Thursday, June 18, 2009

Juicy, juicy mangoes!

I used to like mangoes okay.  They were good, but a little over-sweet and a little stringy.

It turns out... I really, really like mangoes.  It's just that I hadn't had a very good one until this week.

My wife orders a box of organic produce every other week, and we got two slender, yellow mangoes.  These are from Mexico, are organic (obviously), but I don't know the name.  They are INCREDIBLE.  Juicy, smooth-as-silk, and sweet with a little bit of limey tartness.

I just cut one up for lunches tomorrow, and I'm already obsessing over how to get more.

If you have any recommendations, please send them to me! 

Recreating XML files from fragments

I'm working on an interesting problem right now.  Occasionally I acquire fragments of files that I would like to re-create as much as possible.  Many of these are Microsoft Word 2007 files.  MS Word 2007 uses an XML format, so it would seem possible to parse the file to detect tags that were ended, but don't have a matching opening (because the beginning was cut off).

I figured that I'm probably not the first one to think about this problem, so I went trolling the intertubes for ready-made solutions.  Since perl is my glueware language of choice, I searched until I found the following handy snippet from
use XML::LibXML;
my $parser = XML::LibXML->new();
my $doc = $parser->parse_file($ARGV[0]);
print $doc->toString(1);
Very, very nice!  Now I am part of the way there.  Next, I took a pre-existing MS Word document of similar make and model, and prepended it.  With a little manual massaging, I got the script above to parse it, and even pretty-print it (a nice bonus).  Unfortunately, Microsoft Word still doesn't like the resultant "document."

I'm still working on this problem, but that's decent progress for an hour of work.

Thursday, April 30, 2009


At first I was stunned at just how much I liked my iPod Touch. I just wanted a replacement for my 5th gen iPod, that stopped working when it mysteriously acquired a dent in its formerly pristine stainless steel back.

It didn't take long for it to turn into my most indispensible tool. Place to eat? UrbanSpoon. Reservation? OpenTable. And the list goes on: calculators, converters, levels, action games, puzzles, wikipedia apps, ebook readers, and even a way to read books from my Safari account.

If the kid is bored... a bit of Shrek. Long flight?A pithy podcast is the trick. Can't sleep? Ambient noise generator FTW!

In short, this little glass and steel box has become utterly indispensible.

This post, of course... composed, in bed, one thumb at a time.

Saturday, March 28, 2009

Securing Our Medical Infrastucture

On Friday, April 17th, InfraGard New Mexico is holding it's annual conference in Albuquerque, NM at the Hilton Garden Inn in Uptown.

The conference is titled:  Securing Our Medical Infrastructure

At $175 ($125 for current InfraGard members), the all-day conference is steal!!

The speakers include Larry Pesce (from PaulDotCom), Bill Tydeman (computer crime investigator for Health and Human Services), and others.

Visit the conference site for more details on registration and sponsorship.  Hope to see you there!!!


Wednesday, March 25, 2009

Get ready for Conficker - No April Fools Day Joke

Good news: The patch for this issue came out from Microsoft in October last year. If you had automatic updates enabled at that time, you were probably already not vulnerable.

Not so good news: I can confirm that it is set to become more active again on April 1st. On that day, if you are infected, you may notice your machine is very slow for the first six hours or so.

Worse news: Conficker is suspected to be building the largest "botnet" of computers to date. These computers are typically used to perform massive spam campaigns, launder money, host illegal or thieving web sites, or even take down computer systems of nation states (such as Estonia).

What you can do now:
1) Read the Wikipedia article on Conficker, which provides a lot of good information,
2) Download the BitDefender Conficker removal tool from and check/clean your computer.

Monday, March 09, 2009

Darn it, they got me doing Karaoke again!

I met some incredibly talented folks at SANS 2009 this year.  Ryan, Jason, Don, Zoher and I hung out with Ed Skoudis, Mike Poor, Larry Pesce, and others.

Ryan truly has an evil mind (this is a good thing, in our field), and I was impressed with Don's massive cahones for his efforts over at (and also for owning a bar while owning a software company!).

One evening we spent some time chatting with Ed Skoudis after one of his talks at the local Sushi bar.  I didn't have Sushi since I'd just eaten, but somehow (it must have been the mojito), Mike Poor convinced a few of us to join him on stage for a dead-on (umm, not) rendition of Bohemian Rhapsody.  It was fun, but not to be attempted without some liquid courage (at least not with my singing voice).

By the way, Jason, thanks for posting the tamer pictures.

That'll Do, Donkey, That'll Do

[Update 2009-03-13: Our team received notification yesterday that we Passed this project.]

I completed my Group Discussion and Written Project for my SANS Masters program while at SANS 2009 last week. I'm pretty sure the grade will be good, but I won't know for another week or so.

Seth Misenar and Tim Proffitt were my tiger teammates for an assignment that involved researching detective and preventive measures for Downadup/Conficker. We had 24 hours to do the work and present to the ficticious CIO (played by Stephen Northcutt) of GIAC Enterprises. Seth did an excellent job of presenting, but in the end we were "fired" by the CIO because we commented that he had gotten "too excited" about the possibility of his email being infected.

Later in the week we were asked to present again. It was suggested that we should rotate the role of presenter, so I volunteered. We presented a 2nd time on March 7th, and after we were done, Stephen Northcutt didn't say anything.

I got a little nervous at that point and asked, "Do you have any questions? Or any feedback?"

Stephen's response was a simple: "No."

After a little more prodding he added, "I don't even have any recommendations. You nailed it."

Ah.... sweet success. :-)

SANS 2009: MGT 525

I'm just back from SANS 2009 in Orlando (#SANS2009).  I took MGT525 -- yes, the project management class -- with Jeff Frisk.  I signed up for the class because it is a required component of the degree I am working on.  I had actually heard some negative things about the class, so I was dreading it just a little (sorry Jeff).  But, I'm pleased to report that I found it incredibly useful.  I have been running large projects (large information security projects) for awhile, but I haven't really ever had any formal PM training.  We have a Project Management Office, and they provide guidelines and templates, and I know what a WBS and Gantt chart are for, but I didn't really know the "proper" way to go from one step to the next.

My eyes were opened when we worked through labs on taking the WBS and producing a precedence diagram to figure out the actual critical path -- including identifying what activities had how much float time.

Now project management seems much less like art and more like science.  This makes me happy.

Thanks Jeff!