about joe

My name is Joe Basirico, by day I help people build secure software. I lead a team of the most talented security experts in the world at Security Innovation to perform security assessments and help our customers reduce their risk against the ever-present threat of hackers and other ne'er-do-wells.

I started a non-profit, Technically Learning, a few years ago with the help of some friends to help kids, particularly girls and minorities, get excited about the STEM fields. Technically Learning recently merged with code.org an amazing new non-profit looking to bring Computer Science to all public schools in the US.

On this site you'll find links to all of my projects, programming projects, research, a blog and more. Learn more about me »

7/27/2016 - Posted by joe

Sorry biweekly, you've just been ejected from my vocabulary. I hate to be esoteric in my language and use a word like fortnightly, but when your definition from Merriam Webster has two directly conflicting definitions I simply cannot use that word. Fortnightly it is!

biweekly

From Grammar Girl:

Semi- always means "half." You can remember the meanin ...

read more...
7/13/2016 - Posted by joe

Viral Game Highlights Calls Attention to Timeless Security Debate

I want to run into traffic, fall into a pond, catch Pokémon while my wife is in labor, and find a dead body; let's check out this Pokémon Go thing!

Pop quiz: Is this a valid login screen for Google Account services? This is the first screen I see when I click login with my Google Account from Pokémon Go. It's concerning because it offers no clear indication this is a valid page, no way for me to verify that I ...

read more...
9/3/2015 - Posted by joe

I was pretty disappointed after reading Mary Ann Davidson's blog post discouraging customers from reverse engineering their software for any reason. As CSO of Oracle, one of the largest software providers in the world, I expected her thoughts on security researchers and responsible disclosure to be more enlightened. Instead I saw a glib response that echoed sentiment from the turn of the last century.

The post has since been removed from Oracle's official blog, which shows that while this may be their internal policy and thinking, the company understands it isn't popular to hold such opinions. Because nothing can be deleted from the internet, and because of the Streisand effect, ...

read more...