Clik here to view.
FISMA Failing
Shades of SOX complaints: the U.S. GAO reports that the Federal Information Security Management Act (FISMA) is failing: When we go out and conduct our security control reviews at federal agencies, we...
View ArticleClik here to view.
Wildfire Myopia
It looks like technological security isn’t the only kind disorganized in government. The latest GAO report about wildfires seems like more smoke than fire: This testimony summarizes several key...
View ArticleClik here to view.
Interactive Fact
William Gibson talking about a shoe that appears in his latest novel, Spook Country: Wired: One of the details that leaped out at me was the Adidas GSG9, named for the German counterterrorism squad. I...
View ArticleClik here to view.
Outrage Considered Useful
There’s a bit of comment discussion going on in Metricon Slides, and Viewed as PR about counting vs. selling, in which the major point of agreement seems to be that even at a metrics conference there...
View ArticleNon-Asymmetric Malware
<~~T.A.Z~~> Most exploits through the Internet have been relatively small guys (individuals, gangs, etc.) against big companies and governments. Yet they’re already using botnets to leverage...
View ArticleClik here to view.
Outrage at Outrage Management
So we were discussing Peter Sandman’s recommendations for outrage management, which mostly have to do with how to deal with management not doing something that you’ve given them rational reasons to...
View ArticleClik here to view.
Silver Bullet Security Considered Harmful
In the comment discussion about Linus’s schedulers vs. security polemic, Iang mentioned a paper he’s writing: We hypothesize that security is a good with insufficient information, and reject the...
View ArticleClik here to view.
Further Hardin Debunking
Regarding Perry’s comment to the previous post, the point is that the specific example on which Hardin based his thesis, the one everyone cites in support of it, is not borne out by the evidence, not...
View ArticleClik here to view.
Cultural Risk
Or risk as culture. Malcolm Gladwell writes in his book, Outliers: The historian David Arkush once compared Russian and Chinese peasant proverbs, and the differences are striking. “If God does not...
View ArticleClik here to view.
John Quarterman on Mapping Spam and Politics (audio)
At a meeting on a completely different subject, I was interviewed about SpamRankings.net. Here's the audio, and here's the blurb they supplied: John S. Quarterman, long time Internet denizen, wrote...
View Article
