Dan Sneddon's Portfolio

All-Time Favorite Tweet

dsneddon — Thu, 08 Dec 2011 22:06:48 +0000

This is my favorite Tweet of all time.

I just received the news that my mom’s cancer is completely in remission. She battled stage IV thyroid cancer, and kicked its ass. In case you can’t guess, my mother is an exceptional and amazing woman. Here she is in this photo with most of her 7 children (including me). My oldest sister and another adopted brother aren’t here. Any person who can raise 7 children is great. Anyone who can battle serious illness with 5 children still in the house, and doing almost all of the parenting alone is a force to be reckoned with. Congrats, Mom!

Playing Video Games for 24 Hours for Charity

dsneddon — Tue, 11 Oct 2011 00:54:27 +0000

My friends and I, along with thousands of others, are going to be doing a “marathon” for charity. It’s not really a marathon, as in an event where people actually do physical activity outdoors, but we will be playing video games for 24 hours straight to raise more than a half a million dollars for charity. So let’s just call it a marathon. It sounds better than “march of death”.

This has to be at least as hard as walking. Or running. Or whatever it is that people do at normal marathons.

It’s for a great cause, too. The Children’s Miracle Network hospital of Oakland is terribly cash strapped, and there are so many children in need that it really breaks my heart. My team hopes to raise thousands of dollars, and there are more than 100 teams. The amount of money raised in this fundraiser is truly staggering.

I’m asking everyone I know to consider donating to the cause. If everyone who reads my blog, follows me on Twitter, or calls me a Facebook friend gave me just $1 for every hour that I’ll be playing video games, I think it would be about 700 grand. That’s just a quick back-of-the-bar-napkin estimate. The real number is probably much higher.

But I can’t do it without your help! Donating is really easy, just go here and give them your digits: http://extra-life.org/participant/banjor

Managing Government IT Projects

dsneddon — Fri, 24 Jun 2011 23:23:02 +0000

Managing large government IT projects? Don’t do it alone. A good general trusts his lieutenants.

If you get significant funding, resist the urge to buy more technology, you should first spend some of it on a manager with experience in government software projects. Otherwise you will find yourself getting mired down in areas which are non-technical, and you won’t be able to focus on design, programming and advocacy.

If you don’t get sufficient funding, resist the urge to promise too much on a tight budget. Managing expectations is just as important as managing resources when it comes to the overall success of the project.

I’ve worked in the public and federal sectors for several years now, and I have had to do too much project planning and management on my own. The process is different in government work than it is in the private sector. Coming from the startup and tech innovation sector, I found that many of my assumptions were wrong. In government projects, things take (much) longer, money goes through painful bureaucratic delays before being freed up, and it is much harder to get someone to make executive decisions and see that they are enforced.

A good project manager with government project experience will know to break the project into smaller parts, remove dependencies, and make a project more parallelizable so that you don’t end up with a team of people waiting for a critical milestone. Also, they will be able to do resource management and expenditure tracking better from 50,000 feet than you can from the ground.

Crowdsourcing Meets Malicious Hacking

dsneddon — Sat, 18 Jun 2011 20:58:18 +0000

Recent developments in the world of malicious hacking show that combining multiple technologies can lead to big things. The latest craze in combining crowdsourcing with organized cracking has brought the general public in on the effort, rather than making them passive observers.

The attacks from the malicious hacking group Anonymous have grown in both the profile of their targets and the media attention they have garnered. Anonymous even set up web pages where users with zero knowledge or experience in the realm of cracking websites could join in and help with the distributed attacks from their personal computers.

The cracking group LulzSec have been advertising phone numbers for a suggestions line that allows anyone to anonymously suggest their next target. Combined with the recent high-profile cracks that LulzSec have taken credit for, this helps to create a guerilla people vs. establishment air about these activities. This explains part of the hero-worship for LulzSec and Anonymous.

I think we can expect to see more of this as social networking and ubiquitous smart phones make it possible for individuals or groups to harness the computing power in peoples pockets and social networks to overpower security defense systems of companies and governments.

What’s the answer to this emerging threat? Adding bigger firewalls and more draconian security policy does nothing to prevent a large-scale distributed attack on all potentially vulnerable points within an organization’s network. It only takes one weak point for the attack to get further inside, and increasingly attacks are becoming indistinguishable from legitimate business. The real answer is for information security personnel and departments to use the same kind of crowdsourcing approach that the bad guys are using. Employers can help by encouraging their information security departments to share information, engage with professional groups, and develop communities to strengthen the whole field. Governments have learned this lesson in response to traditional terrorism and insurgencies, and it’s time for the same approach to be applied to cyber warfare.

So Obvious It Hurts

dsneddon — Fri, 03 Jun 2011 17:32:47 +0000

Some things are just so obvious it hurts:

“The amount of error a topological quantum computing system can sustain corresponds to how many interactions in the underlying spin glass can be frustrated before the material stops being ferromagnetic.”

