Shostack + Friends Blog Archive


Emergent Bits: Iranian Blogger, Economics, Security myths

  • Iranian blogger Mojtaba Saminejad has declared a hunger strike to protest his imprisonment. The Committee to Protect Bloggers has asked that we observe a media fast next Thursday, May 26th and not blog. There are also email addresses to write to to ask that Mojtaba be released.
  • Ethan Zuckerman has some fascinating comments on the economics of US AID:

    Why did my boss want us to pay volunteers more? Because the organization got paid more for spending more. And because paying Geekcorps volunteers less than other IESC volunteers raised questions: Were Geekcorps volunteers less valuable than other IESC volunteers? Or were they underpaid? Or were IESC volunteers overpaid? Better to be consistent and pay the Geekcorps volunteers at maximum per diem, even if field staff thought this was counter to the cultural goals of the program.

    Read the whole thing.

  • Over at Usable Security, Ping points out that “Zaptastic Author Misses the Point.”

    You don’t have to solve the halting problem to use software safely. The solution is to LIMIT AUTHORITY. You can’t limit the authority of a biological virus. You can limit the authority of installed software, and you should.

    Unfortunately, Ping misses that Microsoft is aggressively promoting the same myth with their “10 Immutable Laws of Security
    .” Myths are far harder to overcome when big money’s behind them.