A rainy Saturday afternoon gives me a little cause for celebration. Word comes that Naseem Taleb’s new book, “The Black Swan” should be available soon. We talked briefly about Black Swans in Risk Management in a post here. Taleb’s previous work, “Fooled by Randomness” is one of my favorites. A brief review by the Causal Inference guys is here.

This Just In, Water Is Wet

Remember when I pointed you guys to Adobe Apollo as something to keep your eyes on? The day after that post Dark Reading put up a lightweight FUD article here. Obligatory HD Moore quote included. I mean, seriously, we’re going to do this with any new technology aren’t we? If today were a Dark Reading/CSO/SC Magazine article, the headline would read:

“It’s Raining Outside - Security Professionals Warn About Risk Of Slipping”

We Use Verisign Certificates and Verio, What More Can We Do?

OK, I’m a geek. I’ll accept it. I stumbled into a really nerdy hobby recently when I realized that painting tiny 28 mm toy soldiers for my two sons was a great way to relieve stress.

So imagine my surprise when one of the blogs I read for that hobby sent it’s community into an uproar by releasing data about a breach in Credit Card Security. The whole thing is FASCINATING from my standpoint as a security professional. It’s worth reading so I’ll put some links up for you folks.

First, they alerted the readers. Then, they posted the actual names and details from the website! Isn’t that interesting? Finally, the website owner writes in saying that they’re secure because they use SSL and Verio, and it has this quote:

“we really do not see what else we can do to make it more secure for credit card transactions.”

Huh.

Either way, it’s a very interesting little petri dish for incident management.

Posted on March 31