Vibe Coding – sudo read this

So, I am pretty lazy when it comes to typing out long commands and constantly typing in my password on my Mac. I worked with my coding coach (ChatGPT – and by coach I mean I just have it spit out the code). I had it write this, if you are using iTerm2, and you should, it will give you a TouchID prompt IF you have a device with a TouchID sensor connected, or are using your MacBook keyboard itself with TouchID, otherwise it will just give a password prompt, like an animal. It backs up all the files it touches, because I don’t trust ChatGPT that much. If it borks you, I’m sorry, so make a backup of your machine first and I’ll buy you an adult beverage when next we see each other.

To create the we are going to: nano install_touchid_sudo.sh and then add:

#!/bin/zsh
# Install Touch ID for sudo in iTerm2 only when a Touch ID Magic Keyboard is connected.
# Backs up every file it touches with .bak.<timestamp> and records a manifest for clean backout.

set -euo pipefail

TS="$(date +%Y%m%d-%H%M%S)"
INSTALL_DIR="$HOME/.local/share/touchid-sudo-iterm2"
MANIFEST="$INSTALL_DIR/manifest.$TS"
PAM_SUDO="/etc/pam.d/sudo"
BIN_DIR="$HOME/bin"
SUDO_WRAPPER="$BIN_DIR/sudo"
ZSHRC="$HOME/.zshrc"

mkdir -p "$INSTALL_DIR"
: > "$MANIFEST"

note() { printf '%s\n' "$*"; }
record() { printf '%s\t%s\n' "$1" "$2" >> "$MANIFEST"; }  # type<TAB>path

# 1) Backup and ensure pam_tid.so is present in /etc/pam.d/sudo
note "Backing up and enabling Touch ID in $PAM_SUDO..."
sudo cp "$PAM_SUDO" "${PAM_SUDO}.bak.${TS}"
record "backup" "${PAM_SUDO}.bak.${TS}"

if ! grep -q 'pam_tid\.so' "$PAM_SUDO"; then
  tmp="$(mktemp)"
  # Insert pam_tid.so as the first non-comment line
  awk 'BEGIN{ins=0}
       /^#/ && ins==0{print; next}
       ins==0{print "auth       sufficient     pam_tid.so"; ins=1}
       {print}
       END{if(ins==0) print "auth       sufficient     pam_tid.so"}' \
       "$PAM_SUDO" > "$tmp"
  sudo cp "$tmp" "$PAM_SUDO"
  rm -f "$tmp"
  record "modified" "$PAM_SUDO"
else
  note "pam_tid.so already present; leaving $PAM_SUDO content unchanged (backup still created)."
fi

# 2) Create ~/bin and install sudo wrapper (backup any existing one)
note "Installing conditional sudo wrapper at $SUDO_WRAPPER..."
mkdir -p "$BIN_DIR"

if [[ -f "$SUDO_WRAPPER" ]]; then
  cp "$SUDO_WRAPPER" "${SUDO_WRAPPER}.bak.${TS}"
  record "backup" "${SUDO_WRAPPER}.bak.${TS}"
fi

cat > "$SUDO_WRAPPER" <<'ZWRAP'
#!/bin/zsh
# iTerm2-scoped sudo wrapper that prefers Touch ID only when a Touch ID Magic Keyboard is connected.

set -euo pipefail

is_iterm2() {
  [[ "${TERM_PROGRAM:-}" == "iTerm.app" ]]
}

has_touchid_keyboard() {
  # Bluetooth: look for Magic Keyboard with Touch ID entries that are connected
  if system_profiler SPBluetoothDataType 2>/dev/null | \
       awk 'BEGIN{IGNORECASE=1}
            /Magic Keyboard with Touch ID( and Numeric Keypad)?/ {seen=1}
            /Connected: Yes/ && seen {connected=1}
            /^$/{ if(connected){print "YES"; exit} seen=connected=0 }' | grep -q YES; then
    return 0
  fi
  # USB: wired usage
  if system_profiler SPUSBDataType 2>/dev/null | \
       grep -Ei 'Magic Keyboard with Touch ID( and Numeric Keypad)?' >/dev/null; then
    return 0
  fi
  return 1
}

if is_iterm2 && has_touchid_keyboard; then
  exec /usr/bin/sudo "$@"
else
  exec /usr/bin/sudo "$@"
fi
ZWRAP

chmod +x "$SUDO_WRAPPER"
record "created" "$SUDO_WRAPPER"

