The Politics of Respect

There is a lot of perennial talk of social engineering and direct project/resource management. Attempts to solve complicated political situations with manipulation or a slick widget tend not to work very well over time. They are not addressing the underlying issue.

The wedge of compliance or a mandate from a framework may get some base [...]

Specialists, Generalists, Incompetence, and Cognitive Bias

I wanted to continue a bit where I left off with a non-technical explanation of what people such as myself do and my commentary on evolving technology management.

Here is the abstract from Unskilled and Unaware of It: How Difficulties in Recognizing One’s Own Incompetence Lead to Inflated Self-Assessments (Justin Kruger and David Dunning, Department of [...]

Agile Infosec

This is a reprint of my comment to a Joshua Corman’s posting on The Fudsec Blog. Consider going there to read his article and the discussion that followed.

I can’t link to my comment there and, since I’m going to continue down the rabbit hole on this particular topic, I wanted to be certain that I [...]

Mike’s SE Presentation at HH09

Mike Murray’s talk on Social Engineering from this year’s Hacker Halted.

Hacker Halted Redux

Good stuff, Mike!

Another Week, Another GSM Cipher Bites the Dust

Orr Dunkelman, Nathan Keller, and Adi Shamir have released a paper showing that they’ve broken KASUMI, the cipher used in encrypting 3G GSM communications. KASUMI is also known as A5/3, which is confusing because it’s only been a week since breaks on A5/1, a completely different cipher, were publicized. So if you’re wondering if this [...]