Worship and Conduct

Prager says God is worshipped through moral conduct. Christians say by belief.
Prager says God brings people to his moral law. Christians say to Christ, who is the Law and the Prophets.
“Those who come to Him must believe He is and that He is a rewarder of those who diligently seek Him.”

Prager often says this. How does he know when he is approved is what I wanted to ask.

Jobs that ChatGPT cannot replace (yet)

Beyond physical-dependent jobs, ChatGPT/LLMs cannot now replace:

Teachers – in-person or Zoom understandably. While virtual learning by an AI can be impressive, that produced by a human excels IMHO.

Writers and Editors – human writers like a journalist or author can give a human touch and verify facts, i.e. these positions can fact-check where ChatGPT is in error.

Lawyers – though legal information has always been online, a real lawyer cannot currently be replaced.

Social Workers, Therapists and Other Medical professionals – as above, a doctor or nurse needs to see a patient at some point. I have had appointments with a doctor. It usually requires a physical followup and I *want* to see a real person for questions and feedback.

Management professionals – an AI C-suite professional cannot replace a real one yet.

These all come down to the need for a real human that can verify information and attend to a patient, business, or customer in person.

Creepy tech

A few things are converging for me:

1. Social media is creepy.
2. ChatGPT is disturbing.
3. Boston Dynamics robots are uncanny.

With SM we have levels of interaction and of data trust. Filtering for us with giant mind bubbles. (Is filtering worse than fake news?)

ChatGPT is swallowing search now.

BD robots are moving from unsettling to accepted as human.

Like writing on a church wall, signs and symbols of tech are requiring a reckoning. These things are coalescing around Kurzweil’s singularity. Maybe not a correct timeline, but the merging is happening organically and is palpable. Can you feel it?

Ransomware Timeline

Utilities and infrastructure, government agencies, hospitals and healthcare institutions, schools, food production and distribution industries–even ferry service to Martha’s Vineyard, all have been attacked by cybercriminals using ransomware, probably now the most used kind of exploit of network systems.

“Even as we speak there are thousands of attacks on all aspects of the energy sector and the private sector generally…it’s happening all the time,” said Energy Secretary Jennifer Granholm to CNN. Continue reading “Ransomware Timeline”

What in the World is a Penetration Test?

A penetration test is an agreed-upon simulated, offensive cybersecurity engagement that tests for vulnerabilities in the target’s systems. The red team is the offensive team and the defenders are the blue team. The organization being tested is looking for weaknesses in their systems.  (Optionally, an organization may set up a purple team to support the engagement.)

In order to do a penetration test you need written permission with specific rules of engagement. You cannot deviate from the plan that is agreed upon. Even scanning the ports of the target system can throw up red flags for the responsible organization and can lead to legal trouble for you if not documented.

Though many red-team/blue-team exercises use in-house teams for both, an outside hacker can actually make some good money doing this. Some hackers make a career out of it. I’ve heard of a contract tester making $50,000 for one engagement; though in-house team members can make $140,000.  There’s even two certifications specifically for penetration testing, the Certified Ethical Hacker and PenTest+ certs.

Halo’s red team/blue team borrows from this concept: Spartan Showdown: Blue Team vs Red Team – YouTube

Defense in Depth

Layering security measures is called Defense in Depth. Though zero trust is the phrase of the day, defense-in-depth can be a complementary approach to security.

Preventive measures can prevent breaches of confidentiality, for example, measures such as file encryption, TLS encryption for websites, or protecting a certificate key.

Detective measures include intrusion detection/prevention systems (IDS/IPS) or other measures that alert you when there is an unauthorized intrusion on the network.

Recovery measures include backups and other measures to maintain resource availability. Whether daily, incremental, or full, you need a backup plan.

Continue reading “Defense in Depth”

Captain Fantastic

What to make of the millennial want of the Winnebago lifestyle.

I see the sprinters here on the island sometimes. They’re parked along Ocean Drive. I will say that there are fewer messes when compared to the fast food wrapper-spewing lowriders. (What a mess.) At my prior employer, one of the young guys brought us outside to look at his tricked-out camper van.

It gives an honorable sense of not wanting to waste and decreasing your footprint. It’s actually kind of admirable, I think.

It’s difficult for me to comment on family matters as I don’t have any children. But I think there are a few things to say. One does not grow up as quickly as with kids. A friend often lectures me on “growing up.” There could be some anger toward him, but maybe he’s right? I do like the single life, but how would I change?

