March 28th, 2008 Anthony Towry
I just ran across a short Python script that interfaces with a web service on dominos.com and outputs the order status. It's a short script with nothing fancy, parsing SOAP like POX and printing out the status. That said...how cool is this?!
Why? Because I want to be able to mashup everything. I don't, but I want to have the ability too. What if I hook my Asterisk box into kicking off and looping this until it's "Delivered", maybe I make it update my glowing LED orb in the corner? Cool? Hell yeas it is.
The point of all this crap is, make it easy for me to automate the tasks that I would otherwise have to perform manually and I will probably buy pizza from you.
Posted in Programming | No Comments »
March 26th, 2008 Anthony Towry
If you haven't heard already, Scott Guthrie has posted some exciting news to his blog regarding the ASP.NET MVC framework. The general geek population now has access to current releases of the code allowing the bravest of developers to build it up, play with it and debug it.
It may be a while before we see serious uptake of this framework, but I could use the lead time.
Posted in Programming, Web development | No Comments »
March 18th, 2008 Anthony Towry
An article by RSnake at DarkReading.com opens up discussion on where compliance and regulation is carrying the corporate attitude toward security.
Failing to pass audits significantly impacts the c-level of an organization. Which in turn affects the value of the organization. The idea is that in the end, this sort of breakdown in security can be more damaging than getting owned by some hellbent hacker.
I wonder how many organizations are including compliance weights appropriately in their risk management strategies.
Posted in Management, Security | No Comments »
March 15th, 2008 Anthony Towry
The Mono Project has recently reached a major milestone with it's release of Mono 2.0 Beta. The new beta of the framework supports .Net 2.0 and some preview support of 3.5 functionality. This is a pretty incredible project when you stop to think about it.
Read the rest of this entry »
Posted in Programming | No Comments »
March 9th, 2008 Anthony Towry
CSOOnline.com has recently published an interactive Flash map of the states that have data breach notification laws on the books and key information about those laws.
This map clearly allows the interested to sort out the maturity of a particular state's data disclosure laws. Our law here in the great state of Oklahoma is specifically mentioned in the first paragraph, and not for it's maturity.
The author of the article points out that Oklahoma's law only applies to state government agencies. He could go further by saying that if agencies don't disclose promptly, there are no civil or criminal penalties and there is no private right to action. The law is loosely written to apply to a handful of breaches and if it's not followed closely, oh well.
Even Texas has a better law. You've got to be kidding me. How does your state stack up?
Posted in Security | No Comments »
March 3rd, 2008 Anthony Towry
The Google Summer of Code is back for another round. If you're a college coder looking for a great way to work for a non-profit open source organization this summer, check out the GSoC. For the rest of us, we can sit around and wait for the new developments to be added in to our favorite projects.
OSVDB has posted some of their ideas for the GSoC. Check out some of the interesting stuff there.
I like the OSVDB Port Listing Project suggestion. Initially I didn't think much of this, but the possibilities for integrating this with firewalls and IDS systems could be really cool.
The other suggested project I found interesting is the idea of creating a Vulnerability and Patch Management Portal with OSVDB. Vulnerability management practices are going to become increasingly important in the coming years and tools like this should be well received.
My only issue is that, if I were handling vuln management for an organization I wouldn't be particularly keen on storing any information on my organization's current patch level, schedule, etc. out on the internet.
The Summer of Code projects are interesting, inspiring and great way to get some more attention for community oriented projects. I'm looking forward to seeing what gets done this summer.
Posted in Community, Programming, Security | 1 Comment »
