Success as measured by time

I recently read an article on HBR.ORG titled "Stop Working All Those Hours" and it has really made to stop and think about how people, myself included, measure success. The general premise here is that success in the workplace is often measured by the amount of time spent in the office. Stop and think about this for a moment; is it true?
Will spending 50+ hours a week in the office really make you a better employee? Or is it a perfect demonstration of not being as efficient as you could be? Metrics are an important factor in a business, I mean you have to have some empirical data by which you compare employees against each other. But is hours worked a valid metric? Does the employee that came in on Saturday deserve recognition if they could have completed the task on Friday? Is the employee that leaves early to watch their childrens' little league game less dedicated to his or her job?

LinkedIn Passwords Stolen - the Passwords Suck!

From LinkedIn's Blog comes the news of a 'few' passwords being leaked onto the internet. Vicentie Silveira writes:

"We want to provide you with an update on this morning’s reports of stolen passwords. We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts. We are continuing to investigate this situation and here is what we are pursuing as far as next steps for the compromised accounts:

1. Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.

1. These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in this email. Once you follow this step and request password assistance, then you will receive an email from LinkedIn with a password reset link.

1. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.

It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases.
We sincerely apologize for the inconvenience this has caused our members. We take the security of our members very seriously. If you haven’t read it already it is worth checking out my earlier blog post today about updating your password and other account security best practices."

While this is some disturbing news, this is more disturbing...

Malware Flame Exploits vulnerability in Windows Update

'Flame' Exploits vulnerability in Windows Update

According to threat analysis done on the recent 'Flame' malware the source for the vulnerability was a two-part scheme that allowed Windows Updates to be hijacked via MITM - Man in the Middle attacks.

The first prong of the attack used a flaw found in an algorithm used for Remote Desktop. This allowed them to generate a Certificate that is technically valid; this certificate was then used to sign the code.

From Microsoft Security Response Center Senior Director Mike Reavey:

“We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft,” 

Facebook Profile / Credit Report

 I was doing some research today for a final paper (due in a couple hours.... I <3 procrastination) about ethical dilemmas where technology is involved. Of course all the obvious things popped into my head, Google's street view cars, Facebook's Beacon case etc. But in writing the paper I had a bit of an epiphany; which as a result thereof I decided it was high time to jump on the Blogger band wagon. So the idea is simple, employers will often times request permission to pull a potential job candidate's credit report. The Fair and Accurate Credit Transactions Act (FACT Act) allows consumers to access a copy of their credit report once a year, one useful tidbit of information on the report tells you who all has accessed your information. Using this as a premise would it not then be prudent to offer a similar service for your Facebook profile?