Image credit: Bill Anders, Apollo 8, launched this day, Dec 21, 1968.Read More Earthrise
[Dec 20 update: The first draft of this post ended up with both consumer and enterprise advice, which made it complex. The enterprise half is now on the IANS blog: Never Waste a Good Crisis: Yahoo Edition.] Yesterday, Yahoo disclosed that attackers broke into Yahoo in 2013 and stole details on a billion accounts. Brian…Read More Yahoo! Yippee? What to Do?
This quote from Bob Iger, head of Disney, is quite interesting for his perspective as a leader of a big company: There is a human side to it that I try to apply and consider. [But] the harder thing is to balance with the reality that not everything is perfect. In the normal course of…Read More Seeing the Big Picture
There’s a new paper from Mark Thompson and Hassan Takabi of the University of North Texas. The title captures the question: Effectiveness Of Using Card Games To Teach Threat Modeling For Secure Web Application Developments Gamification of classroom assignments and online tools has grown significantly in recent years. There have been a number of card…Read More Do Games Teach Security?
Over the decade or so since The New School book came out, there’s been a sea change in how we talk about breaches, and how we talk about those who got breached. We agree that understanding what’s going wrong should be a bigger part of how we learn. I’m pleased to have played some part…Read More Incentives, Insurance and Root Cause
[Dec 15: Note that there are 4 updates to the post with additional links after writing.] The Green Party is driving a set of recounts that might change the outcome in one or more swing states. Simultaneously, there is a growing movement to ask the Electoral College to choose a candidate other than Donald Trump…Read More Electoral Chaos
In September, we shared the news that for its 50th year, the people of Gävle paid an extra $100,000 to secure the goat. Sadly, it seems to have not helped. Today, the goat tweeted: Oh no, such a short amount of time with you my friends. The obvious lesson is that the Swedes have a…Read More Gavle Lessons: 56% Is Not Sufficiently More Secure!
I moved to MacOS X because it offers both a unix command line and graphical interfaces, and I almost exclusively use the command line as I switch between tasks. If you use a terminal and aren’t familiar with the open command, I urge you to take a look. I tend to open documents with open…Read More Mac Command Line: Turning Apps into Commands
This election has been hard to take on all sorts of levels, and I’m not going to write about the crap. Everything to be said has been said, along which much that never should have been said, and much that should disqualify those who said it from running for President. I thought about endorsing Jill…Read More Election 2016
Much of what Andrew and I wrote about in the New School has come to pass. Disclosing breaches is no longer as scary, nor as shocking, as it was. But one thing we expected to happen was the emergence of a robust market of services for breach victims. That’s not happened, and I’ve been thinking…Read More The Breach Response Market Is Broken (and what could be done)