I am reading Brain Rules; great book! In the opening chapter there is a wonderful quotation from an interview with Frank Lloyd-Wright that resonates with how I feel about the application security industry.
“When I walk into St. Patrick’s cathedral here in New York City, I am enveloped with a feeling of reverence”, said Mike Wallace. [...]
Archive for the 'Security 2.0' Category
United Web Apps on All Devices?
March 6, 2008That’s right, its the Mesh. Security implications galore…..I hope there will be some amazing security SOA folks developing these apps.
The Five Year Business Dream
March 6, 2008It’s true, I read about it in one of those productivity blogs you know; the ones that are so compelling that they actually make you totally unproductive while reading them. Boom boom, he’s on all night ladies and gentlemen. The gist of the post was that you should write down your five year goal in [...]
Marc Andreessen on Platforms
September 24, 2007Marc’s post here is well worth a read.
Level 1 is what I call an “Access API”.
Level 2 is what I call a “Plug-In API”.
Level 3 is what I call a “Runtime Environment”.
The Oxygen Security Platform is actually likely to be a combination of all three!
Webasploit
May 7, 2007Why isn’t there a Metasploit for web apps?
Maybe this is a start……(link)
Security Implications of Inhouse Software
March 6, 2007As always Dinis Cruz shares a very interesting view
“Note that moving software in-house to provide it as a service (as google will soon find out) is not something that has less security requirements than a normal ‘desktop/server packaged applications’, it has MORE security requirements since its security exploitation will affect ALL customers (i.e. in a [...]
Summer internship in the South of France? Can you code (brilliantly)?
March 6, 2007I am currently holed up at my holiday house in the South of France for the year building a prototype (I’ll be moving back to the States next year). Our new Chief Software Architect has now resigned from his current job and will be joining me here in a month. We expect a few others [...]
Defining Security 2.0 – Part 3
March 1, 2007When the Internet was young people focused on infrastructure; the backbones. As we evolved, we shifted to network security and protecting our own LAN’s and WAN connectivity. The last decade saw a compound move up the stack to operating systems (desktops and servers) and the last few years have seen more emphasis on applications and data.
This is natural [...]
The Future : Regulation is Futile – Market Forces Will Prevail
April 28, 200939,000 ft over yet another ocean ……
I just watched an old Bill Joy talk from Ted 2006 via iTunes. Two key paraphrases struck me as prophetic.
“You can’t regulate the problem away”
“What we need is better networks”
In 2005 I did a series of public speaking events using a theme Naked security in which I stripped [...]
Categories: Information Security Economics, Long Tail Security, Microsoft, Platforms, Royal Holloway ISG, Second Life, Security 2.0, Security Industry, Security Platforms, Security metrics, Social Networking, Software Development, Software Security, Technology Commentary, Working at Microsoft, information security, open source
Comments: 6 Comments