September 19th is National Talk Like a Pirate Day “Dude, anyone got the new Metallica?”Read More Avast ye landlubbers, it's national talk like a pirate day!
SecurityFocus points to a nice short article over at Silicon.com suggests that Gartner advises that for companies building their own software, developers should be pushed to put security at the head of their list. It’s not just in-house tech makers that need a word in their ears – the analysts suggest end users should give…Read More "Want more Secure Software?"
The New York Times reports on a lack of doctors in Canada, along with a rise in Canadians using emergency rooms to replace family doctors. (Use BugMeNot if you don’t want to register.) The basic problem is economic. Doctors are much better paid in the US than in Canada, and doctors can easily move. Its…Read More Canadian Health Care
Peter Swire has a new working draft A Model For When Disclosure Helps Security. Its a great paper which lays out two main camps, which he calls open source and military, and explains why the underlying assumptions cause clashes over disclosure. That would be a useful paper, but he then extends it into a semi-mathematical…Read More Swire on Disclosure
As part of a larger project on security configuration issues, I’m doing a lot of learning about taxonomies and typographies right now. (A taxonomy is a hierarchical typography.) I am often jealous of the world of biology, where there are underlying realities that can be used for categorization purposes. (A taxonomy needs a decision tree.…Read More Science is easier from the outside
this post by Todd Zywicki clearly illustrates the difference between law professors and economics professors.Read More Volokh commentary
Over at TaoSecurity, Richard writes: Remember that one of the best ways to prevent intrusions is to help put criminals behind bars by collecting evidence and supporting the prosecution of offenders. The only way to ensure a specific Internet-based threat never bothers your organization is to separate him from his keyboard! Firstly, I’m very glad…Read More Lock 'em up!
Alec Muffet comments on sysadmin resistance to applying patches. As Steve Beattie and a bunch of others of us wrote about the issue is that there’s a tradeoff to be made to find the optimal uptime for a system. Its a tradeoff between a security risk and an operational risk. Organizationally, different teams are often…Read More Patch Management
According to David Garrity, a technology analyst in New York with Caris & Co.: It was supposed to democratize the process and let people buy in at just a few shares, but it was a miserable failure because the organizers didn’t realize the securities regulations that require people who bid to have a certain net…Read More Why did Google pop? (II)
So Google popped 18% today. That shouldn’t have happened. The goal of their much-discussed auction was to ensure that they made money. The typical bubble IPO involved a “pop” of as much as 100-300% on opening day. This put huge sums in the hands of bankers and the bankers friends, sometimes illegally. Ideally, Google’s trading…Read More Why did Google pop?