Seguí los ejemplos del libro, la primera parte usando C#; aunque el libro usa Java y la segunda parte con Python 3.1, haciendo algunas adecuaciones al código del libro. De hecho, primero lo intente con IronPython para seguir con el tema de .Net, pero con Python 3.1 y IDLE me fue más fácil hacer trabajar el código.
TDD es una técnica avanzada que en su expresión ortodoxa no es seguida ni por el mismo Beck. Es fácil caer en callejones sin salida y el desarrollador debe tener un plan top-down implícito basado en su experiencia y dominio técnico. Por otro lado su aceptación y referencias de éxito son evidencia de su validez.
La primera parte del libro me pareció incompleta, llena de manitas de puerco, visión nocturna, multiplicaciones por el número que pensaste, y conjuros de magia negra.
la segunda parte es de más alto nivel de abstracción pero muestra claramente los fundamentos del marco de xUnit. El uso de Python aquí parece apropiado ya que permite desarrollar la estructura básica de xUnit de manera clara y directa.
Objective-C is psychotic. It’s a Smalltalk dialect built on top of C (and for the most part, it got the good bits of both and left out the bad bits). Obj-C lets you instantiate arrays like [NSArray arrayWithObjects:@"Hello", @"World", nil], using nil as an end-of-array marker because C’s varargs implementation doesn’t know how many args you passed. So it has this extra “null” object that’s not really null.
The standard Python traceback module provides very useful functions to produce useful information about where and why an error occurred. Traceback objects actually contain a great deal more information than the traceback module displays, however. That information can greatly assist in detecting the cause of your error.
import sys,traceback defprint_exc_plus(): “”” Print the usual traceback information, followed by a listing of all the local variables in each frame. “”” tb=sys.exc_info()[2] stack=[] whiletb: stack.append(tb.tb_frame) tb=tb.tb_next traceback.print_exc() print“Locals by frame, innermost last” forframeinstack: print print“Frame %s in %s at line %s”%(frame.f_code.co_name, frame.f_code.co_filename, frame.f_lineno) forkey,valueinframe.f_locals.items(): print“t%20s = “%key, #We have to be careful not to cause a new error in our error #printer! Calling str() on an unknown object could cause an #error we don’t want. try: printvalue except: print“<ERROR WHILE PRINTING VALUE>” try: iflen(sys.argv)>1: length=len(sys.argv) foriinrange(1,length): sys.argv[i–1]=sys.argv[i] delsys.argv[length–1] execfile(sys.argv[0]) except: print_exc_plus()
ISO/IEC 27001 formally specifies a management system that is intended to bring information security under explicit management control. Being a formal specification means that it mandates specific requirements. Organizations that claim to have adopted ISO/IEC 27001 can therefore be formally audited and certified compliant with the standard (more below).
Most organizations have a number of information security controls. However, without an information security management system (ISMS), controls tend to be somewhat disorganized and disjointed, having been implemented often as point solutions to specific situations or simply as a matter of convention. Security controls in operation typically address certain aspects of IT or data security specifically; leaving non-IT information assets (such as paperwork and proprietary knowledge) less protected on the whole. Moreover business continuity planning and physical security may be managed quite independently of IT or information security while Human Resources practices may make little reference to the need to define and assign information security roles and responsibilities throughout the organization.
ISO/IEC 27001 requires that management:
Systematically examine the organization’s information security risks, taking account of the threats, vulnerabilities, and impacts;
Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
Adopt an overarching management process to ensure that the information security controls continue to meet the organization’s information security needs on an ongoing basis.
The key benefits of 27001 are:
It can act as the extension of the current quality system to include security
It provides an opportunity to identify and manage risks to key information and systems assets
Provides confidence and assurance to trading partners and clients; acts as a marketing tool
Allows an independent review and assurance to you on information security practices
A company may want to adopt ISO 27001 for the following reasons:
It is suitable for protecting critical and sensitive information
It provides a holistic, risked-based approach to secure information and compliance
Demonstrates credibility, trust, satisfaction and confidence with stakeholders, partners, citizens and customers
Demonstrates security status according to internationally accepted criteria
Creates a market differentiation due to prestige, image and external goodwill
If a company is certified once, it is accepted globally.
While other sets of information security controls may potentially be used within an ISO/IEC 27001 ISMS as well as, or even instead of, ISO/IEC 27002 (the Code of Practice for Information Security Management), these two standards are normally used together in practice. Annex A to ISO/IEC 27001 succinctly lists the information security controls from ISO/IEC 27002, while ISO/IEC 27002 provides additional information and implementation advice on the controls. The domains covered by ISO 27002 include
Organizations that implement a suite of information security controls in accordance with ISO/IEC 27002 are simultaneously likely to meet many of the requirements of ISO/IEC 27001, but may lack some of the overarching management system elements. The converse is also true, in other words, an ISO/IEC 27001 compliance certificate provides assurance that the management system for information security is in place, but says little about the absolute state of information security within the organization. Technical security controls such as antivirus and firewalls are not normally audited in ISO/IEC 27001 certification audits: the organization is essentially presumed to have adopted all necessary information security controls since the overall ISMS is in place and is deemed adequate by satisfying the requirements of ISO/IEC 27001. Furthermore, management determines the scope of the ISMS for certification purposes and may limit it to, say, a single business unit or location. The ISO/IEC 27001 certificate does not necessarily mean the remainder of the organization, outside the scoped area, has an adequate approach to information security management.
Other standards in the ISO/IEC 27000 family of standards provide additional guidance on certain aspects of designing, implementing and operating an ISMS, for example on information security risk management (ISO/IEC 27005).
The ISO 27001 adopts the process model “Plan-Do-Check-Act” (PDCA) which is applied to the structure of all the processes in ISMS.
The first part, containing the best practices for information security management, was revised in 1998; after a lengthy discussion in the worldwide standards bodies, it was eventually adopted by ISO as ISO/IEC 17799, “Information Technology – Code of practice for information security management.” in 2000. ISO/IEC 17799 was then revised in June 2005 and finally incorporated in the ISO 27000 series of standards as ISO/IEC 27002 in July 2007.
The second part of BS7799 was first published by BSI in 1999, known as BS 7799 Part 2, titled “Information Security Management Systems – Specification with guidance for use.” BS 7799-2 focused on how to implement an Information security management system (ISMS), referring to the information security management structure and controls identified in BS 7799-2. This later became ISO/IEC 27001. The 2002 version of BS 7799-2 introduced the Plan-Do-Check-Act (PDCA) cycle (Deming cycle), aligning it with quality standards such as ISO 9000. BS 7799 Part 2 was adopted by ISO as ISO/IEC 27001 in November 2005.
BS 7799 Part 3 was published in 2005, covering risk analysis and management. It aligns with ISO/IEC 27001.
Plan (establishing the ISMS)
Establish the policy, the ISMS objectives, processes and procedures related to risk management and the improvement of information security to provide results in line with the global policies and objectives of the organization.
Do (implementing and workings of the ISMS)
Implement and exploit the ISMS policy, controls, processes and procedures.
Check (monitoring and review of the ISMS)
Assess and, if applicable, measure the performances of the processes against the policy, objectives and practical experience and report results to management for review.
Act (update and improvement of the ISMS)
Undertake corrective and preventive actions, on the basis of the results of the ISMS internal audit and management review, or other relevant information to continually improve the said system.
An ISMS may be certified compliant with ISO/IEC 27001 by a number of Accredited Registrars worldwide. Certification against any of the recognized national variants of ISO/IEC 27001 (e.g. JIS Q 27001, the Japanese version) by an accredited certification body is functionally equivalent to certification against ISO/IEC 27001 itself.In some countries, the bodies that verify conformity of management systems to specified standards are called “certification bodies”, while in others they are commonly referred to as “registration bodies”, “assessment and registration bodies”, “certification/ registration bodies”, and sometimes “registrars”.The ISO/IEC 27001 certification,[2] like other ISO management system certifications, usually involves a three-stage external audit process:
Stage 1 is a preliminary, informal review of the ISMS, for example checking the existence and completeness of key documentation such as the organization’s information security policy, Statement of Applicability (SoA) and Risk Treatment Plan (RTP). This stage serves to familiarize the auditors with the organization and vice versa.
Stage 2 is a more detailed and formal compliance audit, independently testing the ISMS against the requirements specified in ISO/IEC 27001. The auditors will seek evidence to confirm that the management system has been properly designed and implemented, and is in fact in operation (for example by confirming that a security committee or similar management body meets regularly to oversee the ISMS). Certification audits are usually conducted by ISO/IEC 27001 Lead Auditors. Passing this stage results in the ISMS being certified compliant with ISO/IEC 27001.
Stage 3 involves follow-up reviews or audits to confirm that the organization remains in compliance with the standard. Certification maintenance requires periodic re-assessment audits to confirm that the ISMS continues to operate as specified and intended. These should happen at least annually but (by agreement with management) are often conducted more frequently, particularly while the ISMS is still maturing.
Asset Management
The asset management domain deals with analyzing and attaining the necessary level of protection of organizational assets. The typical objectives of the asset management domain is to identify and create an inventory of all assets, establish an ownership on all assets identified, establish a set of rules for the acceptable use of assets, establish a framework for classification of assets, establish an asset labeling and handling guideline. Asset management, broadly defined, refers to any system that monitors and maintains things of value to an entity or group. It may apply to both tangible assets such as buildings and to intangible concepts such as intellectual property and goodwill.
An asset is anything that has value to the organization. Assets can include infrastructure (e.g. buildings, store houses, towers etc.), physical assets ( computer equipment, communications, utility equipment, heavy machinery), software assets ( applications, software code, development tools, operational software etc.), information (database information, legal documentation, manuals, policies & procedures, organizational documents etc.), services ( transport, air conditioning, communications, utilities etc.), people (management, skills, experience etc.) and imperceptible (reputation, image etc.).
Asset management is a systematic process of operating, maintaining, upgrading, and disposing of assets cost-effectively. Organizations need to identify all assets and create and maintain security controls around them. For each asset a designated owner needs to be made responsible for implementation of appropriate security controls. When creating an asset management policy the organization needs to define the scope of the policy (which parts of the organization are covered under the policy), responsibility (who is ultimately responsible for the policy), compliance (is compliance mandatory or not, what are the guidelines to follow), wavier criteria (on what basis can someone ask for a waiver) and effective date (from when to when is the policy applicable).
Typical policy statements for Asset Management include:
* All assets shall be clearly identified, documented and regularly updated in an asset register
* All assets of shall have designated owners and custodians listed in the asset register
* All assets will have the respective CIA (Confidentiality, Integrity and Availability) rating established in the asset register
* All employees shall use company assets according to the acceptable use of assets procedures
* All assets shall be classified according the asset classification guideline of the company
Asset management comprises of all the activities associated with ongoing management and tracking of assets some of which are as follows: asset discovery (physical & logical), create & maintain conclusive software library, create & maintain conclusive hardware stock, configuration management, physical asset tracking, software license management, request & approval process, procurement management, contract management, assessment on ISO 27001 and PCI controls, supplier/ vendor management, re-deployment & movement, retire & disposal Management, compliance to laws if applicable etc.
Asset Register
The asset register documents the assets of the company or scope in question. Typically all business functions are required to maintain an asset register of their business units. The asset register is required to contain, at a minimum, the following information about the assets: the asset identifier, the asset name, the type and location of assets; the name of the function and process that uses this asset, the asset owner, custodian and user and the CIA (Confidentiality, Integrity, Availability) ratings of the asset. Organizations can choose to additional information into the asset register as necessary for example for IT assets can have IP address as part of them etc.
For all asset registers, a primary person responsible for the asset register needs to be identified. Typically the business unit head or director is the owner of the asset register and recognized functional heads identified are asset custodians. The asset owner is accountable for the comprehensive protection of assets owned by him/her. The asset owner may delegate the responsibility of applying the relevant controls for the maintenance of the assets to an individual/ function referred to as the ‘asset custodian’. It is the responsibility of the asset custodian to implement appropriate security controls that are required for the protection of information assets. It is the responsibility of all employees and third party staff to maintain the confidentiality, integrity and availability of the assets that they use.
Asset Classification
Assets need to be classified in order to provide an appropriate level of protection for a certain category of assets. Information assets need to be classified in terms of its value, requirements and criticality to the business operations of the company. Typical company classification guidelines follow restrictive principles. Some of the common classifications criteria which are used by companies are given below:
RESTRICTED: The restricted level of asset information pertains to highly sensitive information to the company; which when disclosed would cause substantial damage to the reputation and competitive position of the company in the market. Its unauthorized disclosure could adversely impact its business, its shareholders, its business partners and/ or its customers, leading to legal and financial repercussions and adverse public opinion. Examples of restricted information are details of major acquisitions, divestments and mergers, business and competition strategy, sensitive customer, competitor, partner or contractor assessments, intellectual property information, law enforcement and government related information.
CONFIDENTIAL: This category refers to asset information that relates to individuals or is otherwise restricted only to authorized users, but if disclosed outside the company would not harm the organization, its customers, or its partners. This classification applies to any sensitive business information which is intended for use within the company. Examples of confidential information include customer information, negotiating positions, marketing strategy, personnel information, internal company memos and presentations.
INTERNAL This classification refers to asset information that is potentially available to all personnel within the company, but is not public. This can also include information that is restricted to a group or project within the company, but is not designated as “Private” or “Restricted.” Examples of internal information include product design information, system documentation, company employee details, company organizational charts, minutes of department meetings.
PUBLIC This classification refers to asset information that has been published or obtainable from a published source, e.g. the Internet. Example of public information include published marketing material, company public statements or announcements, published company performance information, published job vacancies.
Asset Labeling
All important and critical assets to the company shall be labeled physically / electronically as per the information labeling and handling procedures of the company. The asset owners are required to ensure that their assets are appropriately labeled (marked) for ease of identification. This may exclude information classified as ‘public’. For each classification level, the handling procedures should include the assets introduction; secure processing, storage; transmission and destruction. Classification level must be indicted wherever possible for all forms of physical / electronic information that are sensitive in nature. For example: subject of email stamped with “Confidential” etc.
Por empezar fuerte el curso hoy quiero compartir un enlace de gran interes para los dedicados al mundillo de la gestión de la seguridad entorno a la norma ISO 27001.
Dentro de mis protocolos de seguimiento de las normas 27001, 27002 y las publicaciones o comentarios entorno a ella utilizando las alertas de Google, hoy quiero compartir un par de enlaces que proporciona en un documento PDF una traducción no ofical al castellano de las normas ISO 27001 e ISO 27002.
Aunque los enlaces no aparecen refereciados en ninguna página principal de esta Web, Google la enlaza al buscar sobre controles de la ISO 27002.
Dado que puede ser de interés para el público hispanohablante disponer de una versión en nuestro idioma, comparto la url que Google proporciona por si es del interés de todos.
Ambos documentos aclaran que su uso es autorizado sólo para fines didácticos, objetivo que comparte también este blog.
Las urls donde se encuentran son:
A Total Quality Management training video produced by final year MEng students at the University of Edinburgh. The aim of the video is to explain the main principles of TQM in a tongue-in-cheek style to improve the tea making process in a tea shop business.
Should you use POP3 or IMAP? It’s question we’re often asked here at Domainmonster.com, so lets discuss the two protocols and the advantages of each.
The first thing you need to do before making a decision is to understand what POP3 and IMAP are and of course the difference between the two.
What are they?
Both POP3 and IMAP are protocols that email services use to receive email, be it to an email client such as Outlook or a mobile device.
POP3 – Post Office Protocol 3 is a protocol that has been around for decades. It’s the standard way that a mail service will receive email from a mail server.
IMAP – Internet Message Access Protocol is a protocol that is much newer then POP3 and is used by mail products to view your mail as opposed to actually downloading it.
What is the difference to me?
If you decide to configure your email client or mobile device to connect to your mailbox using POP3 then what happens is that the client or device contacts the mailbox and allows them to download the contents of the Inbox to their own local storage. The mail then will only exist on that local storage and would not be available to download via another client or device. It is however worth noting at this point that a number of clients and devices do allow you to enable a setting to ‘keep a copy of the email on the server’ this would then allow them to be download via a second client if required.
When using IMAP with a client or device they will simply connect to the mailbox and display the full mailbox to you without actually downloading the content to local storage. This has the benefit of allowing you to manage your mailbox from multiple clients and devices and seeing the same content.
If you think about your mailbox as a post-box full of letters, and your mail clients and devices as postmen it can become a little easier to understand the basic fundamental differences between the two protocols.
When using POP3 a postman would visit the post-box and empty the contents and take it away with him. If a second postman then arrived he would only have access to the letters that had been placed into the post-box since the first visit.
When using IMAP a postman would visit the post-box and take a copy of the letters and take those copies away with him, then when a second postman arrived he would do the same and still be able to see all of the letters placed into the post-box.
Which one should I use?
Which protocol you decide to use depends mainly on how you will be accessing and managing your email. If you are likely to be viewing your mail from multiple locations, clients or devices then It is usually best to use IMAP. IMAP will allow you to manage your mailbox from all of these different locations and clients while the actual mailbox content remains on the provider’s mail server. If you were to do the same using POP3 with the ‘Keep a copy on the server’ setting enabled then you are in essence simply creating multiple copies of your mailbox and any management of the mail into sub folders would need to be repeated on each individual client.
If you are simply going to be using one email client and do not want to worry about reaching the mailbox size limit, due to the amount of email, then POP3 would be the way to go. This provides a simple service to allow you to download all of your mail to one location managed by you. The mailbox on the provider’s server would always be empty or close to it as a result and so you would never need to worry about reaching the limit.
ConclusionIf in doubt use IMAP, this gives you the ability to manage your mail from a client or device while still giving the peace of mind that there is a backup, on the mail provider’s server, of your mail. However if you are only accessing your mail from one place and need to keep all your mail locally, POP3 may be a better option.
When first discovered in 2010, the Stuxnet computer worm posed a baffling puzzle. Beyond its sophistication loomed a more troubling mystery: its purpose. Ralph Langner and team helped crack the code that revealed this digital warhead’s final target. In a fascinating look inside cyber-forensics, he explains how — and makes a bold (and, it turns out, correct) guess at its shocking origins.
Ralph Langner’s Stuxnet Deep Dive is the definitive technical presentation on the PLC attack portion of Stuxnet. He did a good job of showing very technical details in a readable and logical presentation that you can follow in the video if you know something about programming and PLC’s.
The main purpose of Ralph’s talk was to convince the audience with “100% certainty” that Stuxnet was designed specifically to attack the Natanz facility. He does this at least four different ways, and I have to agree there is no doubt.
Ralph Langner is a German control system security consultant. He has received worldwide recognition for his analysis of the Stuxnet malware.
Stuxnet worm hits Iranian centrifuges – from mid-2009 to late 2010
Iran complains facilities hit by Stars malware – April 2011
Duqu trojan hits Iran’s computer systems – November 2011
Flame virus targets computers in PCs across the Middle East, including Iran and Israel – June 2012
(sep.2012) Producción inspirada en la sabiduría maya, ese pueblo tan increíblemente adelantado que aún hoy resulta sorprendente su cúmulo de conocimientos y la perfección que alcanzaron. Muestra de ello es su concepto del tiempo, su sistema especial para contar, de base vigesimal y su relación directa con la manera de medir el tiempo, para lo que usaban dos calendarios básicos (el sagrado y el civil) y tres cuentas diferentes, lo cual no daba posibilidad de error. Estas tres cuentas coincidían cada 52 Haab (años civiles de 365 días fijos), por lo que era un momento de especial y profunda importancia. La vida entera giraba en base a la magia de estas cuentas, dándole a cada día un significado único, por lo que se podían hacer predicciones precisas. Mucho se ha hablado del 21.12.2012. El significado es profundo, pero simple: Termina una importante “cuenta larga”, y con ello se “aniquila todo lo malo del [gran] ciclo anterior” para dar inicio a otra nueva cuenta, con una poderosa fuerza de renacimiento. Todos los calendarios vuelven a comenzar de cero (otro de los geniales “inventos” mayas….!). Producción original: Carlos Rangel
el ciclo maya de 52 HAAB
Hace más de 3000 años, la civilización maya floreció desde el sureste de México hasta Honduras inclusive.
Los mayas fueron una sociedad de grandes hombres: astrónomos, matemáticos, poetas, filósofos, artesanos, constructores, y pensadores. Hablaban 44 lenguas mayas. Su literatura ilustra la vida de su cultura en obras como el Rabinal Achí, el Popol Vuh, y los diversos libros del Chilam Balam.
La poesía, la literatura, y el conocimiento matemático de los mayas, estaban ligados a su cosmovisión. Entre los mayas, la religión siempre influyó en los ritos agrícolas, en el arte y en su cultura.
La casta sacerdotal maya, llamada Ah Kin, era poseedora de conocimientos matemáticos y astronómicos que interpretaba de acuerdo con su cosmovisión religiosa, los años que iniciaban, los venideros y el destino del hombre. La gente común los consultaba para saber si un determinado día era favorable o no para algún asunto familiar o económico. Sin embargo los pronósticos era un asunto de los dioses. En el Libro del Chilam Balam contempla una lista de días Tzolk´in con sus pronósticos.
La religión maya tenía tres características fundamentales: Politeísta: Adoraban a varios dioses a la vez. Naturalista: Los dioses eran los elementos, los fenómenos atmosféricos y los cuerpos celestes. Dualista: Partía del principio de que el bien y el mal son igualmente divinos, en constante lucha unos con otros, siempre inseparables, como el día y la noche.
Los mayas concebían al cosmos compuesto por 13 cielos, uno sobre otro, siendo la tierra la capa más baja. Sobre cada cielo presidían trece dioses, llamados los Oxlahuntikú.
Bajo la tierra (inframundo) había otros nueve cielos, también en capas, sobre los que presidían los Bolontikú. El último de estos cielos era el Mitnal, el infierno maya, reino de Ah Puch, Señor de la Muerte.
Creían que, antes que el suyo, habían existido otros mundos destruidos todos por el diluvio. El mundo actual era sostenido por cuatro hermanos guardianes llamados Bacabés,localizados en los cuatro puntos cardinales.
En el centro del mundo maya se encontraba el Yaxché, o Ceiba Sagrada, cuyas ramas se elevaban a los cielos y cuyas raíces penetraban en el inframundo.
Lo que hoy conocemos como el CALENDARIO MAYA, propio de esta civilización, hay investigadores que sostienen que surge de la cultura Olmeca. Las similitudes con el calendario Mexica ofrece evidencias de que en toda Mesoamérica se utilizó el mismo sistema calendárico.
Los mayas tomaban los acontecimientos presentes como señales de los dioses, lo que les permitía vislumbrar el futuro. Por eso era tan importante conocer el movimiento del sol, las estrellas, la luna y los astros como la Tierra y Venus. En función de sus movimientos es que tuvieron la genialidad de hacer el calendario maya.
Inclusive la manera de contar de los mayas está relacionada con el tiempo, pues utilizan un sistema vigesimal en lugar de uno decimal, lo que, sorprendentemente, ofrece mayor precisión.
De acuerdo con el sistema vigesimal, el número 25 arábigo, se representa de la siguiente manera en las posiciones mayas: 0.0.0.1.5
Al igual que el sistema decimal, las unidades van a la derecha, y cada posición a la izquierda equivale al múltiplo de 10. (25) En el sistema maya es igual, pero cada posición equivale a múltiplo de 20. (0.0.0.1.5) 25 = 0.0.0.1.5
CALENDARIO MAYA
Tres cuentas del tiempo, diferentes y complementarias:
1. Tzolk’in o Bucxok: calendario sagrado de 260 días
2. Haab: calendario civil de 365 días
3. 20 Ahau: CUENTA LARGA, combinación de Tzolk’in y Haab de 1’872,000 días
1 Haab (calendario civil) = 365 kines = [18 uinales de 20 kines = 1 tun de 360 kines] + 5 Uayeb (días nefastos fuera del registro cronológico, pero fechados como días)
En el calendario maya puede advertirse la concepción circular del mundo, pues su estructura se repite cada 52 años, lo que constituye un ciclo (o siglo). La concepción cíclica del tiempo conlleva la idea de que el futuro ya ha pasado, y el pasado está por venir, así como la existencia de una serie infinita de mundos.
En la Rueda Calendárica de cada persona, cada 18,980 kins (días) coinciden las 3 ruedas: Tzolk’in, Uinal, Haab. La sincronía se manifestaba en un día especial que sin lugar a dudas es un día favorable, y es tan bueno, que aniquila todas las cosas “malas” que hayan ocurrido en el ciclo previo, cubriéndolas con la luz de ese preciso día, para estar en condiciones de renacer a un nuevo ciclo, y es cuando se muestra la deidad particular que corresponde a cada individuo, con un mensaje personal de renovación, justo al momento de sincronizarse las tres ruedas, al llegar a los 73 Tzolk’in (años sagrados) y 52 Haab (años civiles), equivalentes a nuestros 52 años gregorianos.
Cuando una persona cumplía 52 años llegaba a la plenitud de la vida, pues rebasaba la expectativa de vida de la época del México antiguo. Cada 52 años terminaba un ciclo de vida, un siglo maya.
En una ceremonia llamada FUEGO NUEVO realizada en un Temazcal se extinguían sus desalientos y renacía junto con la nueva llama de esperanza.
Gira rueda de ruedas empápame de la luz creadora de la vida; de la luz que devora la sombras y que encarna el renacimiento de un nuevo florecer en el tiempo.
El 21 de diciembre de 2012 de nuestro actual calendario gregoriano, el sistema calendárico maya conocido como CUENTA LARGA retornará al cero para reiniciar su ciclo de 1’872,000 días (5,125,36 años).
El solsticio de invierno se mueve lentamente hacia el corazón de la galaxia. El 21 de diciembre de 2012 se transformará el mundo al atravesar el sol la “Gran Grieta”, fragmento de la vía láctea que los mayas consideraban la Matriz de la Creación.
Antony f. Aveni Arqueología Mexicana mayo-junio 2010
(CNN) – En un día en que las predicciones de apocalipsis se equivocaron, la NASA tenía más buenas noticias para la Tierra: un asteroide que se temía que tenía un curso de colisión contra nuestro planeta ya no es una amenaza. La incertidumbre por la órbita del asteroide, conocido como 2011 AG5, había permitido que hubiera una posibilidad menor de 1 % de que impactara la Tierra en febrero de 2040, dijo la NASA.
Para definir bien el curso futuro del asteroide, la NASA ordenó que se hiciera más observación. Los astrónomos de la Universidad de Hawái en Manoa asumieron la tarea y pudieron observar el asteroide durante varios días en octubre. “Un análisis de los nuevos datos obtenidos por la Oficina del Programa de Objetos Cercanos a la Tierra del Laboratorio de Propulsión a Chorro en Pasadena, California, muestra que el riesgo de una colisión en 2040 se ha eliminado”, declaró la NASA el viernes. Las nuevas observaciones, hechas con el telescopio Gemini, de 8 metros, en Mauna Kea, Hawái, redujeron las incertidumbres sobre la órbita por un factor superior a 60. Eso significa que la posición de la Tierra en febrero de 2040 no está en el rango del posible recorrido del asteroide. El asteroide, de 140 metros de diámetro, no se acercará a la Tierra a más de 890.000 kilómetros, o más del doble de la distancia entre nuestro planeta y la Luna, dijo la NASA. Una colisión con la Tierra habría generado alrededor de 100 megatones de energía, varias miles de veces más poderosa que las bombas atómicas que terminaron con la Segunda Guerra Mundial, de acuerdo al Observatorio Gemini. Observar el asteroide no fue fácil, dijo David Tholen, un astrónomo del Instituto de Astronomía de la Universidad de Hawái. La posición del asteroide fue muy cercana al Sol, así que los astrónomos tenían que observarlo cuando el cielo estaba oscuro. Tholen le dijo a CNN que había alrededor de media hora entre el momento en que el asteroide se alzaba lo suficiente en el cielo para que el telescopio lo apuntara antes de que el cielo se volviera muy iluminado para poder observarlo. Debido a que los astrónomos miraban al asteroide en lo bajo del cielo, lo estaban viendo a través de mucha atmósfera, que dispersa parte de la luz y hacía que el objeto se viera más tenue, dijo. “El segundo efecto es que la turbulencia de la atmósfera hace que las cosas sean más tenues”, dijo Tholen. “Teníamos que intentar una y otra vez hasta que tuvimos una de esas noches en que la atmósfera estaba calmada”. Tholen y su equipo también descubrió que el asteroide es alargado, así que mediante rota, su brillo cambia. Ese fue otro reto para los astrónomos: como no conocían el periodo de rotación del asteroide, no sabían cuándo aparecería y desaparecería, y cuándo se volvería muy tenue para no poder volverlo. “Este objeto estaba cambiando de brillo por un factor de tres o cuatro, era simplememyte demasiado variable”, dijo Tholen. “Dependía de la noche en que lo observaras”. Muchos predijeron que el fin del mundo sería este viernes, el día en que un gran ciclo del calendario maya finalizaba. Algunos creen que ese día será el domingo. Los mayas de hoy en día dicen que el final de una fase del calendario no significa el fin del mundo, simplemente el fin de una era y el inicio de otra.
