι καημένοι.

Για περισσότερο Καρωτάκη online, εδώ.

Better now than later

Two time management slogans that I like:

“Sooner is better than later”
“There are infinitely many ways to lose a day … but not even one way to get one back”

The former comes from “Time management for System Administrators“; the later from Tom DeMarco‘s “The Deadline“.

arfparse – a simple tool to extract ARF information

arfparse is a utility used to parse mailbox archives and extract ARF information, as described in RFC 5965 “An Extensible Format for Email Feedback Reports“.

It is meant to work as a preliminary processor, therefore output of the program is kept as simple as possible. Example usage:

$ arfparse -m ~/mail/aol.net

This will extract ARF information sent from scomp@aol.net assuming the FBL reports are archived in ~/mail/aol.net

arfparse is developed on OpenBSD with Panda-IMAP and should work with UW-IMAP too. It is the product of structured procrastination.

You can grab arfparse from GitHub.

Feel free to send me flames, suggestions and improvements.

PS: Yes, I would post about arfparse in the comments section here, but comments seem to be locked for now.

(χωρίς τίτλο)

20110418092 — Kostis Palamas, 2011-04-18

The Deadline – A Novel about Project Management

Dimitris sent me “The Deadline” as a gift for my birthday. Written by Tom DeMarco (author of “Peopleware“) it is a novel that aims to introduce the reader to the complicate and cruel world of software project management. It also explains why most software projects fail. Clearly. In a buy-this-book-for-your-manager-to-open-his-eyes way. Team formation, design, quality control, unrealistic deadlines, goals and schedules, it is all in there. So if you need psychological support when a project goes bad, you should read the book. It is a good bus read.

It is also a book that opens doors to new worlds. Thanks to the book I learned about the adventures of Mr. Tompkins by George Gamow in which he aims to explain modern scientific theories to a popular audience. I see my stack of unread books getting higher again. I also learned about iThink which seems pretty cool (but then again I find Systems Thinking interesting enough). Pity though that iThink costs as much as it does (should I write my half-baked hack of systems thinking software? Damn! When I cannot buy, I try to write code instead and thus pay in time).

What would I change in the book? I would completely discard the very last chapter. Totally unnecessary. But no harm done, since the story is only the vehicle for the project management message and the message does get through. I’ve been lucky enough to have worked with managers like Mr. Tompkins; for this I want to end this post with the very first notes in Mr. Tompkins’s journal:

Four essentials of Good Management:

Get the right people
Match them to the right jobs
Keep them motivated
Help their teams to jell and stay jelled

(All the rest is Administrivia)

Amen to that!