The OS is always greener...

I'm not quite sure why it is, but among 75% alpha geeks that I know there comes a time, usually once ever three or four months, that causes them to question their operating system of choice. Like clockwork. There really needs to be a name for it. 

My friend the Windows admin starts thinking about all the reasons he hates Windows (who can blame him) and blows away a laptop or desktop and installs Fedora, or at least runs Knoppix for a week or so. I have a panic for a few hours that causes me to shun my beloved OSX and a morning pricing out Dell laptops or Thinkpads and cursing the whole experience. I've had a friend who went full out, sold off his treasured Mac, and bought expensive x86 laptop and ran nothing but Solaris for a few months before switching back. 

It's a common occurrence and it needs a name. It also begs for an explanation, a method to the madness.

I've had a number of reasons. It used to be all about the hardware. Much as I enjoy my Macbook I often wish I had something lighter and smaller. Then Apple went and announced the Air, which while a bit under powered for my taste does do most of the things I've wanted from a laptop, and will probably be my next purchase. That leaves the OS. Hardy Heron from Ubuntu looks really nice, very friendly, and is the most well integrated version of Linux I have ever had the pleasure of using. Better than OSX 10.5? No, probably not. On par with OSX 10.3? Probably. 

It's not about that really. I know, in my head, that I prefer and will get more done with less effort on my Mac, that's why I got it in the first place. Ultimately that just means it's a case of wanting what you don't have. Testing to see if the grass really is always greener, or just looks that way. I think sometimes alpha geeks want a change, even if they know, usually through careful evaluation and consideration, they're already using what works best for them. Now I just need to remember to reread this next time I start thinking how nice Gnome can look and remember how Amrok, while surprisingly nice, still doesn't hold a candle to iTunes and gEdit, however modded, is no TextMate.

InfoSec vs. Coding

The job hunt is a long and onerous thing, full of hope, trepidation, and frustration. It's somewhat bizarre how it can all work out. Jobs that I've wanted haven't returned my emails, jobs that I never wanted have insisted on interviewing me (and in fact flying me out to the West Coast to meet with them) have turned out to be poor matches, just as I originally thought they were. Most notably recently, the job I was somewhat interested in, that turned out to be something completely different, that gave me an offer I never expected.

Sadly though I find myself, at least at this moment, somewhat disenchanted with infosec as a career. I know it's temporary, it always is, but that's where I find myself now. Security is an uphill battle, our successes are par for the course and hardly ever recognized, our failures are monumental catastrophes with dire consequences. It often feels in many ways you can never do anything right, only avoid mistakes. I don't think this feeling is unreasonable, simply the state of things. The only way to "win" the security game is to be someone breaking, not protecting.

I find, as a result, I rarely know what I want to do in security, a question I'm asked often, as you'd expect. Developing exploits sounds fun, but I haven't done it before, and the barrier to entry feels high, though I'm trying, at least on and off, to learn it. I have a certification in Incident Response, but I've never done any of it, though I feel like I should, so that's a draw, but again, it's essentially a janitors position, cleaning up others messes. General consulting is a mixed bag at best, fun and interesting one day, but dull and monotonous the next, though the money is often desirable. I know one thing I don't want to do is continue in the security monitoring area, it's too limited, like seeing someone about to get mugged, but being unable to do anything except yell at them to run, knowing they probably won't hear you.

I'm not saying it's driven me to it yet, but I totally understand why my friend al3x has moved from doing security work to building great software like Twitter. I can see the appeal of creating something, nurturing it, having it become something good, and winning, in some small way, a victory in seeing an idea become a reality. I haven't decided to make any moves out of information security, not close, but I admit many hours I used to spend trying to learn assembly (for reversing) or C (for writing exploit code) are now trying to work on skills to build my Python or Cocoa coding. I know all of these things are self supporting, knowing assembly will make me a better Cocoa coder, and python skills will be useful in infosec, but still, it's something of a shift in priority.

In short; I don't know. I'm frustrated and confused, but I know I'll work through it.

Things I Liked in 2008

Copying directly off of Brittany I'm putting together my list of things from the past year that I've been into:

I. Products

• iPhone
• Shure E110 Heaphones
• OLPC XO-1
• Hoodies
• Specialized Langster Chicago
• Moleskin Notebooks
• North Face Surge Backpack

II. Software

• OS X
• Textmate
• Handbreak
• Omnifocus
• Ubuntu
• Tomboy
• EVE Online

III. Internet

• Tumblr
• Google Reader
• Twitter
• Google for Domains

IV. Entertainment

• The Office
• Entourage
• Transformers: The Movie
• Non-fiction

V. Food & Drink

• Red Mei Pad Thai
• Great Divide beers
• Murky Classic Cappuccinos
• Pho
• Scharffen Berger 70% Cocao Chocolate
• Red Wine
• Elijah Craig Single Barrel 18 Yr Reserve Bourbon

VI. Miscellaneous

• Penn State Football
• Text Messaging
• Urban living
• My dog Guess
• Virtualization

Yet Another Blog

Yeah, I've started another blog. Terrible isn't it? I think I have enough of them. My hacking/security blog: Vulnerable Minds, my joint beer blog 3Beers, and even a big blog somewhere, prolly by mistake or something.

So why this? Why Toga Foam Party? Well, the name came from joke with my buddy 5dots, and I guess I just stuck with it. I've had Toga Foam Party as a domain for awhile, mostly as the location of my Tumblr, but I've found myself wanting more option to blog, and by linking a Blogger to my Tumblr I allow that. What am I going to blog about? Nothing serious, I promise. Really. If I want serious I'll blog for work, blog with my security group, or write a novel. I just want to be able to post whatever, from interesting Python clips I find to how stupid I'm finding "Live Free or Die Hard" which is quite a bit.

So yeah... that's that.