Free Scott Albert Johnson song - Magnolia Road live

My favorite independent musician and friend Scott Albert Johnson has given me permission to release this live track on my blog for free.   The track is for sale at Scott's site along with his debut album which is highly recommended.

Scott is a very talented musician who, along the lines of Jonathan Coultan and Geoff Smith, is working to make his music passion a full-time endeavor.   I've written about his debut album here on my blog in the past (Umbrella Man review).  I'm a big fan and happy to hear that Scott is working on a follow-up album (which I've already pre-ordered).  I've seen Scott perform live a few times in DC and the shows are always excellent.  I love Scott's original portfolio of songs and I'm a huge fan of his cover of Peter Gabriel's "I don't remember", which exceeds the original on so many levels.  I was pleased to hear from Scott that, based on my feedback, he'll be including that cover track on his forthcoming album!

Magnolia Road is off Scott's debut album.  It is not my favorite song on the album but it is a crowd favorite and will give you a good exposure to his vocal and harmonica talents.  If you can find someone that is better on harmonica than Scott (excluding John Popper of Blues Traveller), please let me know!

If you like the track, please go and buy the album.  If you aren't happy with your purchase, I'll buy you a drink the next time I see you. If you want to sample a few more tracks visit Scott's MySpace page.

In the meantime, enjoy your free download of Magnolia Road live:


Pretty clever

For some reason, this attack made me laugh. An interesting blending of meatspace and cyberspace.

Hackers in Grand Forks, North Dakota of all places have hit on a clever Trojan Horse: using a fraudulent parking ticket to direct unsuspecting motorists to their virus laden websites.

The scam works like this: You come back to your parked car and there's a parking ticket under the windshield wiper. Everything looks official so you go home, and, being a law abiding citizen you visit the website on the ticket as directed. In order to make sure it was your car, you have to flip through a gallery of evidence and find your car. In order to do this, you have to download a toolbar and that's how they get you. The toolbar is loaded up with an executable file. When the computer restarts is when the fun begins. Your computer becomes a nightmare of pop-up windows talking about downloadable antivirus software and all hell breaks loose from there. (Jalopnik)

Threats in the Age of Obama

I'm a contributor to this impressive new book that examines what threats we face in the coming years.  An excellent compilation of contributors and expertise which is highly recommended.

You can purchase the book at Amazon today

Mac mini as video distribution platform

When I had my house built, I went to the trouble of trying to create a video distribution system that would allow one Tivo/DirectTV receiver to be controlled and broadcast throughout the house.

While the system worked in theory, it was plagued with problems, mostly relating to the IR repeaters being eternally flawed. Eventually, I gave up on the system and put DirectTV boxes with all the essential TVs.

Over the weekend, I was able to revisit the video distribution system using the following components:

-Mac Mini - This is the hub of the whole system with SlingPlayer, VLC, iTunes, DVD player, and Firefox.

-Video modulator - sends a video source over channel 35 to every TV in the house.

-iPod Touch, iPhone, and laptop (for remote control of the Mac Mini over wifi. No more IR repeaters)

-Slingbox - This is already installed in my home office and connected to my home office DirectTV receiver.

With the Mac Mini, I am able to tune into my slingbox and watch DirectTV content, use VLC to watch content stored on network attached storage devices, use iTunes to stream content from my iTunes library, play DVDs with the built in DVD player, and use the web to hit content sources like Hulu and Joost.

Whatever the Mac Mini is playing is set to channel 35 throughout the house, which is perfect for TV's that I have connected to DirectTV service. to become

This is an interesting approach. I'll be curious to see how they make this work. Talk about signal to noise ratios....(AFP)

iPhone News Network

An interesting scenario developed on my drive home, that is a perfect demonstration of emerging technology.

First, I read a Twitter message (while stopped at a red light!) that there was major Steve Jobs news and AAPL stock was tanking.

I then saw a Twitter message from Leo Laporte that he was covering it live.

I tuned my iPhone into the stream and listened to the coverage over the 3G network.  No skipping, pauses or rebuffering at all.

The amount of time from seeing the alert to hearing the full-story was about 3 minutes.  Talk about redefining "breaking news".

Good quote

Going to be thinking about this one going into the new year.

There is no such thing as information overload, there’s only filter failure. - Clay Shirkey

A little out of context, but still appropriate for 2009.

Feds consider searches of terrorism blogs

The Homeland Security Department may soon start scouring the Internet to find blogs and message boards that terrorists use to plan attacks in the USA.

The effort comes as researchers are seeing terrorists increasingly use the Internet to plan bombings, recruit members and spread propaganda. "Blogging and message boards have played a substantial role in allowing communication among those who would do the United States harm," the department said in a recent notice.

Homeland Security officials are looking for companies to search the Internet for postings "in near to real-time which precede" an attack, particularly a bombing. Bombings are "of great concern" because terrorists can easily get materials and make an improvised-explosive device (IED), the department said.

"There is a lot of IED information generated by terrorists everywhere — websites, forums, people telling you where to buy fertilizer and how to plant IEDs," said Hsinchun Chen, director of the University of Arizona's Artificial Intelligence Lab. Chen's "Dark Web" research project has found 500,000,000 terrorist pages and postings, including tens of thousands that discuss IEDs.

Chen and others aren't sure how helpful blogs and message boards will be in uncovering planned attacks.

"I just can't envision a scenario where somebody posts to a message board, 'I'm getting ready to launch an IED at this location,' and the government will find that," said terrorism analyst Matt Devost. A lot of postings about attacks are "fantasy, almost role-playing," Devost said.

Internet searches are used routinely by government agencies, such as the Defense Department, in gathering intelligence, said Chip Ellis of the Memorial Institute for the Prevention of Terrorism.

The searches use methods similar to a Google query and can be helpful in uncovering the latest IED technology, Ellis said.

Steven Aftergood, an intelligence expert at the Federation of American Scientists, praised Homeland Security for "trying to develop innovative approaches" and said its effort would not jeopardize privacy because the department would be scanning public websites.

The department, which declined comment, has made no decision about using Internet searches and is reviewing statements that companies submitted last month describing their ability to do the searches.

By Thomas Frank, USA TODAY

Original Source

2009 - The year of living cyberdangerously

The reliance on computers to operate key infrastructures has created a tunnel of vulnerability previously unrealized in the history of conflict.

I first wrote that sentence in 1993 as part of my M.A. thesis on information warfare and my thesis adviser made me remove it for being "overly sensational".  Final revenge was mine, however, when I snuck it into the 1996 Defense Science Board on Information Warfare.  Now you can search on that phrase and get a few dozen results as its been coopted along the way by other reports as well.  Regardless, my little pet phrase will be old enough to drive this year and the infamous "Can You Trust Your Toaster" paper is a teenager.

While I've always believed that cyberthreats are misunderstood and that much of the current debate lacks a risk management context, I can't help but think that 2009 will be a precipice year in the cybersecurity domain.  We've certainly had lots of build-up in 2008:

  • A major think-tank issues what some regard as "yet another" cybersecurity strategy.
  • We've had major and minor penetrations by foreign entities into dozens of major corporations, institutions, and even the political campaigns.
  • For the first time, we are looking at a cabinet level Chief Technology Officer position at the White House.
  • From my personal experience in dealing with the national security and intelligence communities, there is an increased understanding and appreciation of the issue over the past year.  I can't tell you how many conversations I've had with folks who dismissed the topic in the past and now articulate how important an issue it is.

If one is optimistic, we might actually start turning the corner on cybersecurity issues, but will do so only to find ourselves faced with a really steep hill.  The best-case scenario, we take some baby steps in 2010.  Therefore, I'm declaring 2009, the year of living cyberdangerously. Here are just a few things to think about:

  • Capability and intent are still mismatched, but that hasn't prevented major intrusions, just those with an impact on the operation of critical infrastructure.
  • Big carrot, little stick. Cyberattacks have been launched against major companies, the U.S. government, and the McCain, Clinton, and Obama campaigns.  Consequences for the attacker have been non-existent. This just further incentivizes adversaries to push the envelope.
  • Economic disincentives are disintegrating.  I've often cited economic interdependence as a major deterrent to cyberattack.  However, when the U.S. economy is already in fail mode, the deterrent quotient diminishes.
  • Attribution still sucks.  See bullet number two.
  • Budget cuts and economic issues will serve to diminish corporate security postures in 2009.  End result, increased vulnerability.  That said, current attackers don't seem to be lacking of vulnerabilities for intended targets.

These factors and a few others will bring a few stars into alignment and it should make for an exciting year.

As for me, I'm looking forward to taking a good hard look at these issues again this year at both the technical and national strategic level.  Watch for a follow-up to the Toaster paper and some additional efforts.  You can leave your title recommendations for the Toaster paper in the comments (e.g How I learned to stop worrying and love my toaster).

What's cooking?

One of my favorite recipes.  I'm sick of searching for it, so I'm blogging it in hopes that others can enjoy.  The Wegmans branded products can easily be replaced with more generic items.  Enjoy!

Steamed Meatballs with Asian Green Beans

Serves: 4

1 lb 90% or 85% Ground Beef
1 egg
3/4 cup panko bread crumbs or 1 cup unseasoned bread crumbs
1/4 cup + 2 Tbsp Garlic Sauce, divided
1 bunch green onions, trimmed, sliced
1 clove Garlic, finely chopped
1/2 oz fresh ginger root, peeled, finely chopped
1 Tbsp fresh cilantro leaves, chopped
1/4 tsp cracked black pepper
Salt to taste
1 cup Instant Brown Rice
1 pkg (12 oz) Green Beans
1 red sweet pepper, seeded, cut in thin strips
1 Tbsp sesame seeds
1 tsp sesame oil

Combine ground beef, egg, bread crumbs, 1/4 cup garlic sauce, green
onions, garlic, ginger, cilantro, cracked pepper, and salt to taste;
mix thoroughly using hands. Shape into 16 (1 1/2-inch) meatballs.
Pour uncooked rice into shallow pan or bowl. Roll meatballs in
rice, pressing to coat.
Place green beans and pepper strips in steamer basket. Arrange
meatballs in separate basket; stack baskets with meatballs on the
bottom and cover.
Heat 1-inch water in wok or tegame pan on HIGH to rapid boil. Water
must be hot enough to create steam below items to be cooked, but must
not touch it.
Place layered baskets in pan. Steam about 12 min. Remove from heat;
using extreme caution, remove lid carefully away from your face,
avoiding steam. Meatballs should have internal temp of 160 F;
check by inserting thermometer into center of meatballs.
Heat saute pan on MEDIUM-HIGH. Add sesame seeds and cook, stirring,
1-2 min, until toasted. Add sesame oil, and remaining 2 Tbsp garlic
sauce. Heat just until warmed through, about 2 min. Serve over
vegetables with meatballs.

Option: Garnish with cilantro and drizzle with additional garlic

Recipe featured in Wegmans Menu Magazine
Nutrition Info: Each serving (1 cup vegetables, 4 meatballs) contains
410 calories, 42g carbohydrate (6g fiber), 29g protein, 14g fat (6g
saturated fat), 125mg cholesterol and 250mg sodium.