December 1, 2006 Denial – Software Quality and the C-I-A of Security There is only one really meaningful light-bulb joke: Q: How many psychiatrists does it take to change a lightbulb? A: Only one, but the…
November 18, 2006 Encyclopedia of IT terms CMP ChannelWeb have an on-line encyclopaedia of IT terms. This is a useful addition to my toolbar for composition, along with a more conventional…
November 13, 2006 Who ya gonna blame? I’m always amazed at how many decision makers weasel out of a good deal because of prejudices and blindness. I can understand the cases…
November 1, 2006 First of the Month Regular Security Violations I am on many mailing lists. They are an aspect of modern life. For some people its the ‘synchonous mode’ of IM, for others…
October 29, 2006 Trojan horse Penetration Testing I’m no fan of Pen-testing, but its remarkable how people fail to learn from the past experience of others, even when that experience is…
October 23, 2006 Common Sense You don’t have to be obsessively conservative or paranoid to avoid a lot of problems and risks. Applying a little common sense will do,…
October 21, 2006 The CISSP Forum FAQ Its one of those bootstrap problems – the new CISSPs who need to read the information can’t get at the FAQ on how to…
October 20, 2006 Dangerous … Nothing Scott Adams, the creator of the Dilbert cartoon, recounts in his blog his recent experiences with airport security and its oddities in “Dangerous Containers“….
October 19, 2006 Open Source for Bean Counters This white paper moves away from the relgious fervour of the geeks to the B-School reasons for open source. This white paper will demystify…
October 17, 2006 Is Bigger always Better? No, this isn’t a Small Is Beautiful article. Its about “Small is Practical”. Let me begin with an anecdote. Back in the early 1980s…
October 13, 2006 Engineering Definitions With Thanks to Gary Hinson and Michael Gerdes who found this on the web and extended it … Project Manager is a Person who…
August 28, 2006 Are we really at risk from Snacks on a Plane? The Sunday Herald in England has this marvelous article:- http://www.sundayherald.com/57459 I love that headline! – Falacious Airline Risks: Indeed! This is a long article…
August 17, 2006 Realistic Risk Assesment I found the contents of this very interesting: http://www.cato.org/pubs/regulation/regv27n3/v27n3-5.pdf Example: Accordingly, it would seem to be reasonable for those in charge of our safety…
July 6, 2006 The truth About AV Those of you who haven’t visited Rob Bergeners VMyths.com site should do so. http://www.forbes.com/home/free_forbes/2006/0605/100.html To sell antivirus software, first you must sell the fear….
June 25, 2006 Irony Headline: FTC attorney’s laptops stolen http://www.presstelegram.com/business/ci_3969575 The government agency charged with fighting identity theft said Thursday it had lost two government laptops containing sensitive…
June 23, 2006 Microsoft’s strategic insecurity Bruce Schneier pointed to this in his blog this week: http://www.xbox-linux.org/wiki/17_Mistakes_Microsoft_Made_in_the_Xbox_Security_System ZDNet has a discussion about the ethics of such ‘hacking’. If Microsoft sells…
June 22, 2006 Side by side news I found this:- http://www.gcn.com/print/25_16/41041-1.html The Agriculture Department’s wireless policy, updated in April through a series of departmental notices, comprises everything from architectural requirements to…
June 12, 2006 Europe must be crazy http://www.csoonline.com/caveat/060606.html?source=csoupdateMaybe they know something we don’t? Maybe they do have good security, but they are doing what we say security should be, and that…
June 12, 2006 Encrypted USB flash drives http://blogs.zdnet.com/hardware/?p=14&tag=nl.e539 Yea, right. Fine for the monoculture, but what about us types for whom MS-Windows is not the ne-plus-ultra, not the first choice? Oh,…
May 30, 2006 Win either way AT&T leaks sensitive info in NSA suit http://news.com.com/AT38T+leaks+sensitive+info+in+NSA+suit/2100-1028_3-6077353.html The beauty of this is whether ATnT wins or looses, we in InfoSec come out ahead….