Aardvarks to Zorillas - Anything goes

Was reading an interesting article, now that I have lost the link, I may not have it here, though I would fill that in once I get hands on it. This article was how the fingers knows what you are typing even though your eyes reading the content says you typed in wrong. This was done in a research that talks about how they introduced typos, some of the typos were introduced even when it was typed proper and some typos were corrected randomly. The conclusion of the study was that, the finger paused a second, when it typed fine, but the eyes looking at the screen, saying you got it wrong. The pause is because of the auto recognition of the fact by the fingers when you make a typo or that you are sure that you got the correspondence between the eyes and the fingers. Reading the article, made me wonder, have we not always remembered our passwords for different sites. Many a times I have had the opportunity to go to a website and even without thinking for a moment, the fingers go and hav...

Am asked many a times , hey, we need to get ISO 27001 certified and then asked to make themselves compliant within a few weeks. I go through the long process of explaining the steps required and the terminology that is often used as part of the compliance exercise. In this ramble, I will try to capture the salient requirements as to what constitutes the process and the time lines generally applicable (I am generalizing here) to get compliant or to go for certification. Before taking it further, I will say this " YOU CANNOT GET ISO 27002 certified" ISO 27001 is the management standard that details on the processes - THE ISMS - and you certify against this standard. The Annexure to the standard details the controls that are recommended to achieve the objective. These are brief details as to the nature of controls required. However, a detailed version of the controls in the ISO 27001 annexure is found in ISO 27002. ISO 27002 can help the organization to achieve ISO 27001 certif...

Many a times there are arguments about the best way to go ahead with a plan as to the contents of Policies, Standards and Procedures. The major factor in the successful roll out of such an exercise has been debated and is more cultural and is a product of the person at the helm. However, a good evolution has to have elements that are integral to the success of the endeavour. Let us look at some of the elements of a policy. The policy is at the highest level and is a statement of the intent from the top management, agreeing to have a clear direction as to the need to protect information assets. Enforcing the policies are the standards, these are directions to achieve the goals enunciated in the policies. Many a times , once the policies are derived, it is that much more difficult to evolve a set of standards in line with what is in vogue in the organization. This is because of the fact that there are processes that have been evolved ad hoc, addressing issues over time and have become ...

Many have asked me to give more details as to why my blog is called Aardvarks to Zorillas. The idea was to make it much more interesting that saying A to Z, anything goes. To get to know as to what are the various elements that I am blogging here about  - from Information Security, History, Religion, Technology and Science. They are not scientific treatises, but general journalistic write ups with their grammatical errors ( I leave them there, for the fact that these are made as rambles - Rambles are just a thought process that just comes about over time and they are typed into the blog in one go, no proof reading, no relook into what has been typed, no editing... Rambles as it ought to be. The idea of the blog is also to just vent my thoughts, the time when I do not find somebody to bore to death. Just to record the thought and it makes for interesting reading after a few months. You would be surprised at the prose that had flowed out of your head, no semantics, but clearly the ...

QR Codes have been in vogue for nearly two decades particularly popular in Japan. With the advent of the Android platform, we have oflate started to see a lot of information in the form of QR Codes being pushed across in billboards, magazine covers,advertisements. With the density of information that these QR codes affords, we would be seeing a slew of applciations that would use these codes to deliver content as well as become a preferred way to digitize content through a modus that is easy and simple. Already we are seeing product labels having these codes embeded to find more information, this is for the discerning customer, who wants to check the details of the product before they purchase the product. This can contain information that is useful for the customer, like product details, where they are procured from, a nice little recipe or to lead you to a set of web sites or a way to call them or register the product. The different applications that this can be put to is tremendou...

Biometrics is touted as the solution to all identity problems we have. It is like Manna from heaven that would solve all the problems associated with user IDs and passwords and tokens and make everyone so unique because of the fact that they have finger prints, retinas, face geometry, hand geometry, wrinkles on the face and whichever set of controls required to ensure that the person identifying himself is him/her. However, this identity is under pressure from a set of technologies, that helps in recording it in such minute details that with advances in technology these could be replicated without much ado over time. Lets look at Cameras with super sensitive irises. These Cameras with high resolution sensors to the tune of 50 Mega Pixels announced recently by Canon and other Japanese Camera Leaders, makes you wonder, if your iris is protected at all. Can somebody take a shot of your iris or a shot of your fingers, make a copy of it and run away with your identity. It is a possibility...

Thinking about the concept of God, it is clear that humans looked at something beyond them to ensure that there exists order in the society they lived in. This concept was paramount to the success of humans as a race and evolved into the civilization that nurtured into what we are today. The concept worked fine as long as the various communities that were governed by a particular god served the purpose without much ado. The present conflicts can be seen in this context. As boundaries overlap, the concept of god overlaps and therefore the confrontation between various gods and results in conflict. Most conflicts are fought in the name of godhead. God heads might change to the concepts followed in various religions to the change of the god head into a generic term like democracy, at least the new god democracy is generic and representative of all the thousands of gods we have across the world. God and religion are very important aspects in maintaining order in society. When the gods ...