Thursday, 24 December 2009

Monday, 21 December 2009

Optimism is Power


I've been working in Darwin in the north of Australia for three weeks now. It's where I grew up but that only means that I knew it as a kid. Who I am as an adult formed by living in Canberra and Sydney and travelling the world.

Yes, I'm an eternal optimist. It annoys the hell out of cynics, pessimists and misanthropes but I'm OK with that. Me being OK with that also annoys them but luckily for me, I am too positive to be swayed by their black-hatting.

Why do you care about my glass-half-full view of the world? I'll tell you why...

Positivity is Power.

I don't want to sound like Tony Robbins because he is a bit of a knob actually but I do want to get through to negative thinkers. In Darwin, I seem to meet one positive person each week out of the 20+ new people I meet. That's 5% and based purely on my small sample size and sloppy counting methods.

Sydney wasn't like this, was it? I ran in to a lot more positive can-do people. After voicing this observation to a Sydney friend, he suggested that this could be because of the kind of people I was meeting in Sydney anyway. People in the circles I ran in were making the most out of life. They changed their lives if they needed changing and looked for opportunities constantly. It was and still is an energetic crowd with drive. Everyone wanted to change the world. We often joked that we would stop getting out of bed if we no longer believed that. These thoughts push you to progress and succeed. These people push you to progress and succeed.

It has been tweeted a lot lately that you become what the people closest to you believe that you are. You are made in to what they expect from you. That is so true that it terrifies me. What if I don't find that crowd of over-achievers here in Darwin? Will I ever do anything more with my life?

Then I break in to hysterical laughter and realise where I really got my can-do attitude and ability to see the silver lining on every cloud. It was through trying, failing, trying again and doing brilliantly. It was from what I was taught from a young age by my parents who said "you can do anything you set your mind to".

How does this apply to work? Good question and I'm glad you asked. It applies like this...

Belief

Belief releases you from the negative thoughts that say you shouldn't bother because it's not achieveable anyway. It gives you options. The option to do anything you choose to achieve.

Purpose

Purpose is making a choice from the options and deciding that's what you will aim for. Often people have dozens of great ideas but they do nothing with them. One average idea achieved, is better than 10 brilliant ideas that are filed in the might-have-been pile.

Drive

Once you have a purpose, you can realise it. In my career at this time in my life, it means working in Darwin and improving the software development environments I participate in. That will be onsite with my clients; in the user groups I start and join; and in my own personal projects. The fact that I have done it before in the other cities I've lived in, means that I can do it here. It's not about who rocks up to join in. It's about what I want to build and if I build it, they will come.


So, my point? Get out there and do something. Anything. You really can do anything. Build better software. Make sure the work you do is something you are proud of. Share your knowledge online and in the workplace. Talk to people about what excites you about this industry.

Change the world or don't even bother getting out of bed in the morning.

Thursday, 17 December 2009

Security through Obscurity


In IT Security, the term security through obscurity describes the act of designing a system or application to hide functionality in the hope that people won't stumble across access to the secret functionality. People argue that Defense in Depth tactics justify leaving functionality unsecured by enrcyption, access control or other means. The thing is that a lot of the time, they are only obscuring it and not restricting the path to it.

A recent example of this was when I entered an organisation which restricted access to their cmd prompt and the machine's C:\ drive on their Windows desktops, via settings in their SOE.

I wanted access to run a few administrative tools which were not available in the typical menu. There was no Start -> Run... option available. We weren't allowed to use it.

At first I was disappointed and then I wondered how they had restricted access to it. I thought for a while then created a text file on the desktop named cmd.bat, containing the single line cmd. Double clicking on that brought up the command prompt and access to anything I wanted. I didn't run any of the tools I wanted and quickly deleted the batch script on realising the ease at which this hole could be exploited.

Even access to the C:\ drive would not have been a challenge. A batch file with the command >explorer c:\ would be enough to start the Windows Explorer with it pointing to the restricted drive.

This is not security.

I am responsible enough to not wreak havoc and break the rules. Hopefully, others are too.