Archive

Archive for the ‘Poetry’ Category

Bye, Bye My Clustered AMIs…A Cloud Tribute to Don McLean

April 23rd, 2011 1 comment

Sung to the tune of Don McLeans “American Pie

A long, long time ago…
I could launch an instance
How that AMI used to make me smile
And I knew if I needed scale
that I’d avoid that fail whale
though I knew that I was in denial

But April 20 made me shiver
Amazon did not deliver
Bad news – oh what a mess
auto-cloning E B S…

I can’t remember if I cried
when the status dashboard said East had died
Tried to take my VMs back inside
The day…Amazon died

So bye-bye, my clustered AMIs
I tried to launch one
it just sat there, much to my surprise
And them angry devs were telling stories and lies
Singin’ “this public cloud I now despise
“this public cloud, I now despise.”

The CFO’s got a look of love,
and his faith, all-in, with the clouds above,
Buy less servers, Werner tells you so…

Do you believe in infinite scale
Can the cloud save your ass when it goes to hell
and can you teach me how to plan to fail?

Well I know that ….you’re in love with scrum
that agile, mobile are your rules of thumb
You tried, those VMs to move
but with no RDS, you’re screwed…

I was a lonely sysadmin with nothin’ to prove
until the cloud done fail, now the devs are screwed
and they didn’t know what quite to do..
the day…Amazon died…

I started singin’
bye-bye, my clustered AMIs
I tried to launch one
it just sat there, much to my surprise
And them angry devs were telling stories and lies
Singin’ “this public cloud I now despise
“this public cloud, I now despise.”

Enhanced by Zemanta

An Ode to Oracle’s Cloud…

September 22nd, 2010 2 comments
SAN FRANCISCO - SEPTEMBER 24:  Oracle CEO Larr...
Image by Getty Images via @daylife

Try not to be
such an Oracle Hater,
Build a big, honkin’ Cloud:
Exalogic &  -data

It’s fluffy & shiny
it’s new & fantastic
It scales like butta,
cos it’s so damned elastic

It may cost you millions,
but it’ll save you a buck.
Is it really a cloud?
Larry don’t give a f*ck.

It’ll castigate partners
and alienate friends
it’s got unbreakable linux
and it also self-mends

The kernel is magic,
OVM’s where it’s at
Some might disagree,
especially RedHat

Infiniband, ten Gig,
many Sun-powered cores
It’s got enough cycles
for HPC chores

The issue some have,
is Larry’s evil plot
It’s really quite simple,
a mortgage and yacht.

It’s like “War of the Roses,”
‘tween Big O, Salesforce
Gets ugly in the  Valley
when partners divorce

Some CEO’s chide Larry,
and others, they scoff.
Some fire back with venom
like Mark Benioff

It’s a False Cloud, a Non-Cloud
“We’re like A-W-S”
this marketing plan
is one freakin’ mess

Just one file to patch it,
it’s IT on demand.
It’s a mainframe with JBoss,
can’t you understand!?

It’ll take all you can give it,
all you can muster,
It scales from one
to an eight headed cluster

At the end of the day,
from morning to nox
take comfort that Cloud
now comes in a box.

P.S. You may be interested in other little ditties I have scratched into existence, here.

Related articles by Zemanta

Enhanced by Zemanta

Friday Cloud Poetry: “On the Bullshit That is False Cloud”

June 25th, 2010 3 comments

I was inspired to write this given the latest round of marketing being tended to by Amazon Web Services in their renewed campaign to convince Enterprises CIO’s that their server-hugging IT teams are luddites and interested in nothing more than boat anchoring the success of their companies to some desperate need to buy legacy kit.

The “public-all-or-nothing” approach being hammered by AWS simply ignores the reality that the very customers they hope to woo face on a daily basis and instead seeks to rub their noses in the idealism that we should all simply trust that public, mass-market, one-size-fits-all Clouds are ready for critical, compliance-shackled, and heavily regulated applications today.

Werner, this one’s for you…

If the language of Cloud
Were something to parse
You’d find that some constructs
are rooted in farce

Dogmatic pursuits
of cloud terms that are pure
Yields terms of endearment
some profound, some demure

“Private Cloud is a false cloud!”
Werner peddles his schpiel
That’s to be expected
given where he gets his next meal

Cloud’s not about exclusion
There’s no right or no wrong
It’s not a crusade
OR a kumbayah song

Public or private
Inside or out,
Serving the business
is what cloud’s all about

If you make this religious,
Telling people to choose
All you’ll accomplish
is how fast you’ll lose

Say what you’re good at
What value you add
Not that differing approaches
Are inherently bad

Be evangelistic for sure
Promote Public Cloud’s virtue
And don’t be afraid
Private Cloud’s not out to hurt you

