I’ve updated the blog theme. Please let me know if I broke anything.
CyberDB was kind enough to include us in their “Best Cyber Security News Blogs 2018. There’s some standbys and some I wasn’t familiar with on the list. Thank you for including us!
The node package manager (npm) is having a bad few months. Let’s look at what we can do, what other package managers should do and what we can learn at a policy level, particularly in the U.S. framing of “critical infrastructure.”
Hossein Derakhshan was recently released from jail in Iran. He’s written a long and thoughtful article “The Web We Have to Save.” It’s worth reading in full, but here’s an excerpt:
Some of it is visual. Yes, it is true that all my posts on Twitter and Facebook look something similar to a personal blog: They are collected in reverse-chronological order, on a specific webpage, with direct web addresses to each post. But I have very little control over how it looks like; I can’t personalize it much. My page must follow a uniform look which the designers of the social network decide for me.
The centralization of information also worries me because it makes it easier for things to disappear. After my arrest, my hosting service closed my account, because I wasn’t able to pay its monthly fee. But at least I had a backup of all my posts in a database on my own web server. (Most blogging platforms used to enable you to transfer your posts and archives to your own web space, whereas now most platforms don’t let you so.) Even if I didn’t, the Internet archive might keep a copy. But what if my account on Facebook or Twitter is shut down for any reason? Those services themselves may not die any time soon, but it would be not too difficult to imagine a day many American services shut down accounts of anyone who is from Iran, as a result of the current regime of sanctions. If that happened, I might be able to download my posts in some of them, and let’s assume the backup can be easily imported into another platform. But what about the unique web address for my social network profile? Would I be able to claim it back later, after somebody else has possessed it? Domain names switch hands, too, but managing the process is easier and more clear— especially since there is a financial relationship between you and the seller which makes it less prone to sudden and untransparent decisions.
But the scariest outcome of the centralization of information in the age of social networks is something else: It is making us all much less powerful in relation to governments and corporations.
Ironically, I tweeted a link, but I think I’m going to try to go back to more blogging, even if the content might fit somewhere else. Hossein’s right. There’s a web here, and we should work to save it.
Emergent Chaos has migrated. It’s a long story, and perhaps better left untold. Please let us know if you see issues with the new site.
Well, the world is full of chaos, some good and some bad, and today’s bad for those of you reading via Google Reader is that it’s going the way of Altavista (can you believe it was still around?)
So as you migrate away, please consider including Emergent Chaos in your migration–we’ll have new content here soon, unless chaos emerges in our lives.
More seriously, real content and perhaps even an exciting announcement or two. One of geographically limited interest, the other not.
I’ve updated to the latest WordPress for security fixes. Please let me know if you notice problems (blogname-at-gmail-com)
The Security Bloggers Awards were this week at RSA!
Congratulations to Naked Security (best corporate blog), Paul DotCom (best podcast), Krebs on Security (Most educational, best represents the security industry), J4VV4D’s blog (most entertaining), Andy Greenberg’s “Meet The Hackers Who Sell Spies The Tools To Crack Your PC (And Get Paid Six-Figure Fees)” and Jack Daniel for joining the Hall of Fame!
I wrote a blog post regarding the BSidesSF/RSA conf dust-up.
(If I knew how to work Adam’s twitter integration thingy, you’d have been spared this)