Day of Amazement – Technovation Calgary, 2018

Last weekend, I spent a day with an amazing set of young women.

I was invited to be the judge of the chapter of the Technovation Challenge in my hometown of Calgary, Canada.  Volunheroes - Technovation 2018Twelve teams of teenage girls worked to conceive, pitch and build a mobile application that addressed a problem in their community.  Team after team of young women hit the stage to share their vision and accomplishments, and to later give demos to the judges and the crowd.  What a *great* idea this whole enterprise is! While I only had to commit a weekend, there were a ton of people who put hundreds if not thousands of hours into this opportunity.  For any of you who feel like it is impossible to impact the ‘pipeline problem’, take a look at getting involved! As I understand it, Technovation is global and there might be an opportunity to work with girls in your own area. I wish I could explain the sense of agency I got from these girls, they were out there getting it done.  Also, I almost fell off my chair when one of the girls answered a live question about privacy of user data by noting that they could use a product like Auth0 to help!  My jaw hit the floor.

I am so excited to have seen this program in action, to see the tools that were chosen and the approaches that were taken.  I can’t think of a better way to teach entrepreneurship, technical fearlessness, presentation skills and teamwork.  I am in personal awe of Mea Wang, who works as an associate professor in the computer science department.  To pull this off is a spectacular accomplishment, thank you for paying it forward – you are making a huge difference.

The best lesson for me was a simple one. You might have thought these girls would be wowed by me! A real woman in tech! We get trained by twitter and the media to think we are rare and to be remarked upon.  But no – in reality I was just a random old person.  The people who are making impacts in the lives of these girls are not some fancy person with an “accomplishment”.  It is the men and women they see every day, acting in local roles of knowledge and authority, encouraging and building and expanding these girls’ dreams.  Kudos to all of you who act in that capacity.

 

Well here I am!

I am officially a Microsoft employee, holy smokes.  I’m pretty blown away by this initial experience… I’m sure you’ll all view what I say next according to whatever confirmation bias you bring into this — but the initial Microsoft experience is pretty spectacular, and I say this as someone who isn’t pre-conditioned to see everything with rose-colored glasses.  These people take *care* of their people.  I love that.  I also love the charitable giving program.  I don’t know if I’m allowed to describe it, but I can’t wait to max it out.  I love the corporate commitment to sustainability.  If you’re going to be in a bubble, it should be a self-aware bubble, right? This is an incredibly self-aware bubble, and I wouldn’t want it any other way.

My two axes of initial judgement are pretty simple — how do you treat your people and how do you ONBOARD them.  This was a pretty slick onboarding.  Within a day I had initialized at least 3 factors of authentication, maybe 4 depending on how you count such things. I could access resources that mattered, and it was a pretty seamless experience.

Stay tuned – in future updates we will get to see me tackle new standards, and my failures will hopefully be your learnings. Or at least your entertainings :)  My scope will expand and I can’t wait to share that. It is a lot less scary when you are backed by the incredible team that Alex Simons has built here.  Life is full of possibilities!

 

The Game’s Afoot!

After eight and a half years at Ping Identity, I am amazed to say that I’m moving on. I have had the privilege of working with incredibly talented people, from the CTO team to the product management team, to the entire field sales and technical corps.  I am so proud of what Ping has made in the last eight years and of the things that we have chosen to hold dear: quality software, long-term deep relationships with customers, and leadership in identity standards through practicing what we preach.  Also, serious costume parties 🤪

Some of my favorite PingIdentians

My other incredible windfall has been to meet brilliant and talented customer architects. They have taught me so much about the bigger picture, the reality that all the vision has to fit into, before it can resonate.

Last, I want to say something about the two people who were my direct superiors at Ping, Patrick Harding and Andre Durand.

Andre and Patrick (and costume parties)

Patrick and Andre took a chance on a relatively unknown Canadian identity geek, brought her onto the team and gave her support, autonomy, and opportunity.  I would not be the person I am without the mentorship and friendship of these two amazing people.  Thank you for believing in me.

Sometimes life surprises you – and I was recently surprised by an opportunity to really challenge myself in terms of growth and impact. So – onwards!  I am excited to say I am joining the Microsoft Identity team, working for Alex Simons as Director of Identity Standards. I can’t believe that I somehow get to work in the rarified air of this team, with some of the people I admire the most in Identity.  It took about 30 seconds of discussion with Alex to realize that this opportunity represented a chance to work with incredibly smart people, participate in complex problems that have to be solved at massive scale, and most importantly, to be able to advocate for standardized solutions to those problems, allowing for the whole industry to adopt secure patterns even if they don’t have the reach or resources of a company like Microsoft.

Anyone who knows me knows that getting to talk identity standards like OAuth & OpenID Connect all day every day is my idea of heaven; I can’t wait to see how the bits fit together for customers at the consumer and multi-tenant enterprise scale of MSFT.  What will the future hold for identity standards? I have a few strong opinions in this area, but there is a whole new world of perspective awaiting. I hope I can some part in defining that future, wherever we all end up.

Stay tuned, I hope to do a lot more writing here, now that I can really focus on driving industry conversation, and I can’t wait to work with everybody in my new role!

Wish me luck!

I will miss you all, stay in touch!

 

Saturday Night in London

It’s about 9:30pm on Saturday.  I’m in a bar, on Hackney road in London, that I simply stumbled upon while wandering around.  It is an incredible place.  It is called “The Natural Philosopher” and I heartily approve.  It is an odd and slightly twisted cross between an old fashioned victorian study, and a curio shop.  I would take a picture – but this isn’t the kind of place you take a picture in.  It’s meant not for Facebook check-boxing, but for people to sit and be in the moment.  And here I am, in the corner, working away at the laptop.  Better than trying to snap pictures though.

I haven’t written here for a long time.  But I dream about it.  I live a kind of guilt-driven life in some ways – how can I write here, when there are so many other greater priorities, outstanding commitments, all the things people are waiting for me to deliver?

But, sometimes the time is right.  My world is a lovely place, I have an amazingly balanced life, whereby I have good measures of intellectual stimulation, external validation, loving support, and independent exploration.  There are frustrations too, but there always are.

I think I will write here again soon.  There is so much to talk about, amazing changes and improvements in the identity world, pushed by sometimes surprising forces.  And I’ve started playing with the Arduino, so there is wonder there that I would enjoy sharing.

In the meantime, I shall enjoy this strange, unexpected, odd bar in a place I have always wanted to explore.  Even if I am the strange one in the corner with a laptop, the screen probably gives me an even more surreal look than the decor…

 

 

 

 

 

When your Empire has no Clothes

How many data points does it take to call something a trend?  With the hack and subsequent data dump of the internal files of Hacking Team, a company most of us never even knew existed until this week, the world is getting to see a very public examination of the naked inner workings of an organization. This is the second time I can think of this kind of hack occurring.  The first was, of course, Sony Pictures.

Some number of hackers have turned two different organizations inside out from a digital perspective, exposing even the mundane stuff for public ridicule.  And some of the most harshly ridiculed practices of all in both cases involved passwords and credentials.

In the case of Sony Pictures, the effect was acutely embarrassing.  Scores of Excel spreadsheets, detailing personal, business, and IT system passwords, with filenames like “website passwords” and “usernames & passwords”.   When Gawker writes an article detailing what morons you are,  you know it’s bad:  http://gawker.com/sonys-top-secret-password-lists-have-names-like-master_-1666775151

sonypicturespasswordfiles

In the case of Hacking Team, enough data was dumped for both the obvious stupidity to come to light, but also for hashed passwords to be brute forced, to be gleefully revealed in horrific detail on twitter.  The examples below are (a) a dump of the admin’s Firefox password manager, and (b) an excel spreadsheet containing VPS credentials.

hackingteamexample2

hackingteamexample

 

 

 

 

So, let’s assume that this ‘dump and roast’ trend is really a trend, and will continue.  Perhaps it puts a little more personal skin in the game.  We all get lazy. We all take shortcuts.  But perhaps now that there is a risk that all those shortcuts get dissected at a later date, with a very sharp scalpel.

Trying to look competent during examination by your Future Hacker Overlords.  It’s an odd thing to imagine as a security influence.  But right now, it feels like it might become a thing….