The reality is
No matter how you try and avoid it
Private cloud will add value,
No, you haven’t destroyed it

The value prop’s clear
On where each model works best
The market will sort out
where the laurels will rest

Public Cloud is fantastic
Private Cloudies agree
Hybrid models will win
Just wait and you’ll see

Related articles by Zemanta

Enhanced by Zemanta
Categories: Cloud Computing, Cloud Security, Poetry Tags:

Ron Popeil and Cloud Computing In Poetic Review…

February 27th, 2009 No comments

Popeil

The uptake of computing
using the cloud,
would make the king of all marketeers
— Ron Popeil — proud

He's the guy who came out
with the canned spray on hair,
the oven you set and forget
without care

He had the bass fishing rod
you could fit in your pocket,
the Veg-O-Matic appliance
with which you could chop it

Mr. Microphone, it seems, 
was ahead of its time
Karaoke meets Facebook
Oh, how divine!

The smokeless ashtray,
the Cap Snaffler, drain buster
selling you all of the crap
Infomercials could muster

His inventions solved problems
some common, some new
If you ordered them quickly
he might send you two!

Back to the Cloud
and how it's related
to the many wonders
that Sir Ron has created

The cloud fulfills promises
that IT has made:
agility, better service
at a lower pay grade

You can scale up, scale down
pay for just what you use
Elastic infrastructure
what you get's what you choose

We've got public and private,

outside and in,

on-premise, off-premise

thick platforms or thin

The offerings are flooding
the wires en masse
Everything, it now seems,
is some sort of *aaS

You've got infrastructure,
platforms, software and storage.
Integration, SOA 
with full vendor whoreage

Some folks equate
virtualization with cloud
The platform providers
shout this vision out loud

'Course the OS contingent
has something to say
that cloud and virt
is part of their play

However you see it,
and whatever its form
the Cloud's getting bigger
it's starting to storm

Raining down on us all
is computational glory
but I wonder, dear friends,
'bout the end of this story

Will the Cloud truly bring value?
Solve problems that matter?
Or is it about 
vendors' wallets a-fatter?

*I* think the Cloud
has wonderful promise
If the low-hanging IT fruit
can be lifted 'way from us

The Cloud is a function
that's forging new thought
Pushing the boundaries
and theories we've bought

It's profoundly game changing

and as long as we focus

and don't buy into the 

hyped hocus pocus

So before we end up
with a Cloud that "slices and dices"
that never gets dull,
mashes, grates, grinds and rices

It's important to state

what problem we're solving

so the Cloud doesn't end up

with its value de-evolving

—-

BTW, if you want to see more of my Cloud and Security poems, just check here.

Cloud Computing Security In Poetic Review

October 27th, 2008 5 comments

This is in response to my buddy Alex Hutton's blog post titled "Cloud Computing – Stormy Weather?"

If you took a poll
of folks in a crowd
asking them to define
what they thought of "the cloud"

I'd bet the dough in my pocket
not one could agree
on the relative impact
it will have on IT

Outsourced computing,
utility, grid,
distributed resources
with the moving parts hid

whatever you call it
its adoption is brisk
but like most "innovation"
we've forgotten 'bout risk

Cloud computing's a trade off
Be sovereign or efficient
I guess it depends
on where you think you're proficient

Some things are ripe for the Cloud
others not so much 
Some things we'll let go of
others tightly we'll clutch

Most companies I know
manage risk with their gut
when new tech comes along
they're still mired in that rut

So security gets blamed
for standing in progress' way
yet we're stuck with defending
C, I and A

We need to be agile
but oh yeah, compliant
Though the potential for loss,
means our exposure is giant

Cloud advocates say
Amazon's never been breached
so we can trust that our data
will never be leached?

I guess this all depends
on which model of cloud
you decide to rely on
to make your CIO proud

We've got wares as a service,
Web 2 dot 0, SOA
'lastic clouds, fuzzy storage
It's the future, some say

But I can't help but think
the handwaving's distracting
from the uncomfortable truths
of what this is impacting

We can't even manage
the stuff that we own
yet we're willing to outsource
where our assets call home?

We don't classify data,
can't control where it goes
but we'll transfer our risk
to someone nobody knows?

Diguising marketing efforts
as tech. innovation
and suggesting that insight
will spur risk ideation?

 

Reduce risk?
Reduce loss?
Create efficient operations?
Those are quite lofty goals,
worthwhile machinations

But the cloud ain't an answer
it's a cyclic response,
evolutionary next-steps
to what the tech. industry wants

They can't solve real problems
so a new one's created
to distract from the point
that we're being masturbated

I'm all for the cloud
been doing it for years!
Got a real game changer?
Hey man, I'm all ears.

