How a B- environment is created

Leave a reply

After reading David of 37Signals’ post on B- environment merits B- effort, I’ve decided to use my morning commute to write about what I believe is a B- environment and how it came to be.

Recently, I had the opportunity of working in a B- environment and experiencing it first hand. Let’s start this environment off with a self-proclaimed “results-oriented” manager. What this implies is a manager that wants to deliver value to the business, while giving employees freedom over the details (design, implementation, etc). What it really means is “help me accomplish what I said I would so I get a good multiplier on my bonus.” Of course, no one can be blamed for wanting a fat paycheck. Which is why I need to explain, but later.

Continue reading

Why I won’t be taking United Airlines again

3 Replies

I had my worst flight experience back in October 2010. That experience was with United Airlines. I was visiting family for a month over in Australia, with a layover in San Francisco for 4 hours.

The trip from Vancouver to San Francisco was average, there wasn’t any food and the flight attendants almost never came by, but the flight was short and it was only around dinner time, not an issue for me at all.

Continue reading

Critical vulnerability: Networks and Trust

Leave a reply

Lately I’ve been thinking about how successful exploitation and compromise of sensitive information has evolved over the years.

Sure social engineering has been around a long time, Kevin Mitnick was a master of it. But a lot of the damage done and information stolen didn’t even require social engineering. Even just a few years ago, amateur hackers and skiddies (script kiddies) could gain access to thousands, hundreds of thousands, and even millions of valid credit card information belonging to very real people. SQL injection and XSS vulnerabilities were (and some still are) commonplace among many international governments and companies. Teenagers could sit at home, read a simple tutorial on SQL injection, gain access to an unbelievable amount of sensitive information, deface websites, sell this information underground, and cause businesses plenty of headaches. Only after years of news headlines, great sites for education on vulnerabilities, best practices, and even many discussions on whether companies should be held liable for massive security breaches have companies begun to really take security seriously.

Continue reading