Category Archives: Security

Of contract negotiation, cryptography, and camels…

Saudi Aramco has a fascinating review of the history and significance of poetry in the Horn of Africa:

Somalia did not possess a written language until 1973, when the Latin alphabet was put to Somali phonetics; until then, people who wanted songs and words in their heads had to either memorize someone else’s or compose their own. […] The verses are learned by ear, for a Somali proverb says that “he who looks at paper never becomes a memorizer,” and the skills of listening and repeating are gradually applied to the creation of poetry. Part of the training thereafter is informal.

“I can remember the evening bonfires around which the children would gather,” says Dr. Ahmed Artan Hanghee, dean of the Institute of Arts under the Somali Academy of Science and Arts. “The storytellers would come and start recounting the past history of the clan. Then the poets would take over and entertain. The rules of poetry have never been written; they are just absorbed and understood.”

Real poetry is so common that it can fly completely below the radar of our daily lives. It is subtle yet significant and we sometimes only notice its role and complex structure after it is gone. I’ll spare you my ramblings on poetry as a form of language ecology for now, though. The article continues:

But that doesn’t make them easy. Classical poetry, considered the domain of the nomads and the purest form of the language, is lengthy in presentation and strict in style. There are stringent rules of meter and of alliteration, compounded by metrical counts that vary with the length of syllables. Thus the length of its vowel determines whether a syllable counts as either one or two moras, or units. Classical poetry must have 20 to 22 moras per line, as well as a pause after the 12th unit and two words per line that share the same initial letter. In Somali, the first two lines of the poem on page 33 are:

Inta Khayli dhuugyaha cas iyo, dheeh wiyil ah qaatay.

E dhallaanka Aadnigu u baxo, sidatan lay dhawray.

A second style of poetry, called anigarar, has 17 to 18 moras per line, and four other genres employ successively decreasing numbers of units, down to five per line. Woman poets compete in a separate genre of their own called buranbur, with similarly precise rules.

The words are metaphorical, rarely direct, Hanghee says. Most poetry contains the symbol of the camel, which can embody the notions of beauty, woman, provider of life, food, fragile temperament or freedom, or the ideal of nationhood.

“Somali poets talk in the abstract,” says Hanghee. “You’ll find one describing the beauty of a camel, but what he really means is Somali liberty and independence. Or the subject of the poem might be a horse, but he’s really describing the woman he loves. The waves of the Indian Ocean become the waves of decolonization and the freeing of Africa.”

This might seem like a stretch, but I don’t see a lot of dissimilarity to negotiating terms of engagement with giant companies.

We all hunch around the conference bridge using words that are rarely direct. We banter about or offer competing visions of security that can only be described metaphorically. And perhaps like working with nomadic herdsmen in the Horn of Africa, it is a perpetual challenge to bring security experts to agree on single sheet of paper that they feel does not restrict their future desire(s) while still honors their pride and heritage. You’ll find one describing the beauty of a control, but what s/he really means is consumer liberty and independence…

Door skating (unexpected friends)

The Mercury News reported on a case in the Silicon Valley that was solved due to a memory-chip sale gone bad. Apparently a man was commuting all the way from Vegas, stealing hardware from large tech companies, and then selling the goods online:

An irate woman traced two faulty $75 memory chips she had been sold on eBay to a seller and complained to the chip makers. Police with the Rapid Enforcement Allied Computer Team traced the name. Using a search warrant to go through the logs of an airline passenger clearinghouse service, they found Young had been flying in and out of the Bay Area for three years around the times of the thefts. They also saw he was scheduled to fly into the San Francisco airport two days later. He was arrested on the jet bridge.

I guess even the common thief needs quality control…

We all think it’s polite to hold doors open for people, and some insist that a failure to follow this tradition is a sign of rudeness. However, on the other hand, our politeness becomes our weakness as attackers find it a convenient way to “skate” their way into secure facilities without hassle.

As Emily Dickinson once said:

    “Remember me” implored the Thief!
    Oh Hospitality!
    My Guest “Today in Paradise”
    I give thee guaranty.

    That Courtesy will fair remain
    When the Delight is Dust
    With which we cite this mightiest case
    Of compensated Trust.

    Of all we are allowed to hope
    But Affidavit stands
    That this was due where most we fear
    Be unexpected Friends.

Expect the unexpected?

Update: I soon found myself pondering in/out access points in the Silicon Valley. Where have the designated “in” and “out” doors gone? That would at least cut down on the folks skulking around or trying to find a common exit to exploit, since they would be obviously acting spuriously unless entering through an “entrance”. Virtually every door I have seen lately, even in some “high-security” datacenters, has been bidirectional. Odd.

Stanislav Evgrafovich Petrov Day

I agree with Cosmic Variance that there should be an international Stanislav Evgrafovich Petrov Day to celebrate human reasoning. Those with the most compassion and experience (call it intelligence, if you must) seem the least likely to jump to false conclusions, and therefore are worthy of recognition for the hugely beneficial role they play in modern society. The Wikipedia explains:

Stanislav Evgrafovich Petrov (Russian: СтаниÑ?лав Евграфович Петров) (born c. 1939) is a retired Russian Army colonel who, on September 26, 1983, averted a potential nuclear war by refusing to believe that the United States had launched missiles against the USSR, despite the indications given by his computerized early warning systems. The Soviet computer reports were later shown to have been in error, and Petrov is credited with preventing World War III and the devastation of much of the Earth by nuclear weapons. Because of military secrecy and international policy, Petrov’s actions were kept secret until 1998.

It only stands to reason that if President Bush were really interested in the study of history, a compassionate person, or a seasoned leader, he probably never would have invaded Iraq based on flimsy and falsified evidence.

Employee terminated for refusing to give SSN

This was bound to happen…

Cassano, who worked for North Shore Veterinary Surgery, said she “was placed in dire jeopardy of having her identity stolen� and refused to provide her SSN. She was then terminated.

The US Court of Appeals for the Second Circuit affirmed a lower court decision that favored the employer writing, “There is no doubt that laws requiring employers to collect SSNs of employees have a rational basis.�

Cassano v. Carb, No. 04-6712 (2d Cir. 1/24/06)