Facelift

I’ve finally had time to spruce up the site a bit! Feels good to move things around.  You know me, I like playing with the federated identity options — so have taken out the google identity toolkit.  I have a half-formed plan to install the Facebook plugin and then perform experiments on their new anonymous login and granular consent features….  of course that will eventually come out too.    Commenting and registration methods have never been stable, at least not since the infocard integration was taken out. Good thing you’re all hardy :)  so if you want to comment and say hi, you’ll probably have to recover your password.

copyright Pamela Dingle 2014

 

 

This Woman in Tech says: Thank you

I’ve been reading the various recent articles about women in tech bubbling around the interwebs with mixed feelings.  I’ve seen a lot of these debates go by, and although I have strong opinions (I know, you’re surprised, right?), I usually choose not to comment here.

There is only one thing that I find myself wanting to say publicly in this week’s resurgence of the debate, and that is: Thank you.   I have had the incredible blessing of being surrounded by group after group of intelligent, thoughtful men and women who have not only treated me equally and fairly, but have encouraged my abilities and helped me to reach greater and greater heights.  I have nobody to blame, but many to acknowledge – and why should the jerks get all the press time?

I may not be on anyone’s top 30 women in tech, and I may never be the CxO that people seem to so desperately need all women in tech to be, but I have a fulfilling and challenging job and I have achieved my primary goal in my career, which is to work with people who make me smarter every day. By the only standards that count (mine), I have it all.

I believe that a lot of women have fought difficult fights over the years so that I could have this kind of positive experience, and I know that not all women in tech have been so fortunate.  To those women who take on the establishment in this area – You have my support, gratitude and thanks.  You take the heat today so that the next generation of girls can simply accomplish and wonder what all the fuss is about.

Why am I writing this?  I don’t know. I suppose, it seems wrong for the unhappy examples to be the only examples out there. What I do know, is that I am one of the luckiest women in tech; the people who stand out in my life are not the ones who tried to hold me back, but the ones who have helped me fly.  Thank you, to some of these exceptional people: Darcy, John, Cliff, Don, Cullen, Alan, Tammy, Tim, Pete, Doug, Brian, Dave, Janelle, Kaliya, Gordon, Derek, Barb, Bob, Kim, Craig, Mike, Vittorio, Ben, Sydney, Dale, Patrick, Julie, Sean, Andrew, Gil, Laura, Andre, and so many more.

Digital Dumpster Diving

Brian Krebs wrote a fascinating post recently on keylogger results that are being posted in various cloud locations.  As Brian put it, insult is added to injury — not only has your machine been compromised, but the results are hanging out on the internet to be scavenged by random opportunists who know what to look for.

And to think that the biggest worry used to be shredding our documents to prevent physical opportunists from sorting through our leavings…

Photo credit:  http://www.flickr.com/photos/sumit/

Patience only goes so far

Mike Waddingham writes about how Facebook has run afoul of the Office of the Privacy Commissioner of Canada and will likely end up in court.

He notes:

I’ve never had a Facebook account.  I can be patient.

But those that still trust Facebook with personal information — and haven’t bothered to examine the minutia of the site’s privacy settings — will continue to have their personal information shared with 400 million users and thousands of advertisers, data aggregators and, well, pretty much anyone else on the Internet.  At least until the wheels of justice grind to conclusion…

You may not have a Facebook account – but when everybody else around you does, it’s like pulling one string out of a rug — you can still see the pattern.  You’re still in the photos.  Your holidays may still be announced.  Your birthday may still be announced. You’re still husband of, and father to, and friend of friend for all sorts of people who will share freely about you.  Perhaps you aren’t as semantically dereferenceable as you otherwise would be – but you aren’t invisible either.

On the other hand, if are ever accused of a crime, chances are that some other poor schmuck’s picture will end up on the evening news… that’s handy.

One last point — Mike forgot to add governments to the list of places you are sharing your personal information with.   Facebook gives governments the ability to collect and analyse the one thing that is still uncool for them to ask for – details of private lives.  As long as we all remain overfed and obsessed with who won Survivor and how to get an iPad, nobody will mind that Facebook is the worlds greatest surveillance tool.  I hope it stays that way for a very long time.