A different kind of game...

My friend Broc works at his family business. They have this great big lot and facility in an industrial area of Portland, with a few warehouses and huge shop buildings. Two of the buildings are vacant, and the lot lends itself to hiding, sneaking around and - well, a different kind of organized (and safety-conscious) fun.

I didn't take the pics, I just lent my camera to another person who ran around trying not to get shot at, while I took an MP5 and defended the base.

By the way - and before anyone freaks out: While this looks hard-core, realistic and (if it was real) dangerous, it's actually a game/sport called Airsoft, and the people who play are quite safety-conscious and wear proper protective gear. The guns shoot lightweight, tiny plastic balls the size of a BB. Yes, they can hurt if shot too close, but a red welt is about the worst one can expect when wearing the proper protective gear - namely good eye protection. Safety is important, and it's what makes the game fun. You'll hear people calling "safety kill!" if they are too close to shoot safely, for example. Obviously, point-blank shots with plastic BB's will hurt, so everyone's quite careful and adheres to certain rules. Never play games like this without the proper safety gear - anyone who doesn't practice safe play is an idiot, and you should not include them. Trust me, having fun is good, but being cool and safe with others is much more important.

Ok, anyhow - here's some pictures of what we did last night:

Don't have any train cars available in your local industrial complex, a la Counter-Strike? That's okay, semi trucks are a good stand-in, and besides they have real horns and lights and other things that can throw people off. Plus, the trains are just over on the other side of the fence, so the crashing train sounds are there, even if the cars are not.

Flash photography makes these guys a little more visible than they actually are when you're playing. Imagine nighttime alley lighting and shop lights indoors being turned on and off by whoever happens to have control of the light switches at the time. You never really know when it will be dark or light.

Hard Core Dave. Camper, heh. 'Nuf said.

Cory checks the warehouse floor from behind cover. See the light switches? Cory's the master of lighting tactics.

The attacking team posed for a photo. All us defenders should have done the same. Doh! There was 12 or more of them and 8 of us on the defending team.

Three posers of us from the defending team: Dave, me and Cory. Dave and Cory were a little more effective than me - I got safety-killed around a doorway corner right at the beginning of the first game, and got one "kill" in the second game before I got exposed when the lights came on and I was in the clear. Dave got several, and Cory got a couple too.

That was fun. I discovered I definitely need to go and buy glasses (or contacts maybe) again (I broke my last pair and have not had them replaced because I am lazy that way). Gun sights just aren't as easy to see as they used to be!

It's windy and a bit chilly today. But the flowers are cool. Spring's sprung.

Microsoft has published their Security Development Lifecycle whitepaper, where they describe the process that Microsoft has adopted for the development of software that needs to withstand malicious attack.

It's a good read for people responsible for writing software, as well as those responsible for ensuring software development processes properly addresses security as a requirement.

The basic principles of the Security Development Lifecycle are described in the paper:

• Secure by Design: the software should be architected, designed, and implemented so as to protect itself and the information it processes, and to resist attacks.
• Secure by Default: in the real world, software will not achieve perfect security, so designers should assume that security flaws would be present. To minimize the harm that occurs when attackers target these remaining flaws, software's default state should promote security. For example, software should run with the least necessary privilege, and services and features that are not widely needed should be disabled by default or accessible only to a small population of users.
• Secure in Deployment: Tools and guidance should accompany software to help end users and/or administrators use it securely. Additionally, updates should be easy to deploy.
• Communications: software developers should be prepared for the discovery of product vulnerabilities and should communicate openly and responsibly with end users and/or administrators to help them take protective action (such as patching or deploying workarounds).

Also discussed are the phases of the lifecycle in application, and Microsoft's experience in putting the DSL into use at that company, as well as the results of the initiative. If the small amount of information quoted above is of interest, take the time to read the paper.

Dana Epp comments and has insights into the changes that have happened at Microsoft over the past few years. It is pretty darned amazing to have watched (and participated in, as part of my roles as partner and customer) the changes Microsoft has made with regard to security. I can say from my own experience that security is at the front of MSFT developers' minds every day, and while it's not perfect (and never will be, regardless of the software or authors), it definitely shows.

(via Dana Epp's weblog)

Out of the toilet and into the conference room, the video saga of Rory and Scott's lead-up to TechEd continues.

Rory and Scott - Two really high speed programmers...

Thank God for WS-PPT

Enjoy.

I clicked through a few blog posts and comment author links (since their comments were interesting to me) and ended up on Dave McClure's weblog (again). There at the top, I saw his latest entry - that SimplyHired.com has just been launched.

So, I clicked on over. It's fast, easy, nifty and cool. Within a few seconds I did a search for keywords in my area and found current job listings from Monster, America's Job Bank, Career Center, USA Jobs, HotJobs and more.

Search for a phrase by putting it in quotes. You can see the age of the listing under each item, as well as where it's from. When you click on a link, you go to the original listing.

Fast, simple and it works. Not bad. They even have a blog.

And I like the "no results" response:

"Dang. We didn't find anything for you.

"You're probably a good speller, but check the description or location terms you entered. You can also try using some other keywords, or enter fewer words to expand your search

"It's also possible we made an error somewhere. Sometimes computers are human too. Sorry."

Chris has just announced that Gnomedex 5.0 registration has opened up. There are 300 spaces open, so sign up soon! If you've been to a previous Gnomedex, there's no need to explain the why's an how's, but for those who have not, here's a little info:

• It's in downtown Seattle, Washington at the Bell Harbor International Conference Center  - a GREAT city and with easy access via air, car, train, or whatever.
• It Begins Thursday June 23rd at 5:00 pm and ends Saturday June 25th at 6:00 pm.
• Gnomedex is a great place to actually meet and talk to a variety of high-profile techies, geeks and other smart people. It's also a great place to form relationships and get cool ideas.
• The Gnomedex blog is right here (clicky-clicky).
• I met a good number of people face-to-face at Gnomedex last year that I am in regular contact with ever since.
• Register here.