You dress up this pig
in a nice looking dress
security will be here
to clean up the mess

Categories: Jackassery, Poetry Tags:

By Popular Demand: It’s the End of the BGP World & We Know It…In Poetic Review

August 27th, 2008 1 comment

What the hell’s goin’ on here?
something’s surely a mess,
our BGP is announcing
the wrong damned AS

See, I announce with this prefix,
it’s a slash 24,
here to there should take 3 hops,
not 18 or more

I’m pinging the next hop and
that works just fine,
ping a host, subnet over,
slows like a POTS line

That Defcon session,
when we IM’d all night,
that shit’s all encrypted
you told me that, right?

My telnet shell’s cleartext!
DONE! Stabbed it with a FIN fork
So why do these Pcap’s
show SYN’s to New York!?

Somethin’ sure does look fishy,
TTLs all askew
are the ISPs tapping traffic
‘tween me and you?

I’m just paranoid, man,
I’m sure it’s all fine.
These ping-pong effects?
BGP’s grand design

I mean really, why worry?
Even though, I confess,
it’s not like we’re vulnerable
like with DNS

BGP must be foolproof
auth’d and encrypted
there’s no way they’ve gamed it,
redirected or sniffed it

It would be quite stupid
if AS routes, you could twiddle,
intercept all my traffic
with a man-in-the-middle

Nah, I’ll sit here, use torrents,
my bits are secure,
close my eyes and imagine
that the Internet’s pure

What’s next though, I wonder,
what protocol hack
will cause Internet chaos
and make the tubes crack?

Categories: Jackassery, Poetry Tags:

The DNS Debacle In Poetic Review

July 23rd, 2008 11 comments

Update: Check it out!  Leo Laporte and Steve Gibson read my poem on their Security Now podcast.  Thanks for the radio voice, Leo!

A few months ago
Kaminsky discovered a flaw.
It was with DNS,
It was nasty and raw

He decided than rather
to disclose all at once
he’d instead only tell people
who’d fix it in months

So some meetings were had
and work soon began
vendors wrote patches
coordinated by Dan

Fast forward some time
out the closet it came
some researcher types
got into the game

Dan’s rules were quite simple,
that in 30 days
he’d present during Blackhat
and we’ll all be amazed

A bunch of big egos
called Dan on a bluff
said his vuln was a copy
of 10 year old stuff

So Dan swore them on handshakes
and details were provided
and those same cocky claims
soon all but subsided

It seems that Dan’s warnings
weren’t baseless at all
Said the same skeptical hackers
"the risk isn’t that small!"

So Blackhat was nearing
the web didn’t break
then out came a theory
from our friend Halvar Flake

No sooner had he posted
and described the vuln’s guts
than Matasano’s blog surfaced,
kicked the web in the nuts

It said "Halvar’s right!"
we’ll no longer keep quiet.
The post’s ripple effect
caused a nasty ‘net riot

The blog quickly was pulled
but the cat’s out of the bag
the arms race began
since there’s no longer a gag

Meanwhile the issues of honor and trust
rehashed the debate
of when disclosure goes bust

So Dan’s days of thirty
we never did see
thirteen is OK
but I issue this plea

When researchers consider
how to disclose and thus when
will you think of the users?
How it might affect them?

This ego-fueled rush
to put your name on a vuln
has a much bigger impact
than you might have known

If the point here is really
to secure and protect
then consider what image
you really project

In this case the vuln.
is now in the wild
an exploit is coming
DNS soon defiled

The arms race has started
and the clock now is ticking
If you haven’t yet patched
you’ll soon take a licking

I’m not taking sides really
on the disclosure debate
but rather the topic
of patch early or late

What good is disclosure
if the world couldn’t cope
with the resultant attacks
if we’ve all got just hope?

There’s two sides to this issue
both deserve merit
but Dan’s rep has been smeared
I say let’s just clear it

Happy patching everyone! ;(

/Hoff

Categories: Poetry Tags:

Poetic Security Review

July 10th, 2008 1 comment

Shakespeare
The InterWeb’s broken!
Oy, vadda mess!
Kaminsky tells all
Patch your damned DNS!

VMware’s Greene has gone virtual,
where will she land?
Maritz is the new boss,
since Diane got canned

Speaking of virtual
Ballmer’s jumpin’ with glee,
for twenty-eight bucks
you can own Hyper-V!

Oh the Senate just gave us
a shitty surprise-a,
those spineless rat bastards
just re-voted in FISA

Hear that sound in the background?
That’s the ACLU crying
The telcos and Intel
get rewarded for spying!

That’s right they can wiretap
your comms with impunity
Our elected officials
just gave them immunity!

The new iPhone this Friday,
faster speeds, GPS
If only they’d fix
AT&T’s coverage mess

Poor Jerry Yang
and his Yahoo-stacked board
If Carl gets his way
Yang will fall on his sword

Matasano’s first product
took a while to cook
Many firewalls?  Hard to Manage?
Give Playbook a look.

As a wrap-up this time
I’ll pull the guilt lever
Read this post on my charity
and donate to Kiva!

Categories: Poetry Tags:

Poetic Weekly Security Review

May 17th, 2008 No comments

I do these every once in a while.

Enjoy

The Air Force, it seems,
wants its own net of bots
how many you ask?
The good colonel says "lots!"

The best defense is offense
to defend, they’ll attack
After the DDoS
you’ll get your game console back

Seems NATO’s on board
the Baltics are chuffed
the Cybersecurity center
means attacks will be stuffed

If your cable’s from Charter
they’ll know you surf porn.
Want your privacy back?
Get Obama on the horn

Speaking of privacy,
can you say P-R-N-G?
if you’re running Ubuntu
I’ve pwned your root key

The free email archival
from NSA — quite a mess
they got knocked off the air
‘cos of bad DNS

Seems virtualization security’s
not Simon’s problem to fix
beyond hypervisors
they simply don’t mix

Troubled by compliance?
governance giving you fits?
risk management efforts
driven by auditor twits?

Fear not my good lemmings
I’ve the answer, you see
close your eyes, send a check
Behold: GRC!

Check Point launched ForceField
sandboxed browsing – how zen
I installed it, went browsing
but it broke VPN

Nessus licensing changed
not that much of a hassle
though some might have to pay
for the  coolest new NASL?

Dave & Busters suggests
that you eat, drink, and play
Three dudes from east europe
took that quite the wrong way

Yahoo’s in turmoil
Ichan wanted a "yes!"
HP spent near twelve billion
and they bought EDS

HSBC lost a server
Oh what could be finer
than your banking details
floating ’round China

Oh rootkits, we love thee
Where are you hiding them then?
In software, in firmware?
Oh, look! SMM

Don’t forget IOS,
there’s a rootkit there, too
pwnage of routers
means no sleep for you!

Intrusion tolerance solutions?
What’s that you may query?
It’s admitting that losses
are real, not theory 

New PCI — deadline’s coming,
what will you do,
to comply with the new stuff
in version 1.2?    

And finally,
I’m bullish on Google, I am
except when their mailer
starts sending me spam 

Categories: Jackassery, Poetry Tags:

Poetic Virtual Security

April 30th, 2008 3 comments

Shakespeare
I was at Starbucks with my four year old.  She was laying down the Dr. Seuss
with aplomb so I was inspired to dig deep and show her how the old man can
ebb and flow.

I swear to $diety that upon hearing this she rolled her eyes and said something like "Dad, you had me at ‘virtualization.’ "  At that point she quickly pointed to my iPhone and asked if I would purchase the latest Hannah Montana song on iTunes…<sigh>

You can see more of my poetic ramblings here (scroll down after the jump.)


When debating the future of secure virtualization
It’s wise to reflect on its very creation

Some say poor code is the reason it’s here
while others use doubt and (un)certainty’s fear

Economically speaking the V-word’s a boon
operationally, though, it showed up too soon

Duties, once separate, are now all a-blended
one moat, lots of castles — the model’s up-ended

Competency and skillsets come into play
Who owns the stack?  Well, that’s hard to say

Can an admin whose mad skillz focus on the OS,
really be trusted to manage this mess?

The virtual sysadmin owns the keys to the kingdom
but it’s hard to fix hosts when you can’t even ping ‘dem!

Operational silos have now become worse
since the virtual admins control all the purse

The network and security wonks try to fudge it
but switches and firewalls just don’t get budget

Security, network, storage, and host
if you push the wrong button it all becomes toast

Our current security solutions don’t cope
but the dealers keep pushing their VirtSec straight dope

I don’t want to come off like a VirtSec despiser,
but to protect our crown jewels it’s all HYPErvisor

Don’t worry my friends, no need to be scared
your whole infrastructure will be VMware’d

…or Xen’d, or sPath’d or perhaps Hyper-V’d
virtualization, I’m told, will solve everyone’s need

Organizational issues are really what matter
there’s no real need to make our vendors much fatter

Focus first on improving your present situation
like assessing your risk and host segmentation

Get a grip on the basics and work up from there
don’t give into the hype, doubt, confusion or fear

That’s it boys and girls till I rhyme once again
Stay happy, stay secure, and now…

EOM

Categories: Poetry, Virtualization Tags: