Author: cwalsh

by

Arlen Specter and Pat Leahy have proposed the “Personal Data Privacy and Security Act of 2005“. This is a comprehensive proposal, and is opposed big-time by various industry lobbies. As reported in the October 21, 2005 American Banker, this bill has hit a snag, and is languishing in Committee. Meanwhile, another bill, courtesy of Jeff…

Read More The hand is quicker than the eye
by 1 comment on "Bubblicious"

As we now know courtesy of the Philippines’ National Capital Regional Police Office, a typical terrorist is “a man aged 17 to 35, wearing a ball cap, carrying a backpack, clutching a cellular phone and acting uneasily” [manilatimes.net]. This critical piece of intelligence, I am sorry to report, seems to have taken a step closer…

Read More Bubblicious
by 3 comments on "Liability for bugs is part of the solution"

Recently, Howard Schmidt suggested that coders be held personally liable for damage caused by bugs in code they write. The boldness of this suggestion is exceeded only by its foolhardiness, but its motivation touches an important truth — alot of code stinks, and people are damaged by it. The reason good programs (which means those…

Read More Liability for bugs is part of the solution
by

Via Alec Muffett’s dropsafe, I learned of a British SF television program which eerily predicted a future Britain in which a sinister governmental department that has abolished individual rights and introduced ID cards for all citizens, rationing and sophisticated electronic surveillance I would have preferred to have gotten a transdimensional police box.

Read More The prescience of the Beeb
by

From New York’s Information Security Breach and Notification Act: 7. (A) IN THE EVENT THAT ANY NEW YORK RESIDENTS ARE TO BE NOTIFIED AT ONE TIME, THE PERSON OR BUSINESS SHALL NOTIFY THE STATE ATTORNEY GENER- AL, THE CONSUMER PROTECTION BOARD, AND THE STATE OFFICE OF CYBER SECURI- TY AND CRITICAL INFRASTRUCTURE COORDINATION AS TO…

Read More Here's to you, New York…
by 2 comments on "Thanks, Adam"

I’ll confess to some stage fright, since this blog’s readership is probably two or three orders of magnitude larger than what my fortnightly rants over at my place probably garner. Anyway, I hope to have posts forthcoming about a few things, among them CVSS, and research into estimating the impact of security events (variously defined)…

Read More Thanks, Adam