Branden R. Williams, Business Security Specialist

No such file or directory, RVM and Rubies! standard

This is quite a diversion, but it’s something that I want documented and indexed by the G00gles of the world in case someone else has a problem like me. If you are not interested in Ruby, or Rails, or RVM, skip this and will see you later on in the week! I recently had an issue that stumped me (as well as the great folks in the #rvm channel on Freenode). In the process of setting up RVM, I initially made the mistake of doing it as root on a Debian (Squeeze) machine. Cautionary word, you are good playing with the system rubies provided by APT, but if you want to get to the bleeding edge, do all of your ...

Adventures in Rails standard

It has been quite a while since I did any hardcore coding. Since that time, I have dabbled in various web projects, but programmers who don’t practice tend to get stuck in ruts. Most of the time, I would use my skills to solve small problems using methods and technologies I knew worked. If you want examples of that, go check out Brando Labs. Why do I continually pull tools like Perl, PHP, sed, Bash, and Python out to solve problems? Because I know how they work, and the learning curve to get back into the swing of things is relatively shallow. Back in the Stone days, I ended up taking a week long Java class that had me coding ...

In Favor of Scenario Planning standard

Harvard Business Review recently published an article by Angela Wilkinson and Roland Kupers called “Living in the Futures.” In it, Wilkinson and Kupers discuss the function of scenario planning at Shell—a practice that has been going on in earnest since the 1960s at the company. There are a number of great nuggets that we can use here in information security to help us plan for inevitable security events. The main goal of scenario planning at Shell is to open up the minds of managers and executives to the possibilities of events in the future. It’s designed to buck the trend of thinking that the future will be much like the present, such that when things happen they are well poised ...

Garmin’s Missed Opportunity standard

Businesses are moving faster than ever in this digital economy, and entrepreneurs build and showcase new innovative products or business models every day. The term that is thrown around to describe this phenomenon is called ‘disruption’. As an example, the iPod and iTunes Store disrupted the music industry in a way that forced companies to re-invent their businesses. Remember back in the 1990s when you could find an actual record store? Sure, most of us bought CDs, but it was still a store dedicated to the sale of music. I have fond memories of visiting Blockbuster Music and trying out CDs before I bought them. But Apple changed all of that. They disrupted an established market where prices were fairly ...

April 2013 Roundup standard

What was popular in April? April was a rough month for many folks (as it historically has been). We have had crazy weather all over the US, and I was able to experience a few new cities with El Wiforino. Thank goodness for the great food choices in London! I’m so glad that was our last stop. Here are the five most popular posts from the last month: The Only Customer Service Script You Will Ever Need. This is the post that keeps on bringing people back! Maybe spring break travel issues? Check out this diversion from security that will make you think about how you interact with your customers. How Starbucks is Revolutionizing Mobile (Micro) Payments. For the fourth ...

The Gotchas of EMV for the US Consumer standard

Update Nov 4, 2013: I was in the UK last week and it looks like the Underground has fixed their terminals to allow the use of the chip at a UPT! This is great news. My guess is there is some upper limit to what can be accepted without signature and it is now implemented. Some of you may know that I spent a little over a week on vacation with my wife traipsing through Europe this month. And even though I was constantly yelled at for walking too fast or running to check out some grey squirrel (they are tan here in the US), we had a fabulous time. We had a few hitches in our travels as any ...

A Funny Thing Happened On The Way To The Vatican standard

As a global traveler, I tend to be subject to more than anyone’s fair share of security checks. This means that I am ready for them, and also tend to find patterns in things. For example, if you are in a domestic US airport (where security is TSA, not private), you don’t have to take your liquids out. I have been putting them in the top pocket of my roll aboard for years now and have only been stopped in Bozeman, MT (private security), where all the bad guys go. But try that same trick through London Heathrow, and you are guaranteed a 15-45 minute delay. I visited the Vatican on Saturday, and thought the security was peculiar. For example, ...

A few tips for getting ahead of PCI Compliance standard

The great guys at Tripwire found me outside of the bookstore at RSA Conference this year and wanted to have a quick chat about PCI Compliance! Check out the video below for a few tips that might be helpful for you as you continue your way down this journey. Possibly Related Posts: PCI DSS 4.0 Released plus BOOK DETAILS! PCI Council Loses $600K in Revenue, PO Population on the Decline Why PCI DSS 4.0 Needs to be a Complete Rewrite Orfei Steps Down Should you be a PCI Participating Organization?

To Catch a Plagiarizer standard

I’m not a young pup anymore. Not that I’m nearing retirement anytime soon, but I find it amazing how much things have changed in the academic world since I first started my bachelors degree in 1996. I can’t prove it (yet), but I can almost guarantee that students in grades six through twelve have no real experience or knowledge of encyclopedias. I remember being envious of friends of mine who had those books in their houses. All that knowledge right at their fingertips, and here I was going to the library, LIKE A SUCKER! Now that I am working on my third spin as a student through the academic world (just under eight years from my last exit as a ...

February 2013 Roundup standard

What was popular in February, now a few days late? If you missed RSA Conference this year in San Francisco, you missed a conference full of people charged with defense. Forget the buzzwords you heard and focus on where we are going as an industry. HOW EXCITING! Check back later this week for a post that has my presentations from RSAC. Here are the five most popular posts from the last month: How Starbucks is Revolutionizing Mobile (Micro) Payments. For the second month in a row, this post is DOMINATING the stats. You know how you see those crazy fools that pass their phone in front of some magical sensor at Starbucks and never seem to pull out their wallet, ...