Passion or Job?

My 'new' colleague, Gary is constantly proactively imparting his knowledge of IT Security to me, a complete noob. I really appreciate his efforts in doing so and I'm trying to take in as much as I can.

But I'm not a quick learner at times and tended to forget things which I try to mitigate by writing them down. However, there exists some information such as account credentials which you shouldn't be writing down and such... more so in an extremely security conscious like XXX.

I'm recently involved in the evaluation of a solution which is pretty much a high priority project at the moment. The evaluation had concluded and I'm supposed to prepare a post-evaluation report for the management. Of course, knowing that you have a high-power audience waiting for your report, you'd surely wanna spend more efforts and time on it to produce something readable and presentable. Inevitably, this also means I've to let up on my other on-hand items.....

This is where the problem lies... I run a server vulnerability scan the other day and the report is ready. Before we pass this report to the System Administrator (SA) of the server, we need to analyse the report and prepare recommended solutions for the SA. This being my first time at it, Gary was very nice to show me the ropes and all, even to the extend of doing the analysis. However, he expects me to go thru the report too and learn from it. Not that I'm not receptive to learning new 'tricks', but I've got my bandwidth too, right? Its not that I lack the interest to learn, but I'm really tied up.....

To him, IT Security is a passion... for me, its only a job....

Funnie Letter

Got this via an email... kinda interesting. Read on...
---------------------------------------------

Intro: The first letter was posted last year, in one of the forums, by a person who goes by the nick "ChinChaiOne" and he named his thread "Tolong Tolong". It was picked up by other forums, circulated around (even in govt depts) then someone posed as an official in the PM's office posted a reply.


OPEN LETTER COFFEE SHOP TALK

From : ChinChaiOne
28-Apr 12:15

Dear Prime Minister,
We citizens of Singapore urge you to PLEASE MIND YOUR OWN BUSINESS. We DO NOT NEED your help. Every time, you mention HELP, we have to run for cover!!!

Help the poor? Raise GST!

Help traffic flow? Up ERP!

Help passenger service? Up Bus fare/MRT fare!

Help us get taxi? Raise taxi fare!

Help us get good government? Raise Minister and Civil servant salary!

Everytime YOU WANT TO HELP, we all PAY FOR IT!!!

THANK YOU THANK YOU! TOLONG LAH, please, we will HELP OURSELVES, no need your help liao. We DARE NOT ask for help any more!!!

Sir, most honoured sir, I urge you NOT TO HELP Singapore INVEST also! Everytime your wife invest, we all lose money! Kao liao, kum siah! Just let us have a dose of bad governance, like recently the Mat Selamat case, like dat¡ .so far, it is ok, your incompetence, we ACCEPT!

PLEASE DO NOT help us have better security! Wait we all kena PAY FOR IT!! I believe ALL SINGAPOREANS PREFER NOT TO HAVE CRUTCH MENTALITY! I think it is ok lah, please just take your salary and enjoy life ok?

Thank you thank you, I am very chin chai one, any how any how, no need to help oso can one.

------------------------------------------------------------------------------------------------------
Following is a reply from the Prime Minister's Office:

Date: Saturday, 2 August, 2008.

Dear Chin Chai One,

10Q you for your letter. On behalf of the Prime Minister, I am replying to your letter as follows:

As the erected party of Singaporeans, we are here to serve.

We are demon-cratic country, you are master, we gahmen servant, we serve you. You got problems we must help. You say no need our help? That means you're not Singapore's master. You say you run for cover? Cannot one, our police will find you.

GST is to help the Gahmen to help yourself. The Gahmen Service Tax is everywhere, you go America also have one, cannot run one.

Traffic very bad, so bad that we have to hold car racing at nite to avoid traffic jam. We believe there is no free lunch like PM's father say before, you use, you must pay, so Every Road Pay.. So you see no ERP cannot one.

Needless to say, passenger service also must pay. The increase in bus fare and MRT and taxi fare are very little already. We foresee world inflation coming: oil, steel, pay of foreign talents, etc, so we have to pay for the service.

You see, many foreign talents come to Singapore . If we don't pay our ministers well, they will go other countries to be their foreign talents. So must raise salary to keep them. If not, Nathan, Shanmugam, Bala etc will go India and work. Khaw will go Malaysia . etc etc. Must keep them. To keep them must pay well.

You are right, any help also must pay.

To help yourself? No, it's illegal. You mean you can build your own MRT? Run your own buses? Drive your Ba-Ong-Chia? Build your own roads? Seow liao!! Every one help himself then how? No social order lah! Ga ga ask for help, we are here to serve you.

We understand some of you have temporary problem. Don't worry, it is only short term. We must look long term. We must invest long term. Now lose a bit don't cow beh cow boo, long term! Yes, remember. 30 or 50 years later we will own Swiss banks, US banks, UK properties, maybe even South Pole condominiums. We must tighten our seat belt and bite our false teeth. The future very bright. As long as you continue to
support the gahmen 30 to 50 years you will see bright future. So Chiang See Tong a bit lah. Also, investing is very complicated business, not easy. We must pay school fee to learn from advanced countries.

On Selamat's case, we also must learn our lesson. We encourage life-long-learning. I learn whole life time, you learn whole life, Mr Wong Can't Sing also whole life learning. It's actually good. Mr Wong already apologise, don't force a dog to jump over the wall, the wall may collapse. Old dog cannot jump high also.

Selamat's case gives us many lessons. We must be on alert, not too complacent. Now every Singaporean know there can be a terrorist among us any time. This is the best self defence education !! PM will give Mr Wong another salary increment for that.

