Optimism is the cornerstone of any good rationalization

I chatted with a friend and PVC Security Podcast fan over Twitter earlier today. We were discussing the security stance in Europe and any potential travel I might have there. I mentioned the unexpected windfall the media’s pictures of Brussels give me as several of my pre-lockdown photos were lost due to sun spots, electromagnetic interference, and gremlins. The photo loss was not, and I cannot stress this enough, not user error.
She expressed concern for my travel and I deflected with the above. Granted, the original wording wasn’t as good and a bit misogynistic. By the way, “good rationalization” means effective and not any kind of moralistic judgement.
This modified version is a truer sentiment, and I like it. The most cursory DuckDuckGo doesn’t find an exact match, so I’ll coin it.
Creative Commons License
Optimism is the cornerstone of any good rationalization by Paul R. Jorgensen is licensed under a Creative Commons Attribution 4.0 International License.
Based on a work at http://www.prjorgensen.com/?p=495.

Where Should the CISO Report?

This is the number one question I’m asked, far & away.
My answer is this: it depends.
It’s not the cop-out you think. The organization and history of the enterprise impacts the decision.
My preference, in order:

  1. Member of the Board of Directors
  2. Reports to the CEO
  3. Reports to the CFO
  4. Reports to the CSO
  5. Reports to the CIO

Fundamentally, InfoSec should not report to an operational entity. The CIO is operational.
Ed and & talked about this on the PVC Security Podcast. What are your thoughts?

Firefox Browsing with Myriad Tabs

Disclaimer: I like Firefox and I like tabs.
Note: This languished in my site’s Drafts folder for a long time (2013)


Vertical Tabs

The only way I can manage my many tabs is to have them in a vertical stack on the left of my display. The tool that works the best for me is Vertical Tabs. I resize the tab stack so I only see the tab/site icon. I turn off any additional items like the close button.

Tab Management

Tab Mix Plus (TMP)

TMP provides a high degree of tab management.

Tab Memory

RAM Back

RAM Back is an ancient Firefox add-on extension. Frankly I’m not sure if it’s doing anything. Someone I know and trust advised its installation, so here we are. It doesn’t seem to cause a problem, but I’ll say it is optional.

BarTab Lite

BarTab Lite provides a mechanism for unloading a tab from memory, especially at start-up. The tab is still there an visible, but it keeps Firefox from loading the tab until you click on it. Right clicking on a tab will give you an ‘Unload Tab’ option.

Tab Session Management

Session Manager keeps track of your tabs. It goes several steps beyond what Firefox offers by default and a bit more than what TMP provides.

  • Automatically unload unvisited tabs after a specific time
  • Identify memory hogging tabs
  • Automatically unload memory hogging tabs
  • Pause and mute video on background tabs

2016 Emerging Cyber Threats Report

2016 Emerging Cyber Threats Report http://www.iisp.gatech.edu/2016-emerging-cyber-threats-report

Nearly two dozen cybersecurity experts from Georgia Tech, business, government and defense, share their observations about emerging trends in a more connected world — where cyberattacks grow more persistent and sophisticated by the day. While some threats and response mechanisms continue unchanged year over year, other conflicts and challenges are becoming dramatically more intense. Academia, industry and government must work together in bold new ways to solve the grand challenges of cybersecurity . I haven’t read it yet but it’s going in my queue for my plane ride this week. What are your thoughts?

Lotus Notes & the Hidden Outbox

Big Blue’s mail standard is Lotus (now IBM) Notes. My work machine runs version 9.
My client engagement Associate Partner asked me to send him documents. I sent them via email as one does. Later he pinged me to the tune of “where are they?” and “I don’t have them”. He closed with a rousing chorus of “Get them to me now”.
Puzzled, I checked my mail replication. Sure enough my outbox showed a seemingly perpetual 86% complete. I found the message to the AP in my Sent folder. My error was obvious: the files in total size would choke a rhino. I failed to notice one file with a modest page count had several other files embedded.
I sent the AP the lot via a more conscientious method, then I turned my attention back to my clogged outbox where multiple other emails waited patiently for their turn behind my choked rhino.
I knew Notes has an outbox. I couldn’t find it because the interface hides it. After a multitude of DuckDuckGo searches I found the solution.


  1. In Notes, type [CTRL-O] to open the “Open Database” dialog.
  2. In the File field, type ’mail.box’ (no quotes).
  3. Change the File type to All Files. mail.box will be in the list.
  4. Select it and click Open.
  5. Find the file blocking the others, select it, and hit Delete.
  6. If the file doesn’t delete, try hitting [F5].
If you’re on a Mac and this doesn’t work for you, replace CTRL with CMD in step 1 above. Your outbox will clear on the next sync.


You can add a bookmark in your Notes client for the outbox to make it easy to find again.


Subject: Pending mails in outbox
Hi Ranjit, On your workspace – press ctrl+O – that would bring up the open DB window. Now in the file field, type ‘mail.box’ and click open. That would open up your local mail.box file. Delete the emails if they are not required.
Feedback response number WEBB86RE2W created by Nimda Onimod on 06/25/2010