Encryption “would not have helped” at OPM, says DHS official | Ars Technica

 

I occurs to me that the individuals on the news channels and those in our government asking questions about the large data breach at OPM are asking the wrong questions.

One of the news channels was interviewing a guy who’s data had been stolen. He hadn’t worked for the federal government since 1992. What was obtained was his initial resume and the paperwork associated with hiring him along with security background check documents and subsequent work evaluations.

Since the data about this person hadn’t been relevant well over ten years that data should have been recognized as not vital to the current needs of the government and been put in an ‘At Rest’.

“Data At Rest” is a term that is sometimes used to refer to all data in computer storage while excluding data that is traversing a network or temporarily residing in computer memory to be read or updated. [REF: http://searchstorage.techtarget.com/definition/data-at-rest ]

With the reported amount of data that was taken we need to ask two things:

1. How much of the data taken was actively being used for day-to-day operations of OPM (Office of Personnel Management).
2. Of the data that was not being used to meet the immediate (or imitate) needs of OPM why was it still available on an accessible network?

The long-and-the-short of it is the information that was taken should not have been that readily available in the first place.

Encryption “would not have helped” at OPM, says DHS official | Ars Technica

Engine Reduction System

I'm just testing out some programming to connect a website I'm working on to social media ... please ignore ( thanks )



Engine Reduction System

How to play Agile Poker

How to play Agile Poker

 

 

http://youtu.be/a8z8V4VrJ2o

We had a situation where we were experiencing a bottleneck in our Agile process at the point of the Quality Assurance checks. A part of the problem was a lack of manpower at QA, but a larger part was the developers and the fact that they may not have had enough information to properly address the story.

So I need a mechanism whereby the individual developer would be encouraged to ask more questions and communicate a little more closely with product owners and other stake holders to make sure they were addressing the request with a more targeted effort.

I addressed this as a management issue.

How can I get the development team to feel it is OK to ask questions, gather information about the task at hand before writing or adjusting code? How can I get the product owners to provide better stories in their requests so the developer would have enough information right out of the gate?

My answer was Agile Poker.

Now you can’t do this with every sprint otherwise it gets boring; detracts from the novelty.

First, obtain some wooden nickels. They are inexpensive and you can customize them with a team name, product name and release info. Designed right you can give them to the folks in marketing (opps, business development) afterwards they can use at trade shows and stuff like that.

Anyway, for every sprint task a developer completes and promotes to the Peer Review they get one token. You can also work out the token values on the front end, i.e. more time for task the more tokens it is worth.

If the task fails the peer review or QA checks they lose their tokens.

The developer with the most tokens as the end of the sprint wins.

The prize can be a crisp hundred dollar bill or a gift card or a years’ worth of Netflix or something – the prize could even be something the team picks prior to the sprint.

Anyway….

I’m Jim Harris – let me know if your team uses something like this.

http://www.wooden-nickel.com/

Video Resume:   https://youtu.be/Yao1DVQV1Tk

In my position as Vice President of Product Development at Lawtrac, a position I held for nearly fifteen years, I oversaw the desktop and mobile development teams, quality assurance team and worked directly with clients to ensure every release or update contained the advancements they desired.

I have handled vary large software implementations which included data conversions and training.

As the VP of Product Development I helped add value to the company which was sold at the end of 2014. During my tenure I transformed my entire staff to the Agile methodology of production and personally obtained my Certified Scrum Master standing as I am a lead-by-example manager. I have been three-times published by OWASP and have spoken at national events by Adobe and Legal Technologies Association on developing secure applications. I bring experience, confidence, and self-discipline; together we can accomplish anything.

 

Tuesday morning rant.....

And gentlemen in England now-a-bed

Shall think themselves accurs'd they were not here,
And hold their manhoods cheap whiles any speaks

Let's substitute Shakespeare’s use of the word 'gentlemen' for the phrase 'hiring managers' or 'recruiters'.

I feel very strongly that the individuals conducting an initial review of resumes upon seeing military experience automatically pass over the individual.

Case(s) in point:

A recruiter last week asked me to remove my military experience and substitute 'additional experience upon request' even though what I did in the Army Signal Corps was exactly what the company was looking for.

Google Fiber passed me by for a position working with the team installing Google Fiber in Austin, TX even though I'm a certified fiber optic field engineer - not too many of those running around.

I believe (too) that individuals in the age group dubbed ‘millennial’ are doing the initial review(s) and that the sediments expressed in the St. Crispin’s Day Speech penned in 1599 are right on the money.

Video Cover:   https://youtu.be/Yao1DVQV1Tk

Jim's Soapbox: Video Resume: Jim Harris - IT Product Development ...

Jim's Soapbox: Video Resume: Jim Harris - IT Product Development ...: I put this together for any potential employer to review. I find it difficult to put 30+ years of IT experience on a single sheet of paper. ...

Video Resume: Jim Harris - IT Product Development Manager

I put this together for any potential employer to review. I find it difficult to put 30+ years of IT experience on a single sheet of paper.  Even this three minute video is lacking the minor details, but covers the 'experience' portion of my background fairly well.

Anyway, if anyone is hireing - 512 688-0790

Ford accused by software maker of intellectual property theft

 

As a developer I am very interested in seeing how this specific lawsuit plays out.

The suit is not that Ford copied their software, the phrase being used is “derived from” – I’m guess that is the same as reverse engineering.

This happens all the time in the software world, in fact, in every industry; from stock trading firms to your corner bakery.

The only thing missing from this article is a mention of the people who did the actual programming. If it was done with individuals who first programmed in in Texas then maybe Versata has a case, and then only if they poached the person or persons and moved them to Michigan or they remotely programmed saving their work to Ford servers.

Anyway, this will be interesting…..

Ford accused by software maker of intellectual property theft