Skip to content

Haft of the Spear

Ruminating on issues related to the pointy end

  • About
  • Projects
  • Resources

Latest Blogs

Intelligence Agencies Are Not Here to Defend Your Enterprise
Computer Security, Defense, Information Security, Intelligence, National Security, Reform, Security, Technology

Intelligence Agencies Are Not Here to Defend Your Enterprise

August 19, 2016October 13, 2016 Mike 3 mins read

The way to reduce the chance that someone can crack your computer code is to write better code, and test it faster than the spooks can.

The Airborne Shuffle in Cyberspace
Computer Security, Information Operations, Information Security, Intelligence, National Security, Reform, Security, Technology

The Airborne Shuffle in Cyberspace

July 19, 2016October 13, 2016 Mike 4 mins read

We can and should be doing far more than we apparently are, because I guarantee our adversaries are.

How Do You Get Good at Incident Response?
Computer Security, Security, Technology

How Do You Get Good at Incident Response?

May 28, 2016October 13, 2016 Mike 4 mins read

The true measure of defensive success is the speed at which you detect, eject and mitigate the actions of your attackers.

Cyber Security Through the Lens of Theranos
Computer Security, Reform, Security, Technology

Cyber Security Through the Lens of Theranos

May 19, 2016October 13, 2016 Mike 3 mins read

If we’re not checking ourselves we’re setting ourselves up for a situation where checks will be imposed upon us by people who know very nearly nothing of what it takes to succeed, much less advance security.

Uncategorized

Cyber Diplomacy Will Not Save You

September 19, 2015April 23, 2021 Mike 3 mins read

The idea that the promises of diplomats and statesmen will render cyberspace a safe place is a fantasy you can ill afford to entertain if […]

Uncategorized

Functionality > Security

September 8, 2015April 23, 2021 Mike 3 mins read

It was reported recently that a security researcher found several exploitable vulnerabilities in a FireEye product. ‘I tried to work with them,’ he said, but was apparently […]

Uncategorized

No Accountability No Peace (of Mind)?

August 19, 2015April 23, 2021 Mike 3 mins read

Thanks to the ever vigilant Richard Bejtlich for pointing out Jeremiah Grossman’s slides on the idea of INFOSEC security guarantees. Reading them reminded me of a saying, the […]

Computer Security, Defense, Military, National Security, Reform

“Cyber MAD” is a Bad Idea. Really Bad.

June 22, 2015 Mike 4 mins read

If the scenario you need to make your theory work in cyberspace is indistinguishable from a James Bond script, you can’t be taken seriously.

Computer Security, Intelligence, National Security, News, Security, Technology

Malware Analysis: The Danger of Connecting the Dots

March 5, 2015April 23, 2021 Mike 12 mins read

A lot of people fall victim to a number of problems, fallacies and mental traps when they attempt to draw conclusions from data

Computer Security, Intelligence, Security, Technology

You Were Promised Neither Security Nor Privacy

March 14, 2014February 21, 2020 Mike 6 mins read

You can still live your life without using TCP/IP or HTTP, you just don’t want to.

Posts navigation

1 2 3 4 5 6 7 8 … 11

Copyright © 2022 | All Rights Reserved. Mik by Shark Themes