Secrets, Wikileaks, and Hacktivism
Current events have put into keen focus the balancing act between privacy, data controls, the reason secrets are kept, and ethics. So if you haven’t had an interest in Wikileaks, […]
Category Archives: Information Security
Threats, Threat Modeling and Analysis
This is a super high level presentation about basic threat modeling, SDL, and why a proactive stance is better than a reactive. I thought that it was fun. Threats, Threat […]
The Art of Keeping Things Done
The current field of information security is largely one of arcana, vagueness, arbitrary views, philosophy, mountaintop sages, a general lack of reliable data, and legions of vendors selling “best practices.” […]
The Politics of Respect
There is a lot of perennial talk of social engineering and direct project/resource management. Attempts to solve complicated political situations with manipulation or a slick widget tend not to work […]
Specialists, Generalists, Incompetence, and Cognitive Bias
I wanted to continue a bit where I left off with a non-technical explanation of what people such as myself do and my commentary on evolving technology management. Here is […]
Agile Infosec
This is a reprint of my comment to a Joshua Corman’s posting on The Fudsec Blog. Consider going there to read his article and the discussion that followed. I can’t […]
Best of 26c3
Here is my list of the most important talks of the 26th Chaos Communication Congress [26C3] held in Berlin, Germany that was held last week. Since my German language skills […]
Swamp Computing
Tired of reading yet another cloud security article? This is really the only one you need to read. If you don’t have the attention span to read it all, read […]
Federal Data Breach Bill (H.R. 2221) Passes House
H.R. 2221 defines personal information as, “an individual’s first name or initial and last name, or address, or phone number, in combination with any 1 or more of the following […]
Militants Can Snoop on Most U.S. Warplanes, Drones
Tapping into drones’ video feeds was just the start. The U.S. military’s primary system for bringing overhead surveillance down to soldiers and Marines on the ground is also vulnerable to […]
Bad Penny 