Tuesday, June 28, 2011

Get-Winevent Part III: Querying the Event Log for Logons (Part A)

The following is a digression on using Powershell's where-object (filter) to query System and Administrative events with 'Get-WinEvent'.  I like this method of querying the event logs because it is "pipeline" oriented and allows me to re-use/amend/copy previous syntax.  I was having some concern understanding a mysterious problem: my Windows 7 PC spontaneously un-sleeps itself and seemingly commences a log-on. I wanted to understand why this happened and if there was evidence of ex-filtration or malware.
  

Tuesday, June 14, 2011

Is Digital Security Possible?

"Africa is not a continent which is any longer isolated. It is not a place where people are uninformed. It is the fastest growing market for cellular phones. Information, whether it is in the townships or wherever, now passes very quickly... And this is not an issue which is going to go away. Nor is it an issue that is trivial for those of us that live here as we do here."
 JAMES WOLFENSOHN ex-President of the World Bank 


Below is a philosophical comment I  posted on Dark Reading today:
"It has occurred to me lately (because of the advances and volume increase in penetration and ex-filtration) that the digital industry has falsely assumed that data can be kept private in a networked world; that perhaps the concept of "data security" or "network security" is not achievable or (at best) not achievable at current levels of technology, internet reach, network topology.
If this is the case, we will have to rethink our current goals. Is data security possible? If so, at what costs? Can commercial interests or individual privacy be protected on the internet? If so, what would be the true costs for such protection?
Social and economic inequality, the true driver behind nation state and organized criminal penetration and ex-filtration, may not be an affordable reality in a networked world. Conversely, a secure, networked world may be not an achievable reality in a world of social and economic inequality. Either conclusion has gross implications for the global economy as it now exists."
For some long time, in the moments between burying my head in code or research, this rather somber thought has occurred to me. If digital security is not truly possible, would the current world of security architects be able to recognize the futility of their own profession?  Probably not, I would answer. Good engineers that we are (in a profit hungry market capitalism), we simply just keep chasing the next big thing or fixing the last defect.  But what if it were the case that digital security is  not an existential possibility? What if it were the case that the next abstraction, the next algorithm always begat the next penetration or ex-filtration? What if digital security was never truly achievable for any moment but  a single point in time?