August 2007

"Trust" Bonus Track

I've previously mentioned my Networkshop 35 presentation in Exeter, and the fact that some of the material I prepared went unused because of lack of time.

As an experiment, I've narrated the unused slides and they are now available for download in one of the following formats:

The presentation is a little under 20 minutes long. Please let me have feedback if you find this kind of thing useful, or for that matter if you find my voice too soporific or annoying. I'm considering doing more along these lines, and it would help to know in advance whether I'd be wasting my time.

Gearheads can read on for technical details…

Tags:

Insecurity Excuse Bingo

In the wake of the Californian voting machine review, Matt Blaze and Jutta Degener invite us to play Security Public Relations Excuse Bingo:

  • We read Schneier's book
  • La, la, la we're not listening
  • You'll be hearing from our lawyers
  • No one would ever think of that
  • Our proprietary encryption algorithms prevent that
  • … and so on ad nauseam

(Via Matt Blaze.)

Ranum on Codependence

Marcus Ranum has started podcasting. The second episode in his Rear Guard podcast is a short but nicely put together rant explaining the parlous state of computer security today in terms of a dysfunctional relationship between practitioners and their organisations:

It's clear that security will be exactly as bad as it can possibly be while still allowing senior managers to survive. Whenever it gets across that line — worse than it can possibly be — there will be a brief fire-drill in order to duct tape things back together again until next time.

Last week a friend remarked, after hearing one of my long rants on an unrelated subject, that I had a very cynical view of the situation. "Thank you", I replied, quite seriously. Marcus Ranum has a very cynical view of the security landscape: not completely without rays of hope, but nevertheless aware that a lot of bad things happen out of pure unenlightened self-interest.

Tags: