Michael Jackson過世了,把2006年看完the ultimate collection的感想,放到網誌中紀念他一下:
話說,八零年代有三個MICHAEL。都是神的複製人。
球場上,飛行的MICHAEL姓JORDAN。不過他後來復出了三次,感動的眼淚迸出量隨著復出的次數,呈等比級數減少。
另外,歌壇上有兩個MICHAEL。一個帥到不行,天然不需雕琢的MICHAEL叫做GEORGE MICHAEL。他一出現,所有台灣的男生都同時失寵。雖然懷著一顆憎恨的心,但是為了追妹妹,也都不約而同的表示很欣賞喬治麥可。只是,後來發現,GEORGE MICHAEL也滿欣賞他們的。
最後一個MICHAEL,是舞台上最耀眼的巨星,儘管他完全是人工雕琢。你承認也好,不承認也罷,很多男生在那時候都會在父母親不在的時候,拿出他的錄影帶,偷偷練習月球漫步。這也是世人第一次發現,摸下體也是一種舞步。真他媽的酷。只是,後來發現,他除了喜歡童話,還喜歡童…….
就是這樣吧!神總是要有跟凡人不一樣的地方才足以稱之為神。所以縱使神的復出像口吃一樣重複了三遍,神欣賞男人,神除了愛世人還愛兒童,都不足以撼動神在專業領域上輝煌的成就。
我們來看看MICHAEL JACKSON。
這個神是天生的。他的表演是全方位的。他的MV可以讓MTV這三個字變成全球風行的時尚工業;他的舞台表現可以讓全場十萬人為之瘋狂,跺地有震;他的錄音室歌聲也是特立獨行,漂亮的假音成為他不必註冊的專利。
最近他出了一張ULTIMATE COLLECTION。貴死人的價格。台幣一千多塊錢。伴隨著訴訟案發展,實在是銷售部門不食人間煙火的最佳例證-這個專輯推出的時候一定要在大家最討厭他的時候嗎?雖然,裡面包括了四張CD--MICHAEL JACKSON的歌也真的多到要四張CD才塞的下──還有一張DVD。沒錯,就是現場演唱會的DVD。就是十幾年前在台北那場一模一樣的曲目。
不過案情在我摀住眼睛把DVD從家樂福的架上帶回家之後發生急遽變化。
我們一開始看,欲罷不能的狀況出現了。不只是我們,而是孩子們。後來,連鄰居也來一起看。大家都目不轉睛的看著各個橋段。尤其是月球漫步出現的時候,國小五年級的早熟小女孩也睜大眼睛。國小三四年級的小男生已經現場就開始模仿起來。這雖然是演唱會現場,但是只是一張DVD,我不知道大家都站起來看是怎麼的。
這塊DVD錄製在他全盛的時期,所有最佳的現場效果,只有他夠格可以用。所以,他的優,是必然的。所有的熱情,都是再理所當然不過的。現場觀眾暈倒,再暈倒,以各式各樣的姿勢被抬出場外休息,這些雜七雜八的姿勢都變成對神的禮讚。
這張DVD,在鄰居當中變成禮拜天的一件樂事。我們這些當年的小男孩們,紛紛秀出自己以為最正確的舞步,讓太太們發現老公還沒跟他們認識之前的樣子,只有可愛可以形容。
當然,我們這些當年的小男孩,絕對不是用可愛的眼光來看待神。我們看見,他的原創性。白手套,大家都可以戴。只有他戴上去,就是那麼亮眼。小丁,我們常常要求老婆穿。但是只有他想到可以拿來舞台上穿。振臂高呼,用的不過就是一台大電扇;黑皮鞋,白襪子,這種人走進來面試,門都沒有。聳!就只有神穿這樣,才是這麼好看。你看一個明星,他的舞台魅力,看MICHAEL就知道了。別人,是表演執導教出來的;神,是他跟表演執導一起JAM出來的。那就是原創。那就是有趣的地方。
這張DVD買來到現在,看了不下一百遍。如果家裡有小孩的,我建議你們都買來看,然後我們一起來研究到底小孩喜歡哪裡。因為我們家的兩個現在已經愛上 MICHAEL,而且這個PACKAGE中的剩下四張CD也從此之後登上我們家車上最佳音樂排行榜。為什麼MICHAEL跟天線寶寶、派大星的威力相當呢?他們之間到底有什麼雷同的地方呢?誰來告訴我?
