ian glazer's tuesdaynight

I’m sure you’ve been following the Terry Childs case. Mr. Childs was a sysadmin in San Francisco who decided to change a few passwords and thus locked the city out of their new wide area network. Though it is still not clear why Mr. Childs did this, he had been recently written up for poor job performance. Among others, Matt Pollicove wrote about this and the need for trust. Matt asserts that trust is a must and I completely agree. That being said, the last two points in his post are mistaken. First he says:

Sweet! Wordpress released their app for the iPhone. So far, so good. I am getting dangerously to being able to go to conferences without my laptop. UPDATE: And by so far, so good, I meant it crashed when I posted this post. Sigh. I’m sure this too shall pass.

No no, not how to fight umbrellas, but umbrellas to use in fighting. John Steed shouldn’t be the only one who can fight using an umbrella. Looks like the Filipino Secret Services uses them as well. Definitely check the video out.

Continuing my thread on CCTV cameras (here and here), Bruce Schneier wrote a solid summation of the issues of pervasive cameras.

Kevin Kampman has added his opinion to latest RBAC thread. Kevin makes an interesting point:

Another challenge is to clarify what a role represents. A business role is an articulation of a business relationship or responsibility. A technical or IT role is a set of privileges or tools that are used to accomplish the business role. Business roles map to IT roles. If you try and merge the two into one, you come up with an IT role. It becomes difficult to ascertain what it was or is intended to accomplish, and it becomes inflexible, bound to an application.

Check out Ian Yip’s hilarious summation of the recent meta and virtual directory conversations across a bunch of blogs. Great stuff!

At the end of Tim Weil’s presentation on RBAC at Catalyst last month, Nishant asked a basic question: is the NSIT RBAC model sufficient and complete? Not receiving a satisfactory answer, he has taken his question to the blogosphere. Nishant’s question touches upon two of the hobgoblins of identity: context and intention. I talked about issues of context years ago in an unrefined form. This week I have been out here in Utah working at Burton Group’s headquarters trying to figure out what I will be researching in the coming quarters. I have not found my research topics yet, but in conversations with the team it is becoming clear to me that lurking behind a lot of the topics we’d like to dig into are the problems of describing context and recognizing intentionality. We’ll see what the coming months of research uncover.

I am on the road. Seeing this receipe and blog post makes me want to try and whip up a batch of these in my hotel room’s kitchenette. The following may be the best quote of the whole thing:

PLEASE OH PLEASE remember to cook your bacon before using it to make the cookie. No one wants a bit of uncooked pork in their cookie. That would be the opposite of delicious.

Just a brief follow-up to my previous comments. DC has written its regulations for this camera consolidation. I have copied a version here. Nice to see that the footage will be remained only for 10 days and then destroyed. But it also seems like anyone can gain access to this footage if they ask nicely.

My first post as a Burton Group analyst is now up over at the Identity and Privacy Strategies blog. (Helps if I actually link correctly… doh!)