# 3) Ensure ~/bin is in PATH via ~/.zshrc (backup before edit)
ensure_path_line='export PATH="$HOME/bin:$PATH"'
if ! print -r -- "$PATH" | tr ':' '\n' | grep -qx "$HOME/bin"; then
  note "Ensuring $HOME/bin precedes PATH in $ZSHRC..."
  if [[ -f "$ZSHRC" ]]; then
    cp "$ZSHRC" "${ZSHRC}.bak.${TS}"
    record "backup" "${ZSHRC}.bak.${TS}"
  else
    # Touch to create, then back it up empty for symmetry
    : > "$ZSHRC"
    cp "$ZSHRC" "${ZSHRC}.bak.${TS}"
    record "backup" "${ZSHRC}.bak.${TS}"
  fi
  # Only append if not already present
  if ! grep -Fxq "$ensure_path_line" "$ZSHRC"; then
    printf '\n%s\n' "$ensure_path_line" >> "$ZSHRC"
    record "modified" "$ZSHRC"
  fi
else
  note "~/bin already on PATH in current shell; no edit to $ZSHRC."
fi

# 4) Save a copy of the wrapper and metadata for reference
cp "$SUDO_WRAPPER" "$INSTALL_DIR/sudo.wrapper.$TS"
record "created" "$INSTALL_DIR/sudo.wrapper.$TS"
note "Install complete.
Manifest: $MANIFEST

Open a new iTerm2 session or 'source ~/.zshrc' to pick up PATH changes.
Behavior:
- In iTerm2 with a Touch ID Magic Keyboard connected: sudo will allow Touch ID.
- Otherwise: sudo falls back to password."

Now hit control-x to exit and y to save

The rollback!

Create the file:

nano uninstall_touchid_sudo.sh

and add this:

#!/bin/zsh
# Back out the most recent install by restoring backups from the newest manifest.
# You can pass a specific manifest path as $1 to target that install.

set -euo pipefail

INSTALL_DIR="$HOME/.local/share/touchid-sudo-iterm2"
MANIFEST="${1:-}"

if [[ -z "$MANIFEST" ]]; then
  MANIFEST="$(ls -1t "$INSTALL_DIR"/manifest.* 2>/dev/null | head -n1 || true)"
fi

if [[ -z "$MANIFEST" || ! -f "$MANIFEST" ]]; then
  printf 'No manifest found. Nothing to do.\n' >&2
  exit 1
fi

printf 'Using manifest: %s\n' "$MANIFEST"

restore_file() {
  local backup="$1"
  # Original path is the backup path without the trailing ".bak.<timestamp>"
  local orig="${backup%\.bak.*}"
  if [[ -f "$backup" ]]; then
    # If restoring /etc/pam.d/*, use sudo
    if [[ "$orig" == /etc/pam.d/* ]]; then
      sudo cp "$backup" "$orig"
      printf 'Restored (sudo): %s -> %s\n' "$backup" "$orig"
    else
      cp "$backup" "$orig"
      printf 'Restored: %s -> %s\n' "$backup" "$orig"
    fi
  else
    printf 'Backup missing, skipping: %s\n' "$backup" >&2
  fi
}

# Read manifest lines: "<type>\t<path>"
# We restore backups and then optionally remove created files saved under INSTALL_DIR.
while IFS=$'\t' read -r typ path; do
  case "$typ" in
    backup)
      restore_file "$path"
      ;;
    created)
      # Only delete created artifacts under our install dir; leave ~/bin/sudo in place
      # unless there is also a backup we restored above.
      if [[ "$path" == "$INSTALL_DIR/"* ]]; then
        rm -f "$path" && printf 'Removed created artifact: %s\n' "$path"
      fi
      ;;
    modified)
      # Nothing to do here; restoring from backups handles this.
      :
      ;;
    *)
      :
      ;;
  esac
done < "$MANIFEST"

