Shostack + Friends Blog Archive


Admitting Mistakes

Tripwire’s blog has “25 Infosec Gurus Admit to their Mistakes…and What They Learned from Them.” I’m glad to see attention paid to the simple reality that we all make mistakes.

Extra points to Bill Brenner, Pete Lindstrom, Andrew Hay, Chris Wysopal, Rob Ton and Larry Ponemon for being willing to talk about mistakes that had technical security consequences. Not that the soft skills are unimportant, but a great many folks think that with technical ability, you can overcome that. The tech skills are core to how we present as security people, and being willing to own up to those is a praise-worthy act.

My own contribution is “Owning Up to Pwnage (Part 2).