Spiderlabs, Verizon, and You
Trustwave’s Spiderlabs issued their annual report of their work efforts in the last year; 220 data breach investigations and more than 2,300 penetration tests. They were kind enough to share […]
Unintentional games
For all the hype and declarations of world-changingness that have been made about mobile technology, social networks, the new hype sounds a lot like the old hype. Only the drastic […]
Secrets, Wikileaks, and Hacktivism
Current events have put into keen focus the balancing act between privacy, data controls, the reason secrets are kept, and ethics. So if you haven’t had an interest in Wikileaks, […]
Threats, Threat Modeling and Analysis
This is a super high level presentation about basic threat modeling, SDL, and why a proactive stance is better than a reactive. I thought that it was fun. Threats, Threat […]
The Art of Keeping Things Done
The current field of information security is largely one of arcana, vagueness, arbitrary views, philosophy, mountaintop sages, a general lack of reliable data, and legions of vendors selling “best practices.” […]
Public and Private
In this brave new internet world (as of about 1995), I’ve been thinking of my personal information sharing generally as public and private. Information Classification Because of my work, classifying […]
Monopoly Customer Service
After a few years of avoiding the cable industry, I went ahead and signed up for Comcast Highspeed2Go, a new bundled service where they resell Clearwire and combine it with […]
