Archive for the “Legislation” category

Threat Model Thursday: Architectural Review and Threat Modeling

by nsadmin on June 21, 2018

For Threat Model Thursday, I want to use current events here in Seattle as a prism through which we can look at technology architecture review. If you want to take this as an excuse to civilly discuss the political side (…)

Read the rest of this entry »

New Cyber Security Bill: Crowdsource Analysis?

by adam on February 15, 2012

A lot of people I trust are suggesting that the “Collins-Lieberman” bill has a substantial chance of passing. I have some really interesting (and time-consuming) work tasks right now, and so I’m even more curious than usual what you all (…)

Read the rest of this entry »

Representative Bono-Mack on the Sony Hack

by adam on May 11, 2011

There’s a very interesting discussion on C-SPAN about the consumer’s right to know about breaches and how the individual is best positioned to decide how to react. “Representative Bono Mack Gives Details on Proposed Data Theft Bill.” I’m glad to (…)

Read the rest of this entry »

‘Experts’ misfire in trying to shoot down Charney’s ‘Internet Security Tax’ idea

by Russell on March 17, 2010

Industry ‘experts’ misfired when they criticized Microsoft’s Scott Chareney’s “Internet Security Tax” idea. Q: How many of these ‘experts’ know any thing about information economics and public policy responses to negative externalities? A: Zero. Thus, they aren’t really qualified to comment. This is just one small case in the on-going public policy discussions regarding economics of information security, but given the reaction of the ‘experts’, this was a step backward.

Green Dam

by Chandler on June 13, 2009

Update 26 June 2009: The status of Green Dam’s optionality is still up in the air.  See, for example, this news story on PC makers’ efforts to comply, which points out that Under the order, which was given to manufacturers (…)

Read the rest of this entry »

Statistics Police?!

by alex on June 4, 2009

From Gelman’s blog: U.K. Sheriff Cites Officials for Serious Statistical Violations I don’t know if we need an “office” of information assurance in the government sector, but it would be nice to have some penalty on the books for folks (…)

Read the rest of this entry »

The Eyes of Texas Are on Baseboard Management Controllers? WHAT??!!!

by alex on May 7, 2009

OR TEXAS HB1830S IS SWINEFLU LEGISLATION, IT’S BEEN INFECTED BY PORK! **UPDATE:  It looks like the “vendor language” around Section Six has been struck! Given Bejtlich’s recent promises, I thought we’d take a quick but pragmatic look at why risk (…)

Read the rest of this entry »