Twenty-five years ago I published a set of code review guidelines that I had crafted while working for a bank. I released them (thanks, SteveMac!) to get feedback and advice, because back then, there was exceptionally little in terms of practical advice on what we now call AppSec. Looking back at what’s there: it’s explicitly…Read More 25 Years In Appsec: Looking Back
A Man on the Moon, Andrew Chaikin is probably the best of the general histories of the moon landings. Failure is not an Option, by Gene Kranz, who didn’t actually say that during Apollo 13. Marketing The Moon by David Scott and Richard Jurek. I was surprised what a good history this was, and how…Read More Books Worth Reading: Q2 2019 (Apollo Edition)
Juneteenth is the celebration of the end of slavery in the US. We should have more holidays that celebrate freedom for the sake of freedom. So happy Juneteenth, everyone!Read More Happy Juneteenth!
The Seattle Times has a story today about how “50 years ago today, the first 747 took off and changed aviation.” It’s true. The 747 was a marvel of engineering and luxury. The book by Joe Sutter is a great story of engineering leadership. For an upcoming flight, I paid extra to reserve an upper…Read More The Queen of the Skies and Innovation
Joseph Lorenzo Hall has a post at the Center for Democracy and Technology, “Taking the Pulse of Security Research.” One part of the post is an expert statement on security research, and I’m one of the experts who has signed on. I fully support what CDT chose to include in the statement, and I want…Read More Security Engineering: Computers versus Bridges
Today is John Harrison’s 352nd birthday, and Google has a doodle to celebrate. Harrison was rescued from historical obscurity by Dava Sobel’s excellent book Longitude, which documented Harrison’s struggle to first build and then demonstrate the superiority of his clocks to the mathematical and astronomical solutions heralded by leading scientists of the day. Their methods…Read More John Harrison’s Struggle Continues
In CONGRESS, July 4, 1776 The unanimous Declaration of the thirteen united States of America, When in the Course of human events, it becomes necessary for one people to dissolve the political bands which have connected them with another, and to assume among the powers of the earth, the separate and equal station to which…Read More The Unanimous Declaration of The 13 United States
In September, Steve Bellovin and I asked “Why Don’t We Have an Incident Repository?.” I’m continuing to do research on the topic, and I’m interested in putting together a list of such things. I’d like to ask you for two favors. First, if you remember such things, can you tell me about it? I recall…Read More Calls for an NTSB?