I plan on following up yesterday’s discussion about modeling with specific application into security metrics tomorrow (or at least later this week), how the right model defeats FUD, but I have about a half a dozen things I thought you might like to see.
Some I’ve put up on the Magnolia group here so check those out.
APPLE FIXING THINGS BEFORE THEY BECOME ISSUES?
It’s become haught counter-culture these days to find issues with OSX (or anything Apple puts out). This is fine, Microsoft deserves a break or two. But if all the cool kids are doing it, I’m the kind of guy that wants to find the opposite of what the cool kids are doing – and my friend Brent Huston is praising Apple for fixing a bug he was verifying. That one won’t be picked up by the New Zealand Herald, I guarantee.
NEW WSJ ARTICLE
Is out here. This one has been influenced by our friend Rob Newby as heavily as he possibly could. That man’s sweat, love, and tears are in the article, so do check it out – and drop by Rob’s site to thank him for his effort. I also found this on Beau Wood’s blog about the article.
Cryptographic Strength Provably Random Number Generator
If that phrase means anything to you, you may want to check out what my friends Aaron and Dan are up to. If that phrase excites you, seek help, or self-medicate by contributing to the project, I’m sure they won’t mind.
ISMS CERTIFICATION, WHAT FOR?
Rebecca Herold has an article on ISO 27001 et. al. on her excellent blog, here. What I thought was interesting was this quote by John DiMaria, “a product manager at BSI Management Systems, a consulting company that helps organizations meet international certification standards“:
“The U.S. has the most laws for security and privacy but the most security breaches of any country in the world.”
…Di Maria “blames this [more breaches in the U.S. than elsewhere] on American companies’ fragmented approach to security.”
I would love - LOVE – to hear your thoughts on this quote, do comment if you have the time (and ability). If your company forbids posting to blogs, you can always send me email- alex ::at:: riskmanagementinsight.com, and I’ll be glad to post it for you anonymously.
CHECK IT OUT, WEB BASED SSH!
That’s right, use a web site to ssh. I’m really not sure how I feel about this.
BEAKER IS ON
This one’s in the Magnolia bookmarks, but I really enjoyed Chris Hoff’s post here so I thought I’d call it out. I personally believe that everything, market innovation included, follows a wave-like pattern. Maybe we’re just in a “valley” right now.
2 FOR OFFTOPIC
Second, if you’ve ever dealt with top info/UI/UE designers, you’ll find this (SFW- but it is YouTube – so caution) to be funny.