Tuesday, November 29, 2011

Get a Cipher. It’s as easy as a walk in the qbsl4.

Our blog has moved. You will find this blog post and fresh content on our new Talascend IT blog.
by Josh Kaplan

At Bletchley Park in England, the centre of allied code-breaking in the 1940’s, British and American personnel decrypted the enigma machine, Germany’s  main means of encrypted communication. Winston Churchill himself described Bletchley as the secret weapon that won the war. 
Bletchley Park, home to WWII allied code breakers

But despite the considerable intellectual and technological resources committed to the unit, the largest contribution made to the cracking of Enigma was made by German clerks.  

Bad code words were guessed by staff at Bletchley, using intelligence provided by spies and intercepted communications that were often as simple as the name of a clerk’s dog or girlfriend. These educated guesses, when correct, created the framework for breaking the overall code.  

60 years later, more advanced technology is available to our teenage children than was ever known at the park, but the Achilles heel remains the same. Bad passwords. Lazy, obvious codes that invite chaos in our homes and businesses. Here’s some simple statistics from Javelin Strategy and Research:

  • 11.1 million adults were victims of identity theft last year
  • The total fraud amount was $54 billion
  • The average victim spent 21 hours and $373 out of pocket resolving the crime
  • 4.8% of the population was a victim of identity fraud in the last year

The problem in so many cases, was bad passwords. A list of the 25 worst passwords, recently published by Forbes (http://www.forbes.com) carries only the occasional surprise. You could guess the top 5 with little effort - Password, 123456 and so on – but then that’s why they’re bad passwords.

The problem is that the idea of a password carries a central disconnection. It must be easy to remember but difficult to guess. This is not easy, especially with the number of passwords most of us must carry in our heads. Using the same word for everything is obviously a bad idea, as is committing any of your secure passwords to paper, or to the word document on your desktop entitled ‘passwords’.

So what’s the answer?  A cipher that adds an extra layer of security. For example kptvlbqmbo10 is a good password.  Great, you say – but how am I supposed to remember that in a cab to the airport trying to check in online? It’s easy enough. It’s my name. joshkaplan. I’ve used a simple transposition cipher (bumping each letter one up in the alphabet), then I’ve counted all the letters and put the number on the end (10). The result is a 12 letter combination of letters and numbers that is far more secure yet easy to remember.

If you’re one of the people who are using your children’s names (Ashley and Bailey are in the top 20), or words like Dragon, Baseball or Monkey – you should switch things up. Using my cipher, Baseball becomes Cbtfcbmm8. Invent your own cipher and try it out. Whatever you do, don’t use this one.

This kind of cipher won’t get past the guys at Bletchley, but it should be enough to keep your Facebook account safe, and your kids away from Cinemax.

Monday, November 21, 2011

High unemployment and major skill shortages. A problem with only one solution.

Our blog has moved. You will find this blog post and fresh content on our new Talascend IT blog.
By Josh Kaplan

Is there really such a thing as the wrong kind of job?

With job creation on the lips of every aspiring and incumbent politician, it’s ironic that Washington DC itself is one of the main centers of the imbalance.

Washington DC has seen a boom in IT jobs in 2011
The DC area has experienced a steady decline in job opportunities since a slight peak in March of this year. Based on the number of jobs placed online by hiring companies and agencies, 2011 has ended badly for the capital’s job market.

But for Computer Systems Analysts, Web Developers, and Network and Computer Systems Administrators the outlook is much more positive.

A report this week from wantedanalytics.com shows a significant increase in IT jobs in the area.

The trend is likely to continue into 2012. The question is what to do about it. As we’ve seen across the engineering industry, massive requirements for skills only create jobs if there are people with the right skills to fill them. Without the right skills available in the market, you have urgent open vacancies that contribute nothing to job creation.

Bridging the gap between mass unemployment and skill short market places is a problem with only one long term solution: training. The shortage in IT has been self created. When healthcare companies – one of the areas at issue - moved to 1099 contractors instead of retaining their in house talent, they lost the skills they need with familiarity and experience of their organization to get the job done.

There is clearly a major opportunity to retrain large numbers of unemployed workers if proper programs are put in place either by the government or by the private sector.

As demand increases, project delivery will only suffer more. It’s time to look seriously at retraining options.

In the meantime, IT professionals would be well advised to pack a bag and head for DC.