Security?!

Security Absurdity.com > Security Absurdity; The Complete, Unquestionable, And Total Failure of Information Security.

They say if you drop a frog in a pot of boiling water, it will, of course, frantically try to scramble out. But if you place it gently in a pot of tepid water and turn the heat on low, it will float there quite complacently. As you turn up the heat, the frog will sink into a tranquil stupor and before long, with a smile on its face, it will unresistingly allow itself to be boiled to death. The security industry is much like that frog; completely and uncontrollably in disarray - yet we tolerate it since we are used to it.

It is time to admit what many security professionals already know: We, as security professionals, are drastically failing ourselves, our community and the people we are meant to protect. Too many of our security layers of defense are broken. Security professionals are enjoying a surge in business and growing salaries and that is why we tolerate the dismal situation we are facing. Yet it is our mandate, first and foremost, to protect.

(from spaf_cerias)

This article falls a little short of the mark, I think. You can avoid almost all security problems by following three simple rules: 1. Don't run Windows. 2. Don't read email in HTML, or any other format than plain text. 3. Don't trust any medium that can be easily tapped, which includes wireless and the Internet.

Much of what's called the "security industry" these days consists of people and companies making money off the fact that people don't follow these rules, rather than fixing the problem. At this point, merely educating the public will probably not be sufficient.

In memoriam: Leigh Anne Hussey

Leigh Anne Hussey, motogrrl, singer-songwriter, fiddler, filker, pagan, -- the list goes on -- was killed in a motorcycle accident on I580 last night. She was 46 years old. There are few details at this point, but apparently she lost control of her bike in close proximity to a dump truck.

The flower_cat and I were wakened at 1am or so by a shaken chaoswolf, who'd gotten the news from ciarhwyfar. More from nitnorth, cadhla, purplerabbit, and johno.

She was one of those many people I wish I had known better, and whose music I've loved for years; I was looking forward to hearing her band, Brazen Hussey, at Baycon Friday night. You never know when it will be the last time you see someone -- make the most of your time together. Fare well, Leigh Anne, wherever you're wandering now.

DAMN!

MacOS X goes proprietary

Macworld UK - Apple closes down OS X

Mac developers and power users no longer have the freedom to alter, rebuild, and replace the OS X kernel from source code. Stripped of openness, it no longer possesses the quality that elevated Linux to its status as the second most popular commercial OS.

...thereby demonstrating the reason why Apple picked the BSD license for Darwin, and the reason why Linux, with the GPL, remains open.