Cubicle Warrior’s blog, week 22 of 213 (1,313 more days). This week’s quote comes from Pope John Paul II. I have always believed that the nuclear family is the building block of society. I believe that the crux of the world’s problems can be solved at the nuclear family level, and that many of the world’s woes are rooted in the loss of the nuclear family as the atomic building block of society. Do not misinterpret my statements–I am open to the idea of the nuclear family concept being adapted to modern times. The point is that as a society we need to build our nation one family at a time. If we fail to keep our family together, then we will fail as a nation.
As the family goes, so goes the nation and so goes the whole world in which we live. — Pope John Paul II
US military deaths reach 2,000 in Afghanistan [LINK]. This is getting ridiculous. PFC Jon Townsend and one civilian member were killed in an insider attack. The same Afghan troops that Americans trust and train every day are turning on us and shooting us in the back. With 27 more months left of combat ops in the Afghan theater, we should expect more deaths like this, and it could get worse after December 2014 when all we have are “peacekeeping forces”. … [READ MORE]
New Fiscal Year Continuing Resolution Budget Sequestration! This week starts the new fiscal year. Thanks to some brilliant policies from our wonderful lawmakers, we have plenty of funding for change of command ceremonies, plasma televisions, and fancy offices, but not enough for warfighting capabilities and personnel. In the Air Force alone, you can bust your hump at work and deploy to theater multiple times, but if you work too hard to make rank you will be asked to separate before retirement. I have to watch some hard workers–the kind that focused more on the job than on car washes and booster clubs–leave the Air Force before 20 years because we cannot afford to keep everyone. The “fair and equitable system” is anything but fair and equitable, and the Air Force lets it best and brightest leave. All we are left with is the crap we have today. In 2014, I have to face the possibility of not being offered a chance to compete for promotion. Meanwhile, I can find no fewer than a dozen of my peers hanging out at the base exchange or Starbucks all day, and just because they commissioned a year or two ahead of me, they will get the opportunity to compete for promotion. This week I have to convince a general to fund a very important capability, knowing that the answer may be to cancel the effort simply due to lack of funding. Here I am at the apex of my career, finally with some authority to do something, and we have no funding to act on my ideas, and, quite possibly, no opportunity to compete for more authority and responsibility. Figures. I should just hang out at Starbucks all day and enjoy the next 3-1/2 years…assuming I do not get RIF’d out of the Air Force as a budget saving measure. I need to find a way out of this assignment. Quickly.
Carmaggedon II [LINK]. What can be worse than LA traffic? How about shutting down a major artery through town for an entire weekend? The good thing that came out of this is that would-be car thieves provided some entertainment by stealing a Jaguar and using the newly re-opened, freshly paved freeway to make a getaway…until they hit the rest of traffic and were forced to flee the stolen car and hide in a sewer. This is a fitting story for Los Angeles–no matter what, you are stuck in traffic or a stinky pile of sewage.
Grand opening of Mr. Allen Moser’s Premier ATA Martial Arts in Apple Valley, CA. The kids participated in the grand opening of a martial arts school in Apple Valley, which is about two hours from here. They did some demos and made some new friends. A great time was had by all.
Visit from old friends. My former co-workers from San Antonio came to visit this week. I really do miss those folks. It turns out that they still miss me. I hope most of them are still around in about 1,313 days. It felt surreal to be on the other end of their business trip. In related news, a friend told me that it was weird hearing my voice on the other end of a teleconference a couple days before that visit, as if she were hearing the voice of a ghost. It is nice to be missed. Too bad nobody here in LA seems to care. 1,313 more days…
Which is more secure, Android or iOS? Answer: it depends. The iOS is only deployed onto a handful of hardware platforms, namely the Apple iPhone and Apple iPad, and has six major releases–iOS 1 through 6. Android is deployed on many different hardware platforms and has four major releases. For example, if you still have an iPhone 2, you are not allowed to upgrade to the latest, most secure version of iOS 6. If you have a Droid Bionic, you are not allowed to upgrade to the latest, most secure version of Android 4 “Jelly Bean”. It really is hard to compare apples to oranges, or in this case, Apples to Androids.
Physical access control. All things being equal, both phones have some form of physical access control. Whether or not the user chooses to lock the phone or not is up to the user and his or her level of paranoia. As a cyber security guy, I tend to be very paranoid and I lock my phone with the most secure method available to me. I give an edge to the Android, since there are usually more secure methods of locking, e.g. pattern lock, than what is available on the iPhone. Advantage: Android.
Permission-based access control. Each OS does restrict application access based on permissions. Personally, I like that I can go into the Android operating system menu and lock programs, deny programs the ability to do certain things, or outright freeze a program that I never use. The Android OS uses a static white list of permissions that is usually accurate. iOS asks the idiot user to approve or disapprove access on a use basis. Advantage: Android.
Data encryption. You have to be kidding me. iOS was storing all your personal data in the clear on your phone for years before a whistleblower exposed that one. I will never trust Apple again. On top of that, each iteration of iTunes seems to offer more vectors for bypassing encryption, since iTunes is trying to be all things simultaneously–music, applications, books, and documents. Advantage: Android.
Application security testing. Both OSes could improve here. Nobody seems to care about security until after the software is deployed. Advantage: even.
Miscellaneous. There will always be a debate as to whether the Google Play Store or the Apple Store method is more secure. The Apple Store is supposedly more secure, but nobody can quantify that statement. Nobody is certain how much they actually screen apps for security. I have been fooled by fake apps in the Android Market, but ever since it was renamed the Google Play Store I have seen fewer fake apps. If I believed that Apple really does screen for security, then I would give them the advantage. As a cyber security guy, I am supposed to trust, but verify. Since I have no way to test, trust, or verify, I give both an “I don’t know” grade.
Overall. I give a slight advantage to the Android, but not a significant edge. At least with Android, there are SDKs for incorporating SELinux and or building hardened kernels. With iOS, the user is stuck with whatever is available. Even with a “jail break”, the options are limited. The point is that if you have security options available to you, you should use them.
- “Android vs iOS: How Secure are They?” Redmond Pie. [LINK]
- “The Android vs Apple iOS Security Showdown”. SecureState. [LINK]
- “Android Security vs iOS Security”. Android Authority. [LINK]
American cyberwarriors thwart attacks on unclassified network [LINK]. The rumor is that activists from the Middle East are attacking American networks in retaliation against the YouTube video that mocks Islam. As often as our networks are being attacked, it is hard to figure out if the attacks are tied to the YouTube video or if this is part of the daily rigmarole of attacks on America. The attacks occur as President Obama is weighing in on an executive order that will give America more options with defending our networks, especially in our critical infrastructure of power grids, banks, and “essential industries”.
White House computers targeted in cyber attack [LINK]. Wait. Did I not just post that we thwarted a cyber attack? Yes, I did. Just a day later, we were attacked AGAIN and we did NOT thwart that attack. This particular attack came from China. There. I said it. China is attacking our networks. During they day, they put kids in sweat shops making Nike shoes, and by night they put those kids to work attacking our networks. One may be tempted to ask how much sleep these kids get. I assume that they get no sleep, because in the middle of the night these kids are practicing gymnastics for the Olympics.
My Florida Gators did not lose this weekend. Then again, they did have a bye week. I hope they have rested well for the key matchup against LSU. The Gators made it to #11 on one poll, and #10 on the other, making this week’s game the fourth time in the past decade that these two teams have both been ranked in the top ten for a matchup.
|AP Top 25|
|NR||Michigan StateBoise StateBaylor|
- Week 1 of 213 (May 6, 2012)
- Week 2 of 213 (May 13, 2012)
- Week 20 of 213 (September 17, 2012)
- Week 21 of 213 (September 24, 2012)