Last week I made a decision to stop the Interesting Information Security Bits posts. I was both surprised and humbled by the comments, emails and tweets I received that expressed understanding and support for that decision, but also expressed how much the bits posts were appreciated.

That got me to thinking.

Is there a way to provide some pointers to content that supports my desire to refocus my attention without requiring me to wade through so much material?

I think there is and we are going to give it a try. This is the first post in what we will call 'Things I Learned Last Week.'

These posts are basically going to be a journal type thing that I will post every Sunday night/Monday morning. I am just going to start a draft post and plop things in here that I feel taught me something during the week.

Probably won't be restricted to purely Infosec related stuff, but I will try to separate things a bit 🙂

These posts may be long, they may be short or they may be non-existent.

Things are a little light for this innaugural post. I didn't get started until late last week.

Anyhoo, here we go!

Infosec Stuffs

Droidmap: network scanner in your pocket.

Want to have a handy wireless port scanner with you where ever you go? Check out Droidmap. From the application description:

This is an android application for root users that implements some functions of NMAP in a GUI in android. This program comes with installer scripts for the installation of the required NMAP application that must be run to install the program to your phone. Please note that the installation process requires a Linux environment running the Android developer tools from the SDK (this program requires adb for installation).

So far I have only tested this program on the Motorola Droid A855 so YMMV on other Android devices.

I haven't tested it on my Droid X yet, but it's on the list of things to try. I'll report back after I have given it a go.

Smartphones: Information security risks, opportunities and recommendations for users

The European Network and Information Security Agency (ENISA) has released a new paper on smartphone use. Their work is always worth a gander. From the release notice:

The objective of this report is to allow an informed assessment of the information security and privacy risks of using smartphones. Most importantly, we make practical recommendations on how to address these risks. We assess and rank the most important information security risks and opportunities for smartphone users and give prioritised recommendations on how to address them. The report analyses 10 information security risks for smartphone users and 7 information security opportunities. It makes 20 recommendations to address the risks.

This is a report put out by ENISA that you might find interesting. Not as assessment specifically of their use in corporate environments, but applicable. Reading the executive summary is highly recommended.

You can read the paper here.

Non-Infosec Stuffs

Drupal: Podcasting and content segregation using taxonomy

I have been working on the new website for the Society of Information Risk Analysts and we have a few things we want to support. We want to have three blogs; a general blog for risk stuff, a news/announcement bog, and a podcasting blog. Figuring out how to do that took a good bit of my Saturday and I am not done yet, but I have the bones figured out.

You can use a vocabulary in your site taxonomy and then point menu items/links to the path specific vocabulary terms to build 'blogs.' It's pretty cool. I will provide more detail in next week's TILLW post if anybody is interested.

There is a module called filefield podcaster that helps you build the rss feed for itunes and other readers quite easily. Again, I'll post more detail next week if anybody is interested.


Last week seemed like a very busy week. Of course, they all seem that way, particularly at this time of year. Don't let the busyness of the season get in the way of those relationships that are most important to you. Take a few minutes to connect/reconnect with your loved ones.

Until next week, signing off.

As usual, if you have comments or questions, feel free to leave them below or email me at kriggins@infosecramblings.com.