# If we restored a backup of ~/bin/sudo, that copy is now back in place.
# If we did NOT restore one but want to remove our wrapper, uncomment the next block:
# if [[ -f "$HOME/bin/sudo" ]]; then
#   rm -f "$HOME/bin/sudo"
#   printf 'Removed wrapper at %s\n' "$HOME/bin/sudo"
# fi

printf 'Backout complete.\n'

Now hit control-x to exit and y to save
Now to execute it!
First we make them executable:

chmod +x install_touchid_sudo.sh uninstall_touchid_sudo.sh
./install_touchid_sudo.sh

Now to load it into our zsh open a new iTerm2 tab or run:

source ~/.zshrc

Then we will test:

sudo -v && echo "sudo cache primed; next sudo should prompt Touch ID if eligible." && sleep 2 && sudo true

If you want to kill it with fire:

./uninstall_touchid_sudo.sh

Lemme know how it goes if you trust me trusting ChatGPT enough to try it!

On my Github:
https://github.com/bionicrocky

In Defense of MonoTech

I’m typing this on a device called an AlphaSmart. It’s a very basic word processor – five lines of text, 47 letters wide. That’s all this thing does, process words. I carry the newest phone, have a smart watch, my house is smarter than me, and I upgrade my computers way too often. I must have the latest HD shininess. This thing, in contrast, looks just as low tech as it is: a keyboard and an LCD screen. Why would a technophile such as myself use an antiquated single purpose device you ask? Simple, it keeps me focussed.

Here’s the thing. If I’m on my computer I tend to have 5-7 browser tabs open, my Outlook is open usually, MightyText, Twitter, and at least 4 terminal windows. I want to be a monotasker but sometimes it doesn’t work out that way. I’m easily distracted, so I try to focus on the thing I’m mainly doing. My line of work isn’t conducive to this work style, but I try. I don’t text when I’m talking to people, I don’t email during customer meetings, and I will politely ask to find a stopping point in whatever I’m working on if you walk up and need my attention. Facilitating connectedness my entire career has caused some pretty bad habits though, and this thing is a nice break. I can get the words out of my head, while my head is quiet, and edit it later.

When I’m just getting thoughts on paper, having a device that can only get thoughts on paper (or rather a calculator looking screen) is perfect. It lasts a year on 3 AA batteries and it stores a few hundred pages of text that I can then transfer to my computer by connecting a USB cable- it emulates a keyboard, then it “types” everything into Word. Quaint, right? It doesn’t chime when I get an email, I can’t decide to check Twitter, play Trivia Crack, or Google whether Tecumseh fought on the American or British side of the War of 1812. I can only write.

I’ve said before that I want everything in my bag to do two things. Is the fact that it keeps me focussed and allows me to process words two things, or is that cheating? Probably the latter, but I’ll take the trade-off. Now if you’ll excuse me, I’ve to got to see what emails, texts, IMs, and Tweets I have been ruthlessly ignoring for this 15 whole minutes of monotasking goodness.

I’m Not Crying, You Are

The WiFi professionals community defines that word – community. We have an incredibly active Twitter presence, we have conferences, we have Field Day, we have our own vernacular, we have shared pain unique to our niche. We call each other by our first names and not Twitter handles. It’s a specialty with its own very different challenges. It’s a dual discipline job, half RF nerd and half Network bit jockey. Because of the unique challenges and the tight-knit aspects of the industry anyone in the trenches, I dare say, would answer anyone else’s phone call.

Perhaps the highest honor in this community is the CWNE (Certified Wireless Network Expert) from the excellent training and certification organization, CWNP (Certified Wireless Network Professionals). Why is it the highest? Every other expert level certification in the industry is a combination of proctored tests, some including live labs. They are hard, most of them DAMN hard. CWNE combines four of these tests – difficult ones, with a BUNCH of other stuff. The other stuff is why I’m elated to have been conferred with this thing.

You have to do Pearson-Vue tests, the hard ones. There is the CWNA for table stakes. It’s called an administrator test, it’s an engineer test, flat and simple. Then there’s the CWAP, which is the DEEP packet analysis test. That one nearly killed me in prep. Then the CWDP, the design test. Then the CWSP, the security test. They are 90 minute 60 question tests. You need a 70% to pass. The CWNA/CWSP were a bear when I first got them in 2004. They are as tough now, even having done this kind of work for all of those intervening years (they expired after 3 years and I hadn’t renewed).

So when you pass those it’s all just getting started. Next is three endorsements from people in the field. You also need two other valid certifications, not from CWNP. You have to have three years of verifiable experience specifically in WiFi. You then write three essays of 500-1000 words about projects you’ve worked. Next comes the painful part. You zip it all up and send it to the CWNP. Then you hold your breath for several weeks. You also check your email obsessivly, wake up in cold sweats and annoy your friends as your imposter syndrome goes in to overdrive. During this extended misery the CWNE Board of Advisors does a peer review. They have the opportunity to ask clarifying questions and generally validate that you are worthy of conferral.

Eventually you get an email. If you are me, you basically hang up on your work partner and call your wife crying.

I’ve passed hard tests that span eight hours. I’ve gotten certifications that require verified experience and a long wait. I’ve not, until now, had a certification that involved such subjective validation of my work by my peers and betters. I may still have imposter syndrome, but it has eased up a tiny bit.

Why I Use A Macbook – An Ode To DOS Snobs

I am writing this on my new(ish) BabyDoll. I sold my Surface 4 and bought this MacBook Pro 13″ Touch Bar. There were a lot of reason to re-evaluate the Surface, not least of which was that it didn’t actually work on my lap. Despite what MS says in their “it’s lappable” dogma, it is not. That dogma don’t hunt. I have a work Macbook Pro, but I want my own box without a bunch of corporate software on it and that I can do personal junk on without feeling guilty. I use my personal box full time for work for the above reasons as well. So off I went to Best Buy. I had an open mind and was initially looking at another DOS box. As I over-analyzed though, I went with another Mac.

An OS is a tool to get a job done. I used to spin up VMs a lot, but the main reason, Office, is usable on Mac at this point. To that point, I can load Windows on my Mac, but I can’t – at least ethically – load MacOS on other hardware. So, why is MacOS my goto? Chicks dig it. Also, it has much better native tools for what I do and I can customize it more than a DOS box.

I love going to customer sites and getting crap from my Windows elitist buddies for using a Mac. My usual response is “I understand that Unix can be intimidating, I get why you’d stay with DOS”. Usually sometimes gets a begrudged laugh. It’s true though. I’m not an *nix snob. I don’t want to compile the kernel to use a new mouse, but I want a bash shell damn it! Yeah, I get the Linux Services for Win10 thing, but it is bloaty and gross. There are tools for Linux boxes that I can’t /easily/ use on my Mac as well though, so there is always a tradeoff. MacOS gives me the happy medium. I plug crap in and it works. I get lots of native WiFi tools and several good suites not available on Windows or Linux (WiFi Explorer Pro being the one that comes to mind most readily). I can capture packets natively and now I can even use Ekahau without spinning up a VM or BootCamping into Windows!

I love the customizability of the terminal on MacOS. I use iTerm and a highly aliased .bash_profile to give me shortcuts and visuals I like, I love having nano, cat’ing a file so I don’t screw it up, and all that fun junk. See my profile below. It is a mashup of stuff my coworkers have found useful, stuff I’ve dug up around the web and a few things I came up with.

I also use my the ⌘+Space to open Spotlight and type in the app name almost exclusively for launching apps. I hate mice, all of that hand movement and taking my hands off the keyboard, so the more I can do to not move to it, the better. It’s just so damned inefficient. To that end, I actually prefer a laptop keyboard as the trackpad is closer than taking my hand off of the keyboard to dink with a mouse then moving it back over. Most can agree that the trackpad on a Mac with its multitouch stuff is top of class.

I love virtual desktops that I can switch between easily with a 3 finger swipe on the trackpad. I keep a Jump Desktop based RDP session open to my AD server, Jump Desktop VNC to my Ubuntu Box and sometimes one to my lab NUC running Windows 10 as a jump box. Swipe Swipe done.

So in the end, I pretty much keep all OSs running in one form or another. BabyDoll is the easiest way to do it. It’s efficient, it’s extensible and its got the tools I need. I never open my iPad unless I am reading comics or reading Scootering magazine. I use a Pixel 2 XL. I’m not an Apple fanboy, but my Mac is the best tool in the box for what I do in a day. Also, chick digs it (the only one I care about does anyway).

My .bash_profile, it’s all about the aliases baby.

alias ..='cd ../' #back that thing up
alias reload='source ~/.bash_profile' #since I constantly dink with this, I like to easily reload it
alias f='open -a Finder ./' # I avoid the trackpad when I can, one less movement and click to open finder at /
alias inet='curl ifconfig.me' # easier than opening the browser to whatsmyip.com so I can throw an nmap at the outside of the router
alias ip='ipconfig getifaddr en0' #cleaner than ifconfig if I just need my ip
alias speed='curl -o /dev/null http://speedtest.wdc01.softlayer.com/downloads/test10.zip' #decent but not perfect quick and dirty speedtest
alias tw='open -a /Applications/TextWrangler.app' #I use nano mostly, but if I need something more rich this makes it easy to open the file in TextWrangler (MUST HAVE for Mac nerds)
alias master='sshpass -p mypassword ssh rocky@aruba-master' #This is my lab, I don't mind cleartext passwords, this makes it easier to jump into my boxes
alias s3500='sshpass -p mypassword ssh rocky@s3500' #see above
alias s1500='sshpass -p mypassword ssh rocky@s1500' #see above above
alias dl380vm1='sshpass -p mypassword ssh rocky@dl380vm1' #see above above above
alias pi='sshpass -p mypassword ssh pi@192.168.0.96' #c'mon, you get the pictures
alias c='clear' #since I copy a lot of my ssh sessions for code snips for my customers, I clear a lot, that way I can do a ⌘A to snip it
alias weather="curl -s 'http://rss.accuweather.com/rss/liveweather_rss.asp?metric=2&locCode=en|us|portland-or|97209' | sed -n '/Currently:/ s/.*: \(.*\): \([0-9]*\)\([CF]\).*/\2°\3, \1/p'" #stupid terminal trick I found somewhere
alias ss="/System/Library/CoreServices/ScreenSaverEngine.app/Contents/MacOS/ScreenSaverEngine" #launch screensaver and lock screend
alias ls='ls -GFh' #We all have our ls fave, this is mine.
alias iscan=' nmap -p 1-65535 -T4 -A -v' # I forget command arguments because I am old this is for an intense can
alias osmap='nmap -A' # See above, this is a quick scan with OS
alias pscan='nmap -sn' #Quick ping scan

#borrowed from this post that has a LOT of great stuff https://natelandau.com/my-mac-osx-bash_profile/
# cleanupDS: Recursively delete .DS_Store files
# -------------------------------------------------------------------
alias cleanupDS="find . -type f -name '*.DS_Store' -ls -delete"

# finderShowHidden: Show hidden files in Finder
# finderHideHidden: Hide hidden files in Finder
# -------------------------------------------------------------------

Why I Buy Tools Out Of Pocket

Mechanics buy their own tools, plumbers do too, a lot of trades do. Most of us in technology are given a fair set of tools to do the job not long after signing the offer letter, and most of us take it for granted.

My employer is gracious enough to provide the current tech we have on offer. They supply a lab server. They provide a pretty beefy and regularly updated laptop. I’ve got APs out the wazoo. They even supply a car and the occasional polo shirt. They provide the basics for me to get my job done. They provide what I honestly think is a fair toolbox. Could it be updated more often? Sure, I’m a gearhound, who doesn’t want new and shiny stuff?

What they don’t provide is the incredible selection of fun wireless hardware that can help me to better understand my craft and ply my trade. I didn’t get issued a WiFi Pineapple, but I wanted to see how well its Captive Portal could pass for an Aruba or Cisco one. I wanted to be able to show my customers and to be able to talk about the threats these cute little devices can pose. I wasn’t shipped a Hacker Arsenal WiMonitor and Winx and but I wanted to show my customers an inexpensive tool that can get some packets quick in a hurry. I didn’t receive a WLAN Pi when it came out, but I wanted to be able to demonstrate to my customers that having a quick a solution for ePerf/iPerf, grabbing packets, and pulling speed tests is important and doesn’t have to mean buying expensive tools, requisitioning a MacBook or standing up a VM.

I got a desktop machine to use as a server when I started five years ago. I got a Shuttle a few years later. I wanted to be able to run multiple versions of all of our software, plus sundry stuff a customer may have in their environment. Those boxes were out of gas as more and more of my company’s solutions are virtualized. So I dug around on Craigslist and found a couple DL360s. I wanted to be able to bounce gear out in the lab in my shop from my office in the house, so I went on eBay and picked up some IP PDUs. I lock myself out, so I got an AirConsole.

Can I do my job without the kit above? Yes. Can I do it more easily with the above? Hells yes. When I mentor folks coming up in the trade I tell them that I’m willing to empower them, but that I don’t invest without return. They have to put as much time into themselves as I do – and as much as I put into myself when my mentors helped me. I expect them to fill their toolbox, and I expect to help them fill it.

So what’s the meat of this philosophical sandwich? Easy: How can I expect someone to invest in me if I don’t invest in myself?

Also, I need the tax write-offs.

So You Want To Be A CISSP

Four years verified security experience. An intimidating test. A waiting period that made me lose more hair. This was my CISSP experience. When I took the CISSP it was bubble sheet/Scan Tron. Eight hours for 500 questions from 10 domains ranging from Physical Security to arcane Data Classification used by the military around the time War Games came out. It is, to use an oft used descriptor, a mile wide and an inch deep.

I sat for the test in March of 2006. I self studied. It was, to say the least, intense. Did I make it more intense than I needed to? Probably. I tend to over engineer about anything I can. Usually you can judge your level of study and adequacy of your methods by your test score. Trouble is, you don’t see that in the CISSP. To the person, everyone I have talked to has the same comment “When I walked out, I had no idea if I had passed or bombed it!” When I took it, I had no computerized option, bubble sheet and #2 pencils only. It took 3 weeks to find out if I passed the test. At least that was via email. Then started the background validation. That was another 3 weeks. How did they tell me I passed? I got an envelope with Rocky Gregory, CISSP on it. Saw it for the first time. This was a cert I had wanted since the day I heard about it. Something I sacrificed for, prepped for and lost a lot of sleep to. Needless to say, I wept like I was watching Rudy.

One of the questions I get asked most often is what materials I used to study. It’s important to stop here and note my study process. Like everything I do, there is a process.

The Resources:

As a rule, I have 3 forms of all of the study materials on any exam. I have a primary book – This is the one I read from, mark up, etc. I use it for the entire study session. I have a second source – typically the “next best” version. I do this as people have different writing styles. They use different analogies. They use a different tone and assume different levels of skill and background. If I am baffled by a concept in book 1, I go to book 2 and read it there. I also tend to take the chapter and content tests out of the second book, rather than the first. More on that later. Third – I have an Exam Cram type book. One of those skinny, packed with questions, pump and dump type texts. NOT a brain dump, those are crap and they degrade our industry. I mean the Exam Cram book series. I certify to build my knowledge, renew my understandings, validate I am still mostly sane, and then the letters after my name. Considering the price of most exams, and the fact that a lot of employers only pay for your first attempt, the test is ultimately fairly important. Below are the modern versions of the books I used. I have suggested them for the last 7 years, as well as my study methods and am proud to say the folks I have coached have passed the first time through!

The Books:

Fir TheBible st and foremost, the Shon Harris All-In-One Guide is a must. This is the Golden Book. I have known some folks that have used only this resource and passed.

Next is good old Sybex. Sybex have been around a dogs age and I have used them since my NT4 MCSE prep. They are consistently mediocre, but always a good secondary text. They employ good writers, have a very clean look and feel, and it’s another “voice” to read the text.

Finally, a good Exam Cram guide for cramming, after chapter testing, and the bare bones answers.

The Method:

I’m fortunate enough to be a moderate test taker. I’m extremely fortunate enough to have had a class on another topic taught by my friend and true instructor, ‘‘KC” Keith Charles. KC taught me study tips that I use to this day, and share with anyone studying for a cert. I’ve developed a project style preparation system as well. I tend to put together a project plan for everything I do. A friend once joked that I can’t refill my water bottle without a plan, process and system. So, here it goes:

From KC, the power and virtue of NERVOUS NOTES. The nervous notes concept changed my testing life. The concept is simple. You are nervous when you sit for a test. Doesn’t matter who you are, you’ve got a bit of agita. These notes affirm what you know, give you crib notes for what you don’t. You write them over and over until it is muscle memory. It gives you a second applied sense from which to learn, adds some kinesthesia and drives it home in general. Details on how I use nervous notes:
Have a plan for what you will study each session. “I will finish this malarky about the Orange Books tonight”. “I will finally be able to explain Elliptical Curve Cryptography to my bulldog by the end of this session”.
Read the exam objectives. Highlight the areas that are going to be troublesome. Print those, have them somewhere you can see while you study. Review and check off what you are comfortable with.
I really like to read a chapter or concept in one book, then test on it from the end of the chapter in another book. I do this method until I am hitting in the 80% range, recursively study until I hit that number. I then test in the primary source and the tertiary. Once it’s solid, it’s solid. It goes in the memory bank until the final week or two before the test. Then I do the whole mugilla, chapter by chapter test. I will sometimes challenge myself to go back x chapters at the end of a session on an entirely different topic. With such a theoretical test as the CISSP, this can be a great game to play on yourself.
Set study times. You’re busy. I’m busy. Congress is busy. Get over it, set a specific time. Lock yourself in a room. If you dig music and can have it without being distracted, rock that.
Set a date and work back. If you are paper and penciling it, this is pretty easy. If you are computer basing it, set the date and build your study plan backwards from that date.

Nervous Notes:

Take out an 8.5×11 sheet of paper at the beginning of your study session.
Start making tables, charts, squiggles and notes on the stuff that you are having a hard time with. For me a good example was EAP types for my CWSP. Nice little table of type, security level, definition, etc.
After your first session, take out the sheet and refine it, copy it by hand.
Wash, rinse repeat.
As test time gets closer, finish up the notes sheet. Make a gold image. Copy it before and after each session, at least once, if not a few times. Get to where you are NOT thinking as you write it out. You want to affirm what you know, give crib for what you struggle with and give yourself some time to breath before you hit the begin button or rip open the test book.
Get an 8.5×11 sheet of paper at the test center. The proctor will give you one and a pencil if you demand it, and as long as you give them the paper back after. That was my experience any way. Write out your nervous notes before you tear open the book or hit the start button. This should relax you, enforce you know what you know and give you that quick reference.

So, that’s what I did. Again, this may have been, and in fact probably was, overkill preparation. All I know is that it worked for me and I got those 5 letters I had wanted for so long.

Why Today Is Important

Alan Turing is credited with creating what we today know as the programmable computer. He had the idea before WWII, but work in earnest started in order to crack the “unbreakable” German Enigma machine’s encryption. They were used on U-boats which were destroying allied ships en-masse. Cracking their code would give locations to avoid and other vital information.

He worked in secret and never got credit for his work in his lifetime because it was still a state secret, though it saved thousands of lives. Many believe it to have been a big part of the reason the Germans surrendered.

He was discovered to be gay, a crime then, and penalized with chemical castration. He took his own life. He was posthumously pardoned in 2013 by the Queen. He is one of my biggest heroes and today is his birthday. Read a book on him or at least watch The Imitation Game. It’s pretty close to factual and you wouldn’t be reading this message if it weren’t for Turing.