‘The New School’

While I was running around between the Berkeley Data Breaches conference and SOURCE Boston, Gary McGraw and Brian Chess were releasing the Building Security In Maturity Model. Lots has been said, so I’d just like to quote one little bit: One could build a maturity model for software security theoretically (by pondering what organizations should…

Read More Building Security In, Maturely

March 15-21 is “Sunshine Week“, a government transparency initiative described by its main proponents as a national initiative to open a dialogue about the importance of open government and freedom of information. Participants include print, broadcast and online news media, civic groups, libraries, non-profits, schools and others interested in the public’s right to know. The…

Read More Happy Sunshine Week

A few weeks back, Pistachio twittered about How to Present While People are Twittering. I picked it up, and with the help of Quine, was getting comments from Twitter as I spoke. It was a fun experiment, and it’s pretty cool to be able to go back and look at the back channel. [Update: I…

Read More Tweet, tweet

I was struck by this quote in “Edgy, Yet Still Aerodynamic” an article in the New York Times about how new cars are being designed and tested: , To his surprise, in hundreds of tests at Ford’s Wind Tunnel 8 southwest of Detroit the original edges produced less drag than curved substitutes, Mr. Koester said.…

Read More Designing Cars

Security continues to be crippled by a conspiracy of silence. The ongoing costs of not talking about what’s going wrong are absolutely huge, and today, we got insight into just how huge. Richard Clayton and Tyler Moore of Cambridge University have a new paper on phishing, “The consequence of non-cooperation in the fight against phishing.”…

Read More The Costs of Secrecy