Shostack + Friends Blog Archive

 

Virgin America

I flew Virgin Atlantic for the first time recently, for a day trip to San Francisco. I enjoyed it. I can’t remember the last time I actually enjoyed getting on a plane. The first really standout bit was when the Seattle ground folks put on music and a name that song contest. They handed out […]

 
 

Chaos in the Airports! Baa! Baa!

Some days the snark just writes itself: The group that created Smokey Bear and McGruff the Crime Dog has a new potential icon: Stephanie the airport screener. A $1.3 million ad campaign launched this month teams the Ad Council and the Transportation Security Administration trying to change behavior of passengers who no longer automatically accept […]

 

Travel Chaos

NARA (National Archives) published notice in the Federal Register on October 27, 2008, of TSA’s submission to them (see Schedule Pending #3) of a proposed Records Schedule for Secure Flight Program. The actual Proposed Schedule was not published in the Register, only notice that you can request it and file comments on whether NARA should […]

 

Crime in Barcelona

While having a wonderful time in Barcelona, I took the metro a fair amount. Over the course of 8 days, I saw 2 turnstile jumpers, (40€ fine) 3 smokers (30€ fine) and didn’t see as one friend got pick-pocketed (reported fine, one beating). So which crime annoyed me most? The apparently worthless invasion of privacy. […]

 

Quis custodiet ipsos custodes?

There have been a couple of interesting stories over the last week that I wanted to link together. Verizon Employees Snoop on Obama’s Cellphone Records (followed shortly by “Verizon fires workers over Obama cell phone records breach“) and “4 more Ohio officials punished in ‘Joe’ data search.” There’s a couple of things happening here. The […]

 

Tidying up Art

In “Tidying up Art” Ursus Wehrli tells the TED audience about not only how to tidy up art, but has a great example of how apparently simple instructions can very quickly lead chaos to emerge. And it’s pretty darn funny after the audience doesn’t know how to respond to his first couple of jokes.

 

Terrifying Financial Blacklists Falling Down

There’s a list, maintained by the UN security council, of people who can’t have their money. Once you’re on the list, there’s no way to get off. The global blacklisting system for financiers of al-Qaeda and other terrorist groups is at risk of collapse, undermined by legal challenges and waning political support in many countries, […]

 

Ephemeral Anniversary

Yesterday, Nov 17, was the sesquicentenary of the zero-date of the American Ephemeris. I meant to write, but got distracted. Astronomical ephemeris counts forward from this date. That particular date was picked because it was (approximately) Julian Day 1,000,000, but given calendar shifts and all, one could argue for other zero dates as well. The […]

 

Diverse Preferences for Privacy

A Wide Diversity of Consumer Attitudes about Online Privacy shows this picture of Flickr users setting privacy preferences: green is public (default) and red is private. I hope Flickr shares some of the underlying data. I don’t know what anyone would do with it, and there’s two ways to find out. One is to talk, […]

 

The Twain Meeting

Some time ago, was on an extended stay in Tokyo for work. When one is living there, there are things one must do, like make an effort to live up to being a henna gaijin. I must disagree with those who translate that as “strange foreigner.” The proper translation is “crazy foreigner.” I’d never heard […]

 

Actually, Randall, We Tried That

And the reason it doesn’t work is that just because you’re allowed to own something doesn’t mean you’re allowed to export it. The use, ownership, production, etc. of crypto was never restricted, only its export. In an Intenet-enabled world, export control brings lots of hair with it, which is why it was important to fight […]

 

SDL Announcements

I’m in Barcelona, where my employer has made three announcements about our Security Development Lifecycle, which you can read about here: “SDL Announcements at TechEd EMEA.” I’m really excited about all three announcements: they represent an important step forward in helping organizations develop more secure code. But I’m most excited about the public availability of […]

 

Public Policy and InfoSec

…Armed with my favorite govie (who is actually the lead on this, I’m just a straphanger), The New School of Information Security (Hi Adam and Andrew), some government policy directives, and the National Strategy to Secure Cyberspace, I am teaching an Information Security Management and Public Policy class for Carnegie Mellon’s Heinz School. The more […]

 

An early clue to the new direction?

Obama gave his first press conference as President-elect last Saturday. Pundits have noted his humor in responding to the urgent canine matter, but I was struck by a particular phrase used in response to a question regarding whether he’d be moving quickly to fill key cabinet positions: When we have an announcement about cabinet appointments, […]

 

CTO of the United States?

So Obama wants a CTO for the United States. The job description: Obama will appoint the nation’s first Chief Technology Officer (CTO) to ensure that our government and all its agencies have the right infrastructure, policies and services for the 21st century. The CTO will ensure the safety of our networks and will lead an […]

 

Chaos, My Desk and Dilbert

The Wall St Journal covers the latest management fad in “Neatness Counts at Kyocera and at Others in the 5S Club:” 5S is a key concept of the lean manufacturing techniques that have made makers of everything from cars to candy bars more efficient. The S’s stand for sort, straighten, shine, standardize and sustain. Lately, […]

 

I Was On NPR, An Unmasking of Sorts

Okay so for a long time now, I’ve been blogging as Arthur. It all started as an excuse to blog without the company I worked for at the time having to worry about anything I said being a reflection on them. Almost three years ago they were acquired by Oracle and I have long since […]

 

Confirmation Bias and Newspaper Endorsements

We’ve been talking a lot lately about confirmation bias. It turns out that newspaper endorsements are more influential when they are unexpected. The degree of this influence, however, depends upon the credibility of the endorsement. In this way, endorsements for the Democratic candidate from left-leaning newspapers are less influential than are endorsements from neutral or […]

 

Checking in on the Security of Chequing

I remember a conversation back in 1995 or 1996 with someone who described to me how the Automated ClearingHouse (ACH) for checking worked. He explained that once you had an ACH merchant account, you sent in a message of roughly the form (src, dest, amount, reason) and money got moved. I argued with him that […]

 

It’s Morning in America

It’s hard to know what to say after an election that feels so momentous in so many different ways. So, I’ll start from the simple: congratulations to Obama on being elected the 44th President of the United States. Next, let’s add some chaos here and see what emerges. So what’s on your mind? And please, […]

 

This just in!!

MSNBC’s live streaming internet election coverage looks like it was filmed from within Second Life. Yuck.

 

The Purple States

As we go into what may well be another very long day of elections for the Presidency of the United States, I wanted to reprise two images from 2004: Click on either for more details and the context four years ago. Despite the electoral college, America isn’t a red country or a blue country, and […]

 

You talk like a delinquent

This is interesting. Not sure how robust the finding is, but according to an analysis of LendingClub data on all past loans, including descriptions of the use for the money, applicants using certain words in their descriptions are much more likely to default. For our purposes define a Delinquency as either being late in your […]

 

Thoughts about Democracy in America

There’s a place in de Tocqueville where he talks about America’s civic strength coming from the way we organize: those voluntary organizations which come together to solve a problem as a community. He pointed out that what we got from that was not merely that particular problem solved, but a sense of community and a […]

 

It was twenty years ago today

It was twenty years ago today Sgt. Morris taught the worms to play They’ve been going in and out of style But they’re guaranteed to last a while So may I introduce to you… the bug you’ve known for all these years Sgt. Morris Lonely worm club band We’re Sgt. Morris’ lonely worm club band, […]

 
 

Don’t Stay at the Renaissance Amsterdam Hotel

The night of September 29th, I had a room at the Renaissance Amsterdam hotel on Kattengat street. Actually I had two rooms, not that I slept in either of them. The first had too much street noise, and windows that didn’t block out the sound. The second, well, I woke up at 7.30 AM from […]