But with all due respect, I am not immature, .

I have thought about doing the Reese Witherspoon thing and hike for life. Sun-bleached mind tan (TM).

Does one need any responsibility without children? Am I serving society well? What is the debt to society?

I know, no man an island. Fine. But when you read of proud parents and proud friends, you do have a certain sadness/defiance.

Year upon year, time after time. What to leave the world other than children. So what if your name ends? Shakespeare’s lineage was gone in a generation. Posterity gets ideas and creativity.

So we of lesser insight should try something different.

What is the CIA Triad?

No, not the Yankee security agency; the CIA Security Triad is a model organizations can use to guide policies for their cyber and information security. CIA stands for Confidentiality, Integrity, and Availability. It’s also useful during the acquisition of new technology assets and data to guide policymaking.

Confidentiality – Keeping sensitive, confidential, or private information safe from unauthorized access. It’s common to categorize sensitive data by the potential for damage if the data is released or stolen in case of a security breach. The question of who needs what kind of access to the information should be a consideration. Organizations can set access control lists (ACLs), encryption, and permissions for systems, files, and folders.

Integrity – Preventing data from deletion, tampering, or modification by an authorized or unauthorized party. This includes mistaken but authorized changes. Data at rest (stored), in transit, or in use should be protected for consistency, accuracy, and trustworthiness.

Availability – Accessing or refusing access to files, folders, and systems. The information the security measures protect and ensure should be available despite hardware failures, system upgrades, or power outages. The security measures should be consistent and provide ready accessibility by authorized parties.

The difference between tech support and cybersecurity experts lies with CIA. Tech support can help with your availability (connection), but integrity and confidentiality are usually the domains of cyber.

Hacking Paywalls: You Only Thought You Needed To Subscribe

Note: This tutorial is for Chromium browsers, but the developer tools on other browsers are similar. Leave a question if you need help.

Just a brief introduction to this tutorial is needed. Web pages are text files that contain text and HTML. When you go to a website your browser downloads the HTML text file and you now have a copy of the page on your computer. The file also downloads copies of images, videos, and programming that are referenced inside the HTML. Each item on the page is in a box, which may be contained in other boxes and which may have boxes inside it as well. These items are called elements. With the developer tools in each browser you can edit your copy of the page to remove or change elements. If you refresh the page, it will return to the version you downloaded. Continue reading “Hacking Paywalls: You Only Thought You Needed To Subscribe”

Using Publicly-available Information To Learn More About A Target (Passive Footprinting)

Even a novice can research a target using publicly-available information. This is also called passive footprinting and there are numerous tools and commands to find this information: Continue reading “Using Publicly-available Information To Learn More About A Target (Passive Footprinting)”

Innovation

While SM cannot be the purveyor of truth, the current model is broken (Zuckerberg). Experts determine governance, politics, civic architecture, histories, and science. They have their laurels.

But the pace of change is a bounding lion. Technology may be the easy part; the governance is not. Government can remove barriers to change; it created these booms after all. Innovation is just waiting at the door.

Changing things for the sake of fundamental change, the next wave has not been about who changes. But, these things were decided by experts who are malevolent and belong to darkness. They appear as doves.

We’re here. What should we value? Change has economic and IRL results.

Dear Patience

I was reminded of Siouxie Sioux’s Dear Prudence. But I redirect to patience.

Have patience with vile thought, envy, greed, arrogance–all those negative things afflict us. We cannot help ourselves. We are prisoners of this body, wretches? In all fairness, have patience with us.

The rainwater pours down. Drip by drip, it started. Now a torrent. Have patience. Ourselves to friends to family to our small group to our nation to our world. Send us flowers and rivers. Surrounding and refreshing.

Coding Camp – Day 45

Today I was on the ball. At least I knew what was going on! Just a bit about recursion and then we did a mock interview session with classmates. Tried to act as interviewers to the other classmates. Eleanor is a smart cookie. She has some interviewing skills and it came through.

That’s where I am. Trying to learn how to respond in coding interviews. These kinds of questions about sorting algorithms are common.

Coding Camp – Days 43 – 44

The second project is behind us and we’re on to computer science for javascript. It reminds me of the CS50 class I took at Harvard online. We heard briefly about sorting algorithms last night and tonight we learn a bit about functional programming. This camp is giving us a great span of computer science and coding knowledge that we can build on later throughout life. It’s a neverending process this learning in our field.

P.S. Have to learn functional programming better as React is based on it.