The way to reduce the chance that someone can crack your computer code is to write better code, and test it faster than the spooks can.
Latest Blogs
The Airborne Shuffle in Cyberspace
We can and should be doing far more than we apparently are, because I guarantee our adversaries are.
How Do You Get Good at Incident Response?
The true measure of defensive success is the speed at which you detect, eject and mitigate the actions of your attackers.
Cyber Security Through the Lens of Theranos
If we’re not checking ourselves we’re setting ourselves up for a situation where checks will be imposed upon us by people who know very nearly nothing of what it takes to succeed, much less advance security.
Cyber Diplomacy Will Not Save You
The idea that the promises of diplomats and statesmen will render cyberspace a safe place is a fantasy you can ill afford to entertain if […]
Functionality > Security
It was reported recently that a security researcher found several exploitable vulnerabilities in a FireEye product. ‘I tried to work with them,’ he said, but was apparently […]
No Accountability No Peace (of Mind)?
Thanks to the ever vigilant Richard Bejtlich for pointing out Jeremiah Grossman’s slides on the idea of INFOSEC security guarantees. Reading them reminded me of a saying, the […]
“Cyber MAD” is a Bad Idea. Really Bad.
If the scenario you need to make your theory work in cyberspace is indistinguishable from a James Bond script, you can’t be taken seriously.
Malware Analysis: The Danger of Connecting the Dots
A lot of people fall victim to a number of problems, fallacies and mental traps when they attempt to draw conclusions from data
You Were Promised Neither Security Nor Privacy
You can still live your life without using TCP/IP or HTTP, you just don’t want to.