Why Privacy Matters Even if You Have 'Nothing to Hide'
I just read a really well written article by Daniel J. Solove is a professor of law at George Washington University who says we should stop thinking about privacy in Orwellian t...
What LinkedIn Should Have Done with Your Passwords
By now, you’ve probably heard that LinkedIn’s passwords have been allegedly compromised. I first heard about this from a Norwegian website earlier today. Here is what we know no...
Constant Vigilance
I’ve been in the Security Industry for about ten years now. I say that not to brag, but to give context for the rest of this post. I’ve assessed countless pieces of software of ...
Boeing Paying Hackers to Break into Their Systems
Boeing’s systems need to be capable of staving off hackers, and for more than two years, the company has employed two “hackers” to test the security of its computer systems. I l...
My Reading Cycle
I don’t read a lot, but over the last few years I’ve developed a book choice cycle that works really well for me. It helps me finish challenging books that I want to read for de...
Developing Tools for Professional Hackers
Professional hackers or security testers tend to write a lot of code. We write exploit code, fuzzers, code to handle esoteric protocols and data structures, unpackers, disassemb...
Finding Your Inner Evildoer (3/4): A Good Imagination
In my previous posts I talked about what an overview of what makes a great security tester, and in depth about what it means to have complete knowledge of the system. If you hav...
When to Rebuild Your Process from Scratch
A few months ago I had the opportunity to rebuild the way we operate the services branch of our company. If you’re not familiar with my background I lead a team of the security ...
Finding Your Inner Evildoer (2/4): Complete Knowledge of the System
In the previous post I described an overview of the three traits I look for in great security testers: Complete Knoweldge of the System, A Good Imagination, and An Evil Streak. ...
Continuous Incremental, Personal Improvement
I am an optimizer. I try to optimize nearly everything in my life. This, I think, is why I tend to spend so much time on personal productivity, time management and other persona...