Also now we merge the prisons and detention centre, more space will be available now. We will build it like another IR, Integrated Retention - so those don't want our service and thinking of doing illegal service will go there. We will pass a new law too, the expenses for stay in that IR will be deducted from your CPF money.

Remember we must be grateful to people who help us -- and pay.

I hope I have explained the situation and give you the message clearly. If you still need help, please call my handphone: 9990-6767, it's toll-free.

By the way, Mr Chin Chai One, our pioneer Toh Chin Chai already toh long ago. So if you choose to be Chin Chin Chai Chai, you will also Toh.

10Q you again,

Reguards,

Ah Beng
Grassrude secretary

Another Feeling of Nostalgia

I was at my sis's place last evening when the TV started playing this year's National Day theme song. It was one of the worst I've heard in recent years!

Anyone realised that the trend nowadays is to have a new song every year and sung by one (or more) local singer? The list of them as far as I can recall includes Kit Chan, Stephanie Sun, Tanya Chua, etc.... With the songs of recent years being bad enough, I hope the organisers don't worsen it by inviting sub-standard singers (SG Idols?) to sing it.....

No matter what, I still prefer the songs of yester-years such as the infamous Count On Me Singapore, We Are Singapore, etc.... I recalled back then during my school days, we would all be expected to learn/practice/memorise/sing a few of these songs during Music lessons, during assembly and of course, during the National Day Celebration itself! Singing these songs properly was a big thing back then and teachers would go around catching students who merely lip-synch. I wonder if teachers nowadays still do the same thing... Does schools nowadays even 'enforce' the singing of National Day songs during National Day Celebration.

Can anyone answer me?

You may not think much of it but singing those 'retro' songs as compared to today's 'modern' songs has a great deal of difference. The 'retro' ones must be sang by many in order to bring out the 'feel' of it and somehow along the way as you sing it, you'd just feel proud to be a Singaporean. In fact, I still do feel this way whenever I hear those songs (in it orginal melody, not the remixed versions). Those 'modern' songs simple DOESN'T give me the same kinda feel at all. To me, they're more like pop songs than National Day theme songs.

Perhaps the organisers want to have a catchier tune to connect with the younger crowd and I'm sure they had succeeded with the connection, during the National Day period only, if you asked me. Why so?

Lets do an experiment : Ask anyone in the street to name 3 'modern' National Day Theme post-National Day. I'd bet my last dollar that maybe only 10% of them can name you 1 or 2 songs. I'm pretty confident the same group would be able to effortlessly name 3 of those 'retro' ones.

I, for one, can effortlessly name (singing them might be an issue though) 5.... And I didn't cheat by referring to any resources beforehand!

1. Count On Me Singapore
2. We Are Singapore
3. Stand Up For Singapore
4. Five Stars Arising
5. One People, One Nation, One Singapore

Software Evaluation

I was recently tasked to lead the evaluation of a software which my team is intending of recommending for use in XXX because we are going to BAN THUMBDRIVES in the organisation. Yeap, you read it right.. banning of thumdrives.

You might then be thinking : "How the hell would we transfer our files around from 1 network to the other?" There will be a 'Clearing-House' in place and you are supposed to submit your files to this house who will then transfer your files to your desired network where you will then copy those submitted files from. Don't worry if it sounds complicated for this is not the main topic of my blog entry today...

With the transfer mechanism in place, the next question would be : "How do you ensure users do not plug in authorised devices into their machines?"

This is what my blog entry's gonna be talking about today....

This software which I've been evaluating for the past 2wks is capable of blocking computer ports, files, storage-media and other recognisable-devices on the PC as defined by rules set by us. I've been tasked to evaluate software in the past but I've never really learnt the trade of proper software evaluation until now. Gary guided me along in this project and I learnt a great deal from this exercise. He taught me to try out every single function offered by the software, test out all possible scenarios which might occur in our environment, find answers to question which the management may ask, etc.....

In the process of doing so, I compiled a list of some 20 questions which was sent to the software vendor for them to help us answer (of course). When the product consultant came down for the 2nd time on Friday, we bombarded him with those compiled questions + new ones. He was able to addressed some 50% of them but had to escalate to higher support for the rest. I supposed he got pretty stressed up because he mentioned a few times that none of his other customerstested the product so extensively and in-depth. It feels as if like we've helping him to debug his product and all....

Once he revert with the other 50%, I feel confident enough to present to the others who should be presented to.

Thanks to Gary for guiding me in this evaluation..............

Pwned by Bausch & Lomb

I've all along been using Bausch & Lomb contact lenses but recently realised that there seemed to be some 'un-scrab-able' eye residue on the lenses... I initially thought its scratchs on the lens due to rough handling. But my eyes seemed to be able to take these scratches well... so I thought they could be proteins or other residues but also seemed to be wrong because it just doesn't seemed to go off no matter how much I rub the lens to wash it off....

I thought it would go off with the use of a new pair of lenses but to my horror, they were still there!! I thus decided that I should ignore it since it came 'out of the box'. Finally, this morning as I was putting it on, somehow at a certain angle under a certain lighting, I made out the characters "B & L" on the lens itself... and thus solved the mystery...

Silly me.....

Asian Youth Games 2009

At the last check (5mins ago) of the Medal Tally, Singapore's 4th behind China, South Korea & Thailand respectively.... We've got 9 Golds so far, each and everyone of them won by TRULY LOCAL-BORN Singaporean...

I feel so proud of the 9 Golds even though its only the Youth Games. Its only Asian standards, not World. Its home soil for Team Singapore.... etc

But the fact remains that all the winners are Singapore-born! 'nuff said....