What do you think this is?

Just thoughts of a restless mind...

An interesting January

That was an interesting January!

Some history first: I started working full time when I finished my military service in 1994. Between 1994 and 1998 I had two simultaneous jobs. From 1998 up to 2000 I had one job and I was studying for my MSc part-time. Starting 2001 and up to 2007 I had again two jobs while from 2007 up to 2010 I had one full time job and was studying for my MBA (distance learning).

I started having only one job in 2010, so when at the end of 2018 I decided to quit my job, I found myself for the first time in my life having nothing to do. What an interesting time!!!


I took the opportunity to learn more things, which is one of my favorite activities. I tried the e-learning modules from (ISC)2 for "DevSecOps: Integrating Security into DevOps" and "Building a Strong Culture of Security" as well as "GDPR for Security Professionals: A Framework for Success". A review will follow next week in a different post. I re-started studying Czech, which I had to stop when my previous job required extensive travelling, and I aim to really learn the language this year. That is the first of my 2019 resolutions.


If you know me a little bit, you will know I'm a dedicated Linux user. In my early professional years I was involved in HELLUG and its online magazine; that was 20 years ago. For some years in the 00s (is this even a thing?) when I was a freelance consultant I was re-selling SuSE Enterprise Linux and relevant services in Greece. I still remember the feasibility study for a bank in Greece to replace the Windows computers in their IT department with Novell Linux Desktop (what is now called SUSE Linux Enterprise Desktop). It's a pity that the bank was acquired shortly after that and the project never materialized.

Now due to some interesting coincidences I tried openSUSE again; after many years being an Ubuntu user. openSUSE Leap 15.0 is great, super stable and fast. A hard disk crash that had me reinstall my laptop made me sharpen my sysadmin skills - which to be honest never got very blunt anyway - in my successful journey to replicate as much of the system as possible in as automated way as possible. No, I do not plan to write a blog post for that. It's super easy.

YaST is as good as I remember and zypper is a necessary and quality command line tool for package management. Finally KDE provides a much better and smoother experience compared to what it was last time I used it, so I'm happily staying with openSUSE and KDE for the foreseeable future. During the distribution change process I had to upgrade some custom reports I had for gnucash, my preferred software for financial management. The versions in my (old) ubuntu and the (new) openSUSE are different. So I had to revisit Guile Scheme, which I don't think I ever knew very well - still, I somehow made it.

All this eye-candy is good but the itch for the console is always there. I took the opportunity of the extra free time to upgrade my server and slightly improve the security of the mail subsystem which now uses DMARC in addition to SPF and DKIM that I had set up initially. The set up is a piece of cake and probably took me less than 15 minutes. The same with the web server which is now configured in a way that respects and is compatible with almost all modern standards for security and privacy.


The year found me in bed with fever. After some days I recovered but then my partner got sick and it took her a couple of weeks to recover. Therefore, we didn't have time to take any longer trips together - something that we very much liked and did extensively in December. But I still had too much time and I haven't started going to the gym yet (a resolution for 2019 which I intend to keep).

I did some cleanup of my papers and archive, watched some movies and several series. I also re-read The Adventures of Captain Alatriste, a book that a friend of mine gave me some years ago, and I enjoyed it again. No tango yet, but it's coming...


Bloody Brexit!!! Since the first time I found myself in the UK (which was 35 years ago) I remember wanting to go and work there. Now I had the opportunity and I even had an offer from a company that I very much like and respect. Problem: The events of 10-13 of December made Brexit a huge black hole (as it wasn't one already anyway!). The situation is very unclear and although I may not be affected as a working person, nobody knows what I would have to do for my partner or my children. So I had to (politely I hope) turn down that opportunity and withdraw from all open applications I had in the UK. Although I did not apply to any job during the first three weeks of January due to a verbal agreement I had with a company in December, opportunities for me are there and I strongly believe that I will (and I will try to) be very happy in my new job starting in February.

During that time I realized one thing and reconfirmed another:

  • Re-confirmation: the recruiting industry related to security is a real mess and needs immediate disruption. I wrote about this in the past and I still cannot believe not only the lack of recruiters' knowledge of the subject, but also the lack of basic personal/social skills.
  • Realization: The so called skills gap is definitely not a thing. The only gap is between what the organizations need and what they think they need. Couple that with the recruiters' problem and you have the paradox of extremely qualified security people being unemployed, while companies are suffering breaches every other day. There is a whole load of people from recent graduates to CISOs and strategists who cannot find a job, and that's a disgrace.

This deserves its own blog post and although I know it doesn't make me any friends in the recruitment industry, I'm not known for holding back my opinions - so I will probably write it sometime later this year.

The first month of 2019 is almost over and I am here writing this blog post! Stop reading and go do something productive, I know I will!