On Saturday, I discussed how “I bolluxed our blog theme.” “More to the point, we here at the New School talk a good game about how we need to talk about problems, rather than cover them up. So here’s our money where our mouths are. I, Adam Shostack, screwed up the blog presentation by not [...]
If you read this blog with a web-reader, you’ll note our (ahem) excellent new theme, and may be saying, wow, guys, “nice job” Yeah. Ooops. I upgraded to WordPress 3.3, and upgraded our theme, and in so doing, overwrote some of the CSS that Alex had tweaked. I didn’t test, and so things were wonky. [...]
Last week I did a podcast with Dennis Fisher. In it, we touched on what I might change in the book. Take a listen at: “Adam Shostack on Methods of Compromise, the New School and Learning“
I really like Gunnar Peterson’s post on “Top 5 Security Influencers:” Its December and so its the season for lists. Here is my list of Top 5 Security Influencers, this is the list with the people who have the biggest (good and/or bad) influence on your company and user’s security: My list is slightly different: [...]
My colleague Ross Smith has just presented an important new paper, “The Future of Work is Play” at the IEEE International Games Innovation Conference. There’s a couple of very useful lessons in this paper. One is the title, and the mega-trends driving games into the workplace. Another is Ross’s lessons of when games work: Over [...]
Over at the Office of Inadequate Security, Dissent says everything you need to know about a new report from the UK’s Big Brother Watch: Extrapolating from what we have seen in this country, what the ICO learns about is clearly only the tip of the iceberg there. I view the numbers in the BBW report [...]
I want to call attention to a new, important and short article by Jay Jacobs. This article is a call to action to break the reliance on unvalidated expert opinions by raising awareness of our decision environment and the development of context-specific feedback loops. Everyone in the New School is a fan of feedback loops [...]
I’m on episode 14 of the Risk Hose podcast, with co-blogger Alex. Chris, Jay and Alex are joined by Adam Shostack and we dig into the topic of feedback loops within Information Security. You should check it out! Episode 14: Feedback Loops
First, good on AT&T for telling people that there’s been an attempt to hack their account. (My copy of the letter that was sent is after the break.) I’m curious what we can learn by discussing the attack. An AT&T spokesperson told Fox News that “Fewer than 1 percent of customers were targeted.” I’m currently [...]
But in the last year and a half, at least 50 diners at restaurants like the Capital Grille, Smith & Wollensky, JoJo and Wolfgang’s Steakhouse ended up paying for more than just a fine piece of meat. Their card information — and, in effect, their identities [sic] — had been stolen by waiters in a [...]