2017

Lately, I’ve tried to stay away from the tire fire that American politics has become. I’m reasonably certain that I have more to contribute in other areas. But when the President tries to equivocate between those waving the Nazi flag and those protesting against them, we need to speak about what’s acceptable.

It ought to go without saying that when literal Nazis are on one side of a debate, the other side is in the right.

But apparently, that’s not obvious, so I felt I could share a plan for a march by the alt-left, under the ominous name of “Operation Overlord.” They were planning to overthrow the legitimate government all along the coast, and, through force, replace it with their own puppets.

More seriously, we can have disagreements about what’s best for the country, and it’s bad when we demonize those who disagree with us. Civilized society requires us to accept civil disagreement. It accepts that no one is privileged or disadvantaged by an accident of birth: “race, creed or color,” as the expression goes. But civil disagreement, by definition, precludes violence, advocacy of violence or threats of violence.

The Nazi flag is one such threat. Waving it has no purpose except declaring oneself outside society and at odds with the ideals and principles of good people everywhere.

If you’re in a crowd of Nazis, you should be asking why, and walking away.

If you have doubts about what a President should say, here’s a sample:

From his very first experiments, he could see that these animals were unrelated to jellyfish. In fact, they were profoundly different from any other animal on Earth.

Moroz reached this conclusion by testing the nerve cells of ctenophores for the neurotransmitters serotonin, dopamine and nitric oxide, chemical messengers considered the universal neural language of all animals. But try as he might, he could not find these molecules. The implications were profound.

Read “Aliens in our midst” at Aeon.

Back in January, I wrote about “The Dope Cycle and the Two Minutes Hate.” In that post, I talked about: Not kidding: even when you know you’re being manipulated into wanting it, you want it. And you are being manipulated, make no mistake. Site designers are working to make your use of their site as…

Read More The Dope Cycle and a Deep Breath

  (The abstract:) Potentially dangerous cryptography errors are well documented in many applications. Conventional wisdom suggests that many of these errors are caused by cryptographic Application Programming Interfaces (APIs) that are too complicated, have insecure defaults, or are poorly documented. To address this problem, researchers have created several cryptographic libraries that they claim are more…

Read More “Comparing the Usability of Cryptographic APIs”

There’s a Humble Bundle on Cybersecurity, full of Wiley books. It includes my threat modeling book, Ross Anderson’s Security Engineering, Ferguson, Schneier and Kohno’s Crypto Engineering and more. I hope that this is the best price you’ll ever see on these books. Get ’em while they’re hot. The bundle goes to support EFF &/or Water…

Read More Humble Bundle

There was a bit of a complex debate last week over 1Password. I think the best article may be Glenn Fleishman’s “AgileBits Isn’t Forcing 1Password Data to Live in the Cloud,” but also worth reading are Ken White’s “Who moved my cheese, 1Password?,” and “Why We Love 1Password Memberships,” by 1Password maker AgileBits. I’ve recommended…

Read More Threat Modeling Password Managers