I mean, come on, duh!

http://www.tacc.utexas.edu/news/feature-stories/2011/overcoming-quantum-error/

Network Engineering “Cheat Sheets”

dsneddon — Wed, 01 Jun 2011 17:47:51 +0000

Packetlife.net has a very nice collection of “cheat sheets” for network engineering. These are great references for things that always seem hard to remember when you need them most, like “How do I filter out the CEO’s porn browsing from the packet trace on the Internet router that I am sending to a technical support person in Mumbai? I do this so often, yet I always forget…” Check them out here: http://packetlife.net/library/cheat-sheets/

Today’s Inspiring Quote

dsneddon — Fri, 06 May 2011 20:20:58 +0000

“If you have knowledge, let others light their candles in it.”

-Margaret Fuller

A touching reminder that when knowledge is shared nothing is lost, and everyone gains.

Will Thunderbolt Become the New Interface Standard?

dsneddon — Fri, 25 Feb 2011 00:35:43 +0000

Apple announced this week the specs for the latest iteration of their MacBook Pro line. The numbers are impressive: up to quad-core processors in the 17″ model, an option for 1680 x 1050 high-resolution graphics on the 15″ model, and a new high-speed interface dubbed “Thunderbolt”. This totally new interface is an Intel development that Apple had a lot of direct input into, and Intel have announced that Apple is expected to be the only computer manufacturer shipping the new interface until some time in 2012. The possibility of success for this new interface is generating a lot of hot debate about the viability of this new interface.

Apple has a long history of pushing interfaces that few else use. It was a developer of the Firewire interface, it tried to push DisplayPort and then Mini DisplayPort, it temporarily tried to push CardBus Express, and it even had a proprietary audio connection on some of its computers briefly that combined audio signals and power into one cable. Some of these interfaces have been total failures, and eventually quietly slipped away. Others, like USB and to a lesser extent Firewire, have been wildly popular and became industry standards after initial speculation when Apple introduced them. So the question is whether Thunderbolt will be adopted by other manufacturers, or whether its headed for eventual obscurity.

It might seem like Intel’s decision to grant Apple a full year of exclusivity might doom this interface to limited adoption, but I think this ignores a simple fact: Apple is almost always a full year ahead of the industry anyway, so really this just provides a little guarantee that they maintain their usual lead on the competition. Thunderbolt also offers real advantages to USB 3.0 and DVI, and these interfaces are starting to prove to be a bottleneck for the newest, fastest hardware, so something needs to change industry-wide.

Thunderbolt’s specs are impressive: 10 Gigabits/sec of throughput, video and data on the same path, and both copper and fiber media. I predict that this interface is going to be a winner, and if the new iPad 2 has this interface, well, it’s pretty much game over for USB 3.0.

Happy New Year

dsneddon — Thu, 06 Jan 2011 21:56:01 +0000

Happy New Year. Here’s a picture of a snowman that someone built in the Grapevine (Tejon Pass in California). So far, 2011 is going great. I wish I had the time and money to go snowboarding this year, the snow is great up in Tahoe. Maybe next year, although I’m keeping my eye out for good package deals.

Major Bugs in Internet Name System

dsneddon — Wed, 01 Dec 2010 22:35:17 +0000

This Amazonian wasp is nowhere near as scary as the bugs on the Internet

The Internet Systems Consortium (ISC) which manages the Domain Name System (DNS) software that practically everyone uses announced today that practically everyone’s software is vulnerable to a denial-of-service attack. This means that you can expect major interruptions to Internet services for weeks (or months) to come.

DNS is the system by which the name of a place on the Internet gets translated to the address of a place on the Internet. It’s almost exactly like looking up an address on Google Maps, a name goes in, and address comes out. All of this happens behind the scenes in your Web browser or mail client or other Internet software.

The Berkeley Internet Name Daemon (BIND) software has been the vector of some of the worst attacks on the Internet ever. Major portions of the Internet have been disabled due to problems with this software. You may have heard the old adage that the Internet was designed to route around damage to itself, and this is true (thanks to the US Department of Defense being involved in the early days), but the DNS system remains a single point of failure for the general Internet at large.

If you have some places that you absolutely must have connectivity to, you can prepare yourself for the worst:

Open up a command-line (Start->Run->”cmd” on Windows, Terminal.app on Mac, Linux users need no advice)
Run the command “nslookup ”, where is the hostname, such as “gmail.com”
Write down all the IP addresses associated with the name (there may be one or more)
When the shit hits the fan, replace the name of the site with the IP address

Do this for your most importat sites, and that should protect you from losing connectivity if something goes horribly wrong. Do note that these name-to-address mappings change frequently, so it’s not a bad idea to do this every couple of weeks.

http://www.kb.cert.org/vuls/id/706148
http://www.kb.cert.org/vuls/id/837744
http://www.kb.cert.org/vuls/id/510208