Friday, April 30, 2010

Everything you wanted to know about getting and keeping security clearance.

How many times have you found an actual security related job posted on the Internet only to read in the following requirements:
"Currently hold a Secret Security Clearance or higher"
or
"Candidate must be a U.S. Citizen and have the ability to obtain a Security Clearance if one is not currently held. Current Ts/SCI Security Clearance is a plus."
If you're ex-DoD, you might meet that requirement. If you're an experienced security professional, you might have had a company pay for you to get security clearance along the way. But if your a transplant or new grad you're stuck.

This isn't just a requirement for DoD, which is one of the largest employer in my area, but also for private industry. For example we have a lot of Pharmaceuticals and High Tech companies that require security clearance as well.

The question I get from frustrated friends and students is how do I get clearance? My usual answer is find a company to sponsor you, as it isn't cheap. But this morning I found a handbook that explains how to obtain, keep and re-activate (if you had it and let it lapse) security clearance. You're still better off finding a company sponsor but this will give you an idea of the process.

This Security Clearance Handbook 2010 (pdf) was assembled by the University of Fairfax. I would go into more detail about the contents of the handbook, but then would would be the point of linking to it. This handbook should answer most of the questions you have about security clearance.

If you have experience obtaining, maintaining, or re-activiating your security clearance and you would like to share your experience, please post in the comments.
Posted by About Me at 7:20 AM View Comments
Labels: , , ,

Monday, April 12, 2010

Programming Paradigms at Stanford

Ever wonder what happens when you assign a value to a variable? No, I mean like where is it in memory. What does the binary string look like? What is the difference between an int and a short that are assigned the same value? Well, I guess I'm the only one that does but if you do to check out the Programming Paradigms class lecture video's from Stanford. They're really good and cover all the details. It's a little fast paced for me so I usually play the videos over two or three times but they have lots of great information in them. Not anything language specific but they cover stuff relevant to Assembly, C/C++, Python, etc.
Posted by About Me at 8:00 AM View Comments

Friday, February 19, 2010

Yet another URL shortening services...

I've commented on other posts on this site about the security issues with URL shortening services.  My main issue is that you don't know what clicking that link could mean from a security stand point.  With all the client side attacks going on, clicking on anything should make you weary.


When I learned of ShardyURL.com on Twitter a few days ago I thought it was great.  ShadyURL is yet another URL shortening service but with a "suspicious and frightening" naming convention.  For example I created a link to this post and it came out as http://5z8.info/toosexyfortv.mov_x4a8y_stalin-will-rise-again



Now if I need to use a shortening services(which this doesn't really shorten it might actually make the new URL longer than the original one)I'll use ShadyURL.
Posted by About Me at 7:37 AM View Comments
Labels:

Thursday, February 18, 2010

Buzz Killer (Disable Google Buzz)

Google has now added a way to disable Buzz from the settings area in your Gmail account.  Once in the settings area select the last tab Buzz and click on the red "Disable Google Buzz" link.



A confirmation window opens asking if you would like to "unfollow" on Buzz, Reader and other Google services.  This option is enabled by default so be careful.



I didn't notice that and now I've lost all the folks I was following in Reader. Maybe its time I find another RSS reader. :/
Posted by Thomas Nicholson at 2:13 PM View Comments
Labels:

Tuesday, February 16, 2010

Moved my blog to a new host.

If you noticed a change on the site or had some DNS issues the last 24 hours, it was due to me moving my site.  Everything should be working now although some posts where hurt in the migration of this blog.  If you find something broken please let me know.

It's been a while since I made the time to write.  But I'm starting to cut back on all the extra stuff that has been eating up my time the last several months.  I plan to start writing more frequently and also post some more video tutorials.

If you have any tips on how I can make this site better please feel free to email Thomas at Nicholson Security and thanks for stopping by...
Posted by Thomas Nicholson at 9:28 AM View Comments