Mark Curphey - SecurityBuddha.com

Is more bullshit being called out? Great Post.
As is this on the same topic.

Static Analysis Tools Exposition (SATE). If these guys would do this on other tool classes I think we could breakdown some more security religion and get back to creating pragmatic solutions to real problems. Wow, the first two rants ever on my blog each within a few minutes, strange day.

In the UK we have the Advertising Standards Authority. If someone makes a claim in an advert, they need to be able to back it up. If you say Fish Fingers are rich in Omega 3 then be prepared to prove it. If you have a magic face wand that removes wrinkles then make sure [...]

Last year I had some cartoons calling out BS where BS prevailed. The cartoons are still up although I let the domain expire. There were quite a few “that’s hilarious” “or spot on” and quite a few “You’re an ass (from people who were probably uncomfortably close to the topic).
A few people are asking for [...]

On Sundays it’s a British tradition to wake up with a hangover, get a copy of the Sunday Times and watch the morning politics shows on the beeb. This Sunday past was traditional for me. Data breaches and privacy are hot political topics in the UK after the national fiasco overseen by Alistair Darling. I [...]

Some friends on the “inside” were horrified when McAfee bought ScanAlert. It’s ironic that McAfee are  now busted with basic web vulns on their own sites.
Curphey’s Law: When you create (or participate in) a security market based on low cost, expect (or deliver) low quality.

This is the same argument I have against PCI [...]

Dear Idiot (Tom Harris - Labour MP for Glasgow),
The world has gone mad and I am boarding the next commercial flight on Virgin Galactic in search of a world where numnuts and numties no longer rule.
It was my birthday last Thursday and very peasant it was too. I got back from a week in [...]

It’s Christmas. I know it’s Christmas as I have a shiny XBox 360 Elite waiting to be installed along with my Microsoft Home Server and other cool gadgets for the family me.
I also know this because I have to go outside and stack a pile of fire logs in the cold, so you’ll forgive [...]

A must read blog post full of home truths.

Yes that’s the default username and password for my Netgear wireless router printed during manufacturing on the body of the router and for good measure its the old chestnust of admin and password. The marketing claims this device has a double firewall! When will vendors learn? This beats the old password on a post-it note [...]