By User701213-Oracle on Apr 27, 2009
Before I begin, e kala mai ia´u (please excuse me) for not recognizing Steve Christey of Mitre as a co-creator/co-kahuna of the SANS Top 25 Bad Programming Errors list. It was not my intent to slight Steve for his work helping get this list created, reviewed and out there. Thank you and great job, Steve!
One of the joys of living in Idaho are the number of times you have jaw dropping encounters with living creatures. One of those occasions for me occurred about six weeks ago. We’d had five inches of new snow and it was still coming down, enough so I did not want to get in the car and drive anywhere to go Nordic skiing (four wheel drive helps you get moving but does not help you stop). So I decided to just snowshoe the ridge behind my house. I hooked up the dog, “shoed” down the street and out the path between the Ketchum Cemetery and the ridge behind my house, out to the golf course. There were some large depressions that Thunder showed a particular sniffy interest in. In retrospect, I should have known what they were, coming from a family of hunters. I turned to go down to Highway 75, when what do I see peering out of the trees on the 14th green, but four large elk? The depressions were elk beds. Thunder went nuts, making noises I’ve never heard him make that I suspect was Huskynese for, “Look, meat on the hoof! Lots of it!”
I restrained Thunder from going after the elk since I know from Idaho Fish and Game that elk need to conserve their energy in winter (Fish and Game close various areas to all motorized traffic to avoid stressing the elk). But it was a stupendously sacred view, seeing these large beautiful animals tiptoeing through deep snow, with the snow coming down about them. I watched them for about a half hour and felt blessed. They hung around for about four days before moving on and I took some pictures of them. Kupaianaha (amazing).
As many critters as I see here in Idaho, I am never jaded at seeing a beautiful animal in its native habitat. (There are animals one encounters in the commute down California Highway 101, too, but they are not the kind you want to remember, being of the jerkis Californiensis driveris variety.) That said, California also has its “elk encounters.” I was once out surfing when a pod of dolphins surfaced (not really unusual; they migrate along the coast of California). A big set wave came through the surf lineup, and the dolphins decided to surf it. There were four dolphins inside the wave as it moved through the lineup. One of them leaped out of the face of the wave and over our heads. Kupaianaha (amazing).
Even if you do not live in a wilderness area, or a place where you can see beautiful creatures in their natural habitat, you can have an “elk encounter” with someone or something that leaves you reeling in amazement. I recently had the privilege of serving on the Center for Strategic and International Studies (CSIS) Cybercommission for the 44th Presidency. The commission began meeting well before the 2008 elections, with a view towards making comprehensive recommendations on what the 44th president could do to improve cybersecurity. It was a great group of people from government and industry – a number of whom are friends as well as colleagues. Among the guiding lights behind the commission were the then-chair of the Homeland Security Subcommittee for Emerging Threats, Cybersecurity and Science and Technology, Congressman Jim Langevin and the ranking subcommittee member, Congressman Mike McCaul. It was obvious from the first meeting that both men – despite being from different political parties – shared a common interest in improving cybersecurity and a genuine collegial regard for each other.
I was particular impressed by the amount of time Congressman Langevin spent with the Commission given the many other responsibilities he had as a subcommittee chair and active member of Congress. After five minutes in a room with him, you know you are dealing with someone who is a distinguished public servant – someone you’d want to represent you (not that it matters, I happen to be of the opposite political persuasion of Congressman Langevin but hey, good leadership is good leadership: he has it). I think what cemented my admiration for Congressman Langevin was his appearance on a panel the 2008 RSA conference. The moderator posed the question, what did the next president need to do to improve cybersecurity? Some other panelists (who were also members of Congress) used the opportunity not to answer the question, but as a political platform to lambaste the other party. Congressman Langevin was a notable exception. He not only maintained a professional demeanor, he went beyond the question in his response by not only talking about what the 44th president should do but added, “and here is what I think we in Congress should do.” Bravo. That experience was as amazing an elk encounter as I had in Idaho.
I was asked recently to testify in front of the Subcommittee on Emerging Threats, Cybersecurity and Science and Technology. Congressman Langevin no longer chairs the subcommittee but has moved on to other areas of interest. I mentioned to one of the subcommittee staff – who had invited me to testify - how much I admired Congressman Langevin, to which the staff member replied: “Congressman Langevin is what every American should expect from his Congressional representative: he is smart, he is fair, he wants things to be better. He is a true leader.” Amene (amen).
I contrast my experience dealing with people such as Congressman Langevin - who are true leaders of note - with what can only be construed as the self indulgent time sink known as Twitter. The best adjective I have heard to describe people who think their every waking moment worthy of a following is “narcissistic attention deficit disorder.” (Credit to Ted Tanner for that.) Twitter is merely the latest incarnation of “look at me” exhibitionism that constitutes so much of social networking. Disclosure: I am on Facebook (which I did primarily as market research for the book my sister and I wrote*) and I am – ugh – considering joining Twitter for the same reason. Our protagonist is a twenty something techie which means I need to know about what twenty something techies are up to. That said, my definition of Twitter success will be that I have no stalkers…er…followers.
It’s hard to characterize just what I find so noxious about Twitter but I think it has a lot to do with the escalation of the trivial over the timeless (or at least, the trivial over the time-worthy). Aside from everything else, constantly telling your friends what you are up to (or obsessively checking in the activities of others) leads to what economists call a “crowding out effect.” Anybody who has spent hours on the Internet and wondered what they had to show for it afterwards knows exactly what I am talking about. For those who proudly brag about how much they can do at once, the reality is, we actually can’t multitask (reference: Why We Make Mistakes: How We Look Without Seeing, Forget Things in Seconds, and Are All Pretty Sure We Are Way Above Average by Joseph Hallinan) “Multitasking” should be better renamed “multimistaking” since the more you try to do two or more things at once, the greater the chances that you will get all of them wrong. Try playing a musical instrument and watching the news at the same time – you won’t learn Ahe Lau Makani and you will not be able to tell anybody what the headline news was, either. I know this from extensive market research. It’s true if you are trying to learn Wai O Ke Aniani and watching NCIS reruns, too. So, trying to do anything meaningful while acting like a twit – er, sending or reading tweets – is a waste of time.
Not to mention, how interesting is all this information, really? Try writing down what you really do most of the day and ask yourself, “Who else could possibly be interested in this?” To quote the title of a current movie, He’s Just Not That Into You. Actually, you shouldn’t be that into you, either.
I do occasional update my Facebook entry (which is pretty Spartan and I intend to keep it that way). Very rarely do I put an entry in “What are you doing now?” for the reason that most of what I am doing right now – in fact, most of what most of us are doing right now - is just not that interesting. Who really wants to read:
I’m changing the toilet paper roll.
I’m defragmenting my hard drive.
I’m writing a thank you note that is two weeks overdue. (OK, my mom would want to know that; she brought us up to write thank you notes, but who else cares?)
I’m cleaning the tile grout in my kitchen.
I’m trying to clean the beams in my living room because it looks like I am running a spider sanctuary.
I’m sewing up one of Thunder’s many destroyed toys right now. (AWWWW. I mean, of course that is not interesting to anybody except me and the pooch. I was almost seduced by the Dark Side there for a minute.)
A surprising amount of most of our days are taken up with activities that we find boring and repetitive, and most sane people would, too. The only thing worse than updating your Facebook What Are You Doing Now? With such drivel is blasting it out to a bunch of groupies who breathlessly await your pronouncement on what grout cleaner to use. Oh wait, that’s Twitter.
To give an example of crowding out and why we should care, consider the recent stimulus and budget bills. Regardless of what you think of them, what ought to upset anybody is the thought of members of Congress twittering away during hearings on these bills. (Let alone people who voted on them without reading the entire bill, considering the amount of money being spent.) It is just astonishing – no, disgusting to me – that anybody would vote for such critical bills without both reading them and – most importantly - paying attention during hearings. You can’t pay attention to what someone is saying if you are obsessively texting, tweeting, checking voicemail, playing solitaire, whatever.
I recently read through the proposed Snowe-Rockefeller Bill (aka Cybersecurity Act of 2009). I had seven pages of comments on it I wrote up for our government affairs group who are sharing the comments with others in industry. I had stress pains in my shoulders from reading this bill for reasons I will perhaps save for another blog entry, but I read it, all the way through. It took awhile, I admit.
Among other concerns I have was the fact that the term “vulnerability” was not defined. Why you should care is that the bill called for real time notification of “vulnerabilities” and yet it was not clear whether a vulnerability is a configuration weakness or an actual product defect. There’s a big difference. Configuration settings you can check real time. It’s not a reasonable requirement to expect real-time notification of product vulnerabilities that may or may not have been fixed yet. That is, vendors – well, at least Oracle – find the vast majority of product security defects ourselves. That’s a good thing. As for “real time notification,” we are not prepared to Tweet everybody and say, “Hey, guess what? We found a really nasty security vulnerability two seconds ago. Oops, forgot to mention, no fix for it yet. Bummer about that but stay tuned!” I can’t imagine that’s what the bill really meant to say (“notify real time when you find a product problem whether or not it is fixed yet”), but absent a definition of “vulnerability” it is not at all clear. When it comes to contracts and legislation, any ill-defined term not only can be but will be misinterpreted, which means nobody will be able to tell whether they are in compliance, despite spending (technical public policy term here, with apologies to Carl Sagan) “beelions and beelions” of dollars trying to be compliant. If someone does not (at the very least) define “vulnerability,” they might was well rename this bill the “Auditors Full Employment Act” because only people auditing such an ill-defined notion of “compliance” could be happy with it.
You really hope that the people who put legislation together – including this bill – and vote on it are going to take the time to focus on it instead of frittering or twittering away when important matters are being discussed. Similarly, those of us who review and comment on legislation should turn off our cell phones, shut down our instant messaging, take the headphones out and concentrate on what is being proposed. I might have had some Hawaiian music playing – which soothed my stress pains – but I took the phones off the hook and really read the bill. I felt something this important to industry deserved my best review efforts.
Back to elk encounters, it actually isn’t that hard to tell the difference between an elk and a deer. I’d say “everybody knows that” but there are people who probably see an elk and think it’s just a biggish deer. I like seeing deer, too, but elk encounters are more rare – and somehow more – uplifting. Elk are mindblowing. Deer are – beautiful, but not jaw dropping the way an elk encounter is. Which brings me to a last thought. Someone has done a Wikipedia entry on me (the link to which I am not including here as it is entirely too self-referential). A member of my team sent me the link: I did not Google myself. I found the entire entry rather creepy on two levels. One is, I suppose someone could put all that together from things like my blog entries, but it is still creepy to see so much about yourself pieced together online. The second point is more important: I’m not that interesting. I can understand a Wikipedia entry about Larry Ellison. Maybe even a couple other kahunas at Oracle. But me – naw. To re-reference He’s Just Not That Into You: well, I’m just not that into me and nobody else should be, either. Go find an elk.
* As I blogged about earlier (Tahiti Rising), my sister and were writing - and now have written - a book together, an IT murder mystery called Outsourcing Murder. We are on our second book and looking for an agent. As part of submitting our manuscript, I obsessively went through every Hawaiian word in the book and replaced the apostrophe with the ‘ōkina (the reverse apostrophe representing a glottal stop), which is why this entry has “Hawai´i” and not “Hawai’i.”
Book of the Week
I couldn’t just pick one so I have two recommendations.
A Dawn Like Thunder: The True Story of Torpedo Squadron Eight by Robert J. Mrazek
I thought I had read just about everything in popular print about the battle of Midway, but this is a new take on it. More specifically, it describes the story of the famed Torpedo Squadron 8 from the U.S.S. Hornet, most of whom perished in low-level torpedo bombing of the Japanese fleet. What I had not known was that some members of Torpedo 8 actually flew from Midway, and that Torpedo 8 also figured prominently in the so-called Cactus Air Force flying from Henderson Field at the battle of Guadalcanal. It’s a gripping read and I shall forever be grateful to Robert Mrajek for telling us who these men were, what they stood for, and what they lived, loved and died for. Kupaianaha (amazing).
Honolulu by Alan Brennert
I tend not to read a lot of contemporary fiction since so much in unrelievedly dreary and lacking in any concept of redemption. I have not even finished this book, yet I am totally captivated by it. It’s the story of a Korean “picture bride” who comes to Honolulu in the early 1900s. Brennert skillfully weaves a number of real characters into the book, including May Thompson (the inspiration for Somerset Maugham’s character Sadie Thompson) and Detective Chang Apana (the real Charlie Chan). Alan Brennert also wrote Moloka´i, another great read, about the victims of Hansen’s disease (also referred to as “leprosy” but I refer to use the correct medical - and less stigmatic – term) who were forced to live at Kalaupapa: surely one of the most beautiful yet saddest places in the world.
For More Information
About Congressman Jim Langevin:
About the CSIS Cybercommission:
About the Subcommittee on Emerging Threats, Cybersecurity and Science and Technology:
My testimony in front of the Subcommittee:
Why We Make Mistakes: How We Look Without Seeing, Forget Things in Seconds, and Are All Pretty Sure We Are Way Above Average by Joseph Hallinan
Apropos of nothing except linguistically showing off. A few Hawaiian phrases for your sled dog:
Don’t pull me over! (Mai huki malalo ia´u!)
Balto never stopped to sniff. (A´ole loa ‘o Palako i pau e honi.)
That chihuahua can take you. (Hiki i kēlā chihauhua ke make iā’oe.)
Cold enough for you? (Lawa ke ‘anuanu? )
Mush! (E hele aku ‘oe!)
Stop! (E pau ‘oe!)
Right this minute! (I kēia manawa!)
Who’s a good boy? (‘O wai he keikikāne maika´i?)
Tired? (Ua māluhiluhi ‘oe?)
Want to make a doggy snow angel? (Mamake ‘oe e hana i ´anela hau ‘ilio?)
More silly Hawaiian phrases from Keola Beamer, a great Hawaiian musician (Sweet Maui Moon is one of my favorite CDs). Wonderful gems such as:
I am filled with admiration for my in-flight meal.
Kahaha ko'u na'au i ke 'ano o ka mea 'ai ma keia mokulele.
One of the Hawaiian news stations has a daily broadcast segment in Hawaiian. Very cool. You find out things like one of the high school football coaches coaches his team entirely in Hawaiian. E ola mau ka ‘ōlelo Hawai´i (may the language of Hawai´i live).
One of my all time favorite Hawaiian meles performed by one of my all time favorite groups, Maunalua (Hawaiian slack key at its best):
Mānoa DNA performing Ka Nohona Pili Kai:
And Manoa DNA doing Makee ´Ailana