I'm already registered, now I just have to rework my crazy schedule!

Jeffrey McManus puts it so well, I won't even try this time. I've commented on sales calls before.

For me the past two weeks have been a complete mess of cold calls and "followups" from salespeople that seem to think their products will save my life or something. I can't get anything done. It's been awfully tempting to just kill my outside extension...

McManus: "So many sales droids keep making the same mistakes, I thought I'd put together a handy primer on how not to sell crap to me."

Jeffrey's right on. Make your calls worth our while. Please. Read it here.

(found via Scoble's link blog)

There's a excerpt from a yet-to-be released book by Jesper Johansson and Steve Riley available to read online. The article, entitled "Security Myths," it takes a look at some of the security shortcomings typical to use of security guides and reliance upon following a predefined set of steps without looking at the whole picture. It's a great lesson in how to look at things, rather than how to follow prescriptive

Warning
This section is somewhat (OK, very) cynical. Take it with a grain of salt and laugh at some of the examples we give. Do not lose sight, however, of the message we are trying to get across: These are myths. If you are careful to avoid falling into the trap of believing them, you will be able to focus your efforts on the things that make a real difference instead of being lured like so many others into staring at a single tree and failing to see the security forest.

So what are the myths? Well, for the details go read the article, but at a high level...

• Myth 1: Security Guides Make Your System Secure
• Myth 2: If We Hide It the Bad Guys Won’t Find It
• Myth 3: The More Tweaks the Better
• Myth 4: Tweaks Are Necessary

A guy named Matt has an idea. He reads blogs, and realized that sometimes he'd like to have an analog version - like one on paper with a cover and bound on the left.

And so, he come up with bookthisblog.com

That's a cool idea, I think. There are a few blogs I'd really like to read on paper, one's that I'd hang onto for sure, such as:

• Neopoleon.com - because Rory's a great read
• Indoor Camping - because it would be at least as good as a book, if not better

I'm sure I'll think of others. Plus, I'd like to be able to "burn" my own blog as a book now and then, maybe once a year, just for keepsake purposes. My family would probably like it, too. And there are megabloggers who I am sure would find a use.

There *is* a lot to be said for something you can hold in your hands, something of physical substance. Cool idea, Matt - Make it happen!

Ok, more and more funny. Take one part Superfriends and one part Office Space, and you end up with the hilarious TPS (This Place Sucks). Very, verry funny to watch. I love the use of the Superfriends sound effects, that's great.

If you're a fan of Superfriends, or Office Space, or both - this is for you.

It comes from idiotwork - check them out as well. More funny content can be found there.

Found via UtterlyBoring: The Church Sign Generator

That explains a lot.

Got a PowerPoint presentation that just doesn't fulfill its "Power" requirements?

Cliff Atkinson, author of the book "Beyond Bullet Points," has written a post seeking volunteers who want to take their PowerPoint presentations from typical and run-of-the-mill variety to something truly effective and powerful:

"Are you ready to transform one of your presentations Beyond Bullet Points? If you have an existing PowerPoint file and you want to liberate the great story buried deep beneath all those lines of text, drop me a note and tell me about it.

"I'll review the applications and select a few presentations that represent a range of professions and purposes. If your presentation is selected, all you need is a copy of my book to guide you through the details of the process, along with your critical thinking and creative skills. The other resources we'll use are free, and we'll find graphics from free or low-cost sources, or we'll make them ourselves.

"The one condition is that you are fine with making all of your presentation materials freely available for other people to see through the course of the public makeover - we'll even ask blog readers for their comments and suggestions."

Cool idea! If you're interested, contact Cliff though his weblog - the post is here.

This is a test of a photo attachment weblog post sent to dasBlog via email from a Treo 650 smartphone. The Treo is kind of cool, but Cleo (the cat) is cooler. :)

Note: Unfortunately, due to a bug of some kind I had to intervene on the mail server and manually delete the email post for this entry, because it kept reposting to the blog every few minutes. Oh well - at least I know the posting from the treo works!

Photo_031105_005.jpg

Skype is now allowing its users to sign up for SkypeIn, a new service that allows you to get a phone number assigned to you your Skype account. So, for people who want to reach you by phone, they call that number from their plain-old telephone service line just like any other phone, and it rings your Skype on your computer. Numbers are available in France, Hong Kong S.A.R., China, the United Kingdom and the United States. I checked the US listings to see what area codes are available, and there are none in Oregon yet, but hopefully that will change soon.

For a while now Skype has offered SkypeOut, a service that lets Skype users make calls to the regular phone network using Skype on their computers.

This is really very cool. One of the beautiful things about skype is its ultimate portability. Put Skype on your laptop and take it with you wherever you go. Windows, Linux or Mac OS/X. Run Skype on a PocketPC with Windows Mobile and an Internet data connection, add SkypeIn and SkypeOut, and in theory you're making and receiving calls on the mobile network, but without using the mobile minutes. Hmmmm.

Of course, don't forget the high quality voice audio you get with Skype. And the ability to have your "phone" rind with one number in multiple places.

This whole VoIP, Skype, digital communication thing is getting more and more interesting...

Okay, this has to be one of the funniest damn things I have seen in a while on a weblog. Geek humor in the toilet. Literally.

Rory and Scott are in a video, a sort of a pre-TechEd thing. And it's freakin' great. Expect more in the future, too.

You have to go watch it.

Like, go watch it right now.