I think I am going to rename this blog “Stuff that doesn’t fit into 140 chars” (stolen from Chris Anderson). I