這個偶像,足以讓孩子們知道,把拔馬麻當年的偶像,比起現在的,可是毫不遜色!
像MICHAEL這樣的偶像,除了快歌之外,慢歌也是值得欣賞的。比如說,You are not alone這首歌,當年聽,跟現在聽,心情完全不一樣。在MV裡,一大串的快速節奏之後,MICHAEL這首歌特別安排在他的家裡-還是舞台,不過是空無一人的舞台。場景依舊華麗,但是空無一人的舞台。伴隨著尚未卸掉的妝,第一句就要人命了:Another day is gone…..I’m still alone….唱的多溫婉,多誠實,多令人疼惜。
其實,當大家覺得他唱出大家的心聲而產生共鳴時,全世界只有他才知道,他是在唱自己的心聲。全世界沒有人能夠幫忙他面對自己的問題。我想,他一定常常想著這些歌迷:你們常常喊著我的名字,說有多愛我,買我的海報,珍藏我的CD。但是,如果你們知道真正的我,你們,明天,還會愛我嗎?
這首歌獻給所有世界上不該寂寞,卻依然寂寞的人們。
You are not alone.
__________________
2009年6月12日 星期五
資安不是說no
http://www.cio.com/article/494718/RSA_Chief_the_Job_of_Security_Guys_is_Not_to_Be_Doctor_No_
RSA Chief: the Job of Security Guys is Not to Be 'Doctor No'
IT security managers should enable cloud computing by learning how to manage risk, says RSA chief Art Coviello.
By Jaikumar Vijayan
這篇文章提醒資安人員要控管風險,不是趨避風險。
Wed, June 10, 2009 — Computerworld — Web 2.0 technologies and cloud computing are extending traditional enterprise network perimeters to the point that they are practically vanishing, says a report released this week by RSA, the security division of EMC Corp. The report further states that information security managers who understand the associated risks and learn how to manage them can help their companies adopt such technologies on their own terms.
RSA寫了一篇報告
The report also includes recommendations from 10 members of RSA's Security for Business Innovation Council, including chief information security officers from J.P. Morgan Chase, Motorola, eBay, Time Warner and RSA.
這篇報告包含JP摩根、摩托羅拉、eBay、時代華納及RSA等資安人員的意見
In this interview, RSA president Art Coviello talked about some of the report's key recommendations as well as other topics.
Why did RSA do this report? This report is about what we call the hyperextended enterprise, which is exactly what you think it would be. We are using the Internet as never before. There are more devices, there are far more Web applications and now with Web 2.0 and social networking, communication is instant and pretty constant.
Our dealings as businesspeople with customers, suppliers, partners, and even our own employees, has changed dramatically in just the last seven or eight years. The opportunity being created with technologies like virtualization and cloud computing is extending the perimeter out even more. It literally puts your IT infrastructure out of the company in many instances. So our research is on whether people have learned the lessons of the past, and if they are building security into the cloud computing environment. Unfortunately, we found out that they are not doing this as they should.
現在我們使用網路比以前更頻繁,Web 2.0,社交網站等等,現在的防禦範圍要比以前大很多。但是,似乎IT人員沒有在過去的經驗中學到如何應對雲端運算及虛擬化。
What are some the recommendations from the Security for Business Innovation Council in terms of what companies should be doing to enable cloud computing? The first recommendation is that if you are thinking of outsourcing applications and information and infrastructure then you ought to rein in the protection environment. See if there is a way to lessen the cost of security. Look at the kind of security measures you have, check them for cost effectiveness and see if there are redundancies.
第一個建議是對現有的工具檢視是否有效,是否能夠減少安全的代價。
[Another] recommendation is to proactively embrace new technologies on your own. The job of the security guy is not to be "Doctor No." It's not to say "you can't do stuff," but rather how you can embrace these technologies and how you can do it securely. You can never do security perfectly, but if you do it in the context of risk, you can minimize your exposure.
第二個建議是對新的科技要積極的參與。安全人員不該像老是告訴病人這個不能做那個不能做的醫生。安全是無止境的,永遠不會完美的。你只能減少暴露在外的風險。
PAGE 2
It also makes sense if you no longer have control of the physical infrastructure to shift from protecting the container to protecting the data. One would assume that the cloud provider is protecting the container and the physical infrastructure. Your job then is to shift from protecting the container to protecting the data and information itself. Once you go to a cloud environment, it really is about how you maximize the use of your applications and your information and how you ensure that the people who need it get access to it.
雲端之後,你不再像以前一樣可看到實體,所以你的責任也就轉變成保護data。實體及架構的部份由雲端的提供者來保護,而你就專心來保護資料本身。你一旦轉進雲端的使用,重要的是你如何最大化你的應用及資訊以及保證需要使用的人可以得到他們所要的。
[Another recommendation] is really about protecting data with security techniques that allow you to monitor the flow of data in real time. Things like data-leak prevention technologies that are far more dynamic and are based more on content and behavior and looking for anomalies based on who is getting access, or who is using the data and how it is being used.
另一個建議是使用行為及內容偵測的技術來管理資料如何被使用。
What impact has the recession had on information security budgets? Have they been as immune from cuts as some had expected them to be? Every budget has been impacted. There's no question about that. Relative to others though, security budgets have been impacted less. In our case we are gaining market share.
經濟衰退有沒有影響資安預算?當然,但是資安預算被影響的程度較少。
This year we had 10% year-over-year growth in Q1 and actually almost 11% from an order standpoint. Now that is down from last year, but it is still positive growth. I think a lot of high-technology companies would have been thrilled to report growth in Q1. If you were to look at our product lines, SecurID which is still a very significant portion of our business, is only flat to maybe slightly up and that would be expected because it is so employment dependent. We are not getting expansion inside existing accounts because people aren't adding lots of employees. Our security incident management business is growing at well over 30%, while our ID protection and verification suite is growing at about 40%, and our data leak prevention is growing at 80% or 90%.
今年我們第一季的YoY是10%,雖然比去年的YoY低,但是依然算強勁成長,跟許多高科技公司的季報比起來好多了。其中,跟員工人數正相關的SecureID產品只能算平平,這是我們的主要產品。而我們的安全事件管理產品則成長了30%以上;ID保護及確認產品更是成長了40%;防止資料洩漏的產品成長了80%到90%。
Two years ago you had said that standalone security vendors are headed for extinction because vendors such as Microsoft, EMC and Cisco Systemd were integrating security functions into their own products. Do you still believe that will happen? I was wrong on time but not on direction. There really are only two significantly large independent companies that are totally security focused today, and that's McAfee and CheckPoint and they are anomalies.
我兩年前曾經預言單一的安全產品廠商將會面臨滅絕,因為大型廠商像微軟、EMC、思科都會把安全性的功能加入到他們的產品中。我在時間上是錯的,但是方向沒錯。現在只剩安全產品廠商只剩McAfee and CheckPoint 而他們是異類。
PAGE 3
Symantec now owns Veritas so they are as much an infrastructure company as they are a security company. And let's pick a category like data leak prevention. The three big players in that space - IronPort, Tablus and Vontu were all snapped up.
There continue to be innovative startups and lots of point products, but increasingly, especially in cloud environments, the ability [of customers] to absorb countless numbers of independent point products tends to be less and less. We see customers wanting to minimize the amount of vendors they have because the technology really needs to be baked in. It needs to be transparent and seamless in the environment. I'm not saying there won't be security products. But I am saying the infrastructure companies are going to need their own security products and technologies and will form partnerships as we are doing with the likes of Microsoft and Cisco.
What do you think about President Obama's plans to appoint a White House cybersecurity coordinator? I think it makes tremendous sense. I think the idea of having somebody coordinate policy and to lobby strongly on Capitol Hill for the requisite funding and changes to law is a good one and I think it is very necessary.
像賽門鐵克現在就還有Veritas,所以已經不是單一產品的廠商了。另一個資料外洩防護的領域,前三大廠商都被買走了。在雲端領域裡,現在客戶希望配合廠商越少越好,產品與產品間戶不相干的程度越少越好。整合度高以及透明化是必須的。廠商之間必須要同心協力。歐巴馬也在白宮設了一個 資安太上皇,這是很有道理的。由他來統籌政策以及必要的資金。
The [National Security Agency] has a lot to offer, but people are suspicious of them because they don't have a domestic charter. Homeland Security needs to play a very heavy role and I'm sure they will. But somebody in the White House coordinating the effort and also working with civilian agencies that have a lot of personally identifiable information like the IRS and the Social Security Administration just makes tremendous sense.
© 2007 Computerworld Inc.
國家安全局很能幫的上忙,但是他們對國內並沒有特許狀可以執行。國土安全部扮演很重要的角色,但是有人直接在白宮裡協調,直接跟國稅局、社會安全局一起合作就更有道理了。
RSA Chief: the Job of Security Guys is Not to Be 'Doctor No'
IT security managers should enable cloud computing by learning how to manage risk, says RSA chief Art Coviello.
By Jaikumar Vijayan
這篇文章提醒資安人員要控管風險,不是趨避風險。
Wed, June 10, 2009 — Computerworld — Web 2.0 technologies and cloud computing are extending traditional enterprise network perimeters to the point that they are practically vanishing, says a report released this week by RSA, the security division of EMC Corp. The report further states that information security managers who understand the associated risks and learn how to manage them can help their companies adopt such technologies on their own terms.
RSA寫了一篇報告
The report also includes recommendations from 10 members of RSA's Security for Business Innovation Council, including chief information security officers from J.P. Morgan Chase, Motorola, eBay, Time Warner and RSA.
這篇報告包含JP摩根、摩托羅拉、eBay、時代華納及RSA等資安人員的意見
In this interview, RSA president Art Coviello talked about some of the report's key recommendations as well as other topics.
Why did RSA do this report? This report is about what we call the hyperextended enterprise, which is exactly what you think it would be. We are using the Internet as never before. There are more devices, there are far more Web applications and now with Web 2.0 and social networking, communication is instant and pretty constant.
Our dealings as businesspeople with customers, suppliers, partners, and even our own employees, has changed dramatically in just the last seven or eight years. The opportunity being created with technologies like virtualization and cloud computing is extending the perimeter out even more. It literally puts your IT infrastructure out of the company in many instances. So our research is on whether people have learned the lessons of the past, and if they are building security into the cloud computing environment. Unfortunately, we found out that they are not doing this as they should.
現在我們使用網路比以前更頻繁,Web 2.0,社交網站等等,現在的防禦範圍要比以前大很多。但是,似乎IT人員沒有在過去的經驗中學到如何應對雲端運算及虛擬化。
What are some the recommendations from the Security for Business Innovation Council in terms of what companies should be doing to enable cloud computing? The first recommendation is that if you are thinking of outsourcing applications and information and infrastructure then you ought to rein in the protection environment. See if there is a way to lessen the cost of security. Look at the kind of security measures you have, check them for cost effectiveness and see if there are redundancies.
第一個建議是對現有的工具檢視是否有效,是否能夠減少安全的代價。
[Another] recommendation is to proactively embrace new technologies on your own. The job of the security guy is not to be "Doctor No." It's not to say "you can't do stuff," but rather how you can embrace these technologies and how you can do it securely. You can never do security perfectly, but if you do it in the context of risk, you can minimize your exposure.
第二個建議是對新的科技要積極的參與。安全人員不該像老是告訴病人這個不能做那個不能做的醫生。安全是無止境的,永遠不會完美的。你只能減少暴露在外的風險。
PAGE 2
It also makes sense if you no longer have control of the physical infrastructure to shift from protecting the container to protecting the data. One would assume that the cloud provider is protecting the container and the physical infrastructure. Your job then is to shift from protecting the container to protecting the data and information itself. Once you go to a cloud environment, it really is about how you maximize the use of your applications and your information and how you ensure that the people who need it get access to it.
雲端之後,你不再像以前一樣可看到實體,所以你的責任也就轉變成保護data。實體及架構的部份由雲端的提供者來保護,而你就專心來保護資料本身。你一旦轉進雲端的使用,重要的是你如何最大化你的應用及資訊以及保證需要使用的人可以得到他們所要的。
[Another recommendation] is really about protecting data with security techniques that allow you to monitor the flow of data in real time. Things like data-leak prevention technologies that are far more dynamic and are based more on content and behavior and looking for anomalies based on who is getting access, or who is using the data and how it is being used.
另一個建議是使用行為及內容偵測的技術來管理資料如何被使用。
What impact has the recession had on information security budgets? Have they been as immune from cuts as some had expected them to be? Every budget has been impacted. There's no question about that. Relative to others though, security budgets have been impacted less. In our case we are gaining market share.
經濟衰退有沒有影響資安預算?當然,但是資安預算被影響的程度較少。
This year we had 10% year-over-year growth in Q1 and actually almost 11% from an order standpoint. Now that is down from last year, but it is still positive growth. I think a lot of high-technology companies would have been thrilled to report growth in Q1. If you were to look at our product lines, SecurID which is still a very significant portion of our business, is only flat to maybe slightly up and that would be expected because it is so employment dependent. We are not getting expansion inside existing accounts because people aren't adding lots of employees. Our security incident management business is growing at well over 30%, while our ID protection and verification suite is growing at about 40%, and our data leak prevention is growing at 80% or 90%.
今年我們第一季的YoY是10%,雖然比去年的YoY低,但是依然算強勁成長,跟許多高科技公司的季報比起來好多了。其中,跟員工人數正相關的SecureID產品只能算平平,這是我們的主要產品。而我們的安全事件管理產品則成長了30%以上;ID保護及確認產品更是成長了40%;防止資料洩漏的產品成長了80%到90%。
Two years ago you had said that standalone security vendors are headed for extinction because vendors such as Microsoft, EMC and Cisco Systemd were integrating security functions into their own products. Do you still believe that will happen? I was wrong on time but not on direction. There really are only two significantly large independent companies that are totally security focused today, and that's McAfee and CheckPoint and they are anomalies.
我兩年前曾經預言單一的安全產品廠商將會面臨滅絕,因為大型廠商像微軟、EMC、思科都會把安全性的功能加入到他們的產品中。我在時間上是錯的,但是方向沒錯。現在只剩安全產品廠商只剩McAfee and CheckPoint 而他們是異類。
PAGE 3
Symantec now owns Veritas so they are as much an infrastructure company as they are a security company. And let's pick a category like data leak prevention. The three big players in that space - IronPort, Tablus and Vontu were all snapped up.
There continue to be innovative startups and lots of point products, but increasingly, especially in cloud environments, the ability [of customers] to absorb countless numbers of independent point products tends to be less and less. We see customers wanting to minimize the amount of vendors they have because the technology really needs to be baked in. It needs to be transparent and seamless in the environment. I'm not saying there won't be security products. But I am saying the infrastructure companies are going to need their own security products and technologies and will form partnerships as we are doing with the likes of Microsoft and Cisco.
What do you think about President Obama's plans to appoint a White House cybersecurity coordinator? I think it makes tremendous sense. I think the idea of having somebody coordinate policy and to lobby strongly on Capitol Hill for the requisite funding and changes to law is a good one and I think it is very necessary.
像賽門鐵克現在就還有Veritas,所以已經不是單一產品的廠商了。另一個資料外洩防護的領域,前三大廠商都被買走了。在雲端領域裡,現在客戶希望配合廠商越少越好,產品與產品間戶不相干的程度越少越好。整合度高以及透明化是必須的。廠商之間必須要同心協力。歐巴馬也在白宮設了一個 資安太上皇,這是很有道理的。由他來統籌政策以及必要的資金。
The [National Security Agency] has a lot to offer, but people are suspicious of them because they don't have a domestic charter. Homeland Security needs to play a very heavy role and I'm sure they will. But somebody in the White House coordinating the effort and also working with civilian agencies that have a lot of personally identifiable information like the IRS and the Social Security Administration just makes tremendous sense.
© 2007 Computerworld Inc.
國家安全局很能幫的上忙,但是他們對國內並沒有特許狀可以執行。國土安全部扮演很重要的角色,但是有人直接在白宮裡協調,直接跟國稅局、社會安全局一起合作就更有道理了。
訂閱:
意見 (Atom)