Shostack + Friends Blog Archive


Small Bits: Clearance, Security Legislation, Schneier Pointers, Get Me An Operator

  • Richard Bejtlich comments on a Federal Computer Week article, “Security clearance delays still a problem” in “Feds Hurry, Slow Down.”

    “ITAA officials said 27 member companies that responded to a survey are coping with the backlog by hiring cleared employees from one another, sometimes paying premiums of up to 25 percent.”

    I’m glad to see someone who works for the government understands the economics of scarcity.

  • Kim Cameron has a long post “Congress Considers Data Security Legislation,” with a review from CDT, and pointers to a number of bills. Unfortunately, there’s no mention of the “foxes controlling the henhouse alarm” problem that the American Bankers Association is pushing for.
  • Bruce Schneier has pointed to two good articles in two days. Today, he points out Marcus Ranum’s “The Six Dumbest Ideas in Computer Security.” Yesterday,
    he pointed outTolkachev, A Worthy Successor to Penkovsky,” in the CIA’s Studies In Intelligence. Bruce found the tradecraft bits fascinating, I was amazed at how hard it was for Tolkachev to get the attention of the CIA in the face of concerns he was a “dangle” by the KGB.

  • Justin Mason pointed to a “find a human” list, for when you need to get out of voice-jail hell. The list is hosted at Intuit, who is ironically not on the list.

2 comments on "Small Bits: Clearance, Security Legislation, Schneier Pointers, Get Me An Operator"

  • Open Source Insurance, Dumb Things, Shuttle Reliability

    (Perilocity reports that) LLoyds and OSRM to issue open source insurance, including being attacked by commercial vendors over IP claims. (Adam -> Bruce -> ) an article of the “Six Dumbest Ideas in Computer Security” by Marcus Ranum. I’m not…

  • Spooks’ corner: listening to typing, Spycatcher, and talking to Tolkachev

    A team of UCB researchers have coupled the sound of typing to various artificial intelligence learning techniques and recovered the text that was being typed. This recalls to mind Peter Wright’s work. Poking around the net, I found that Shamir…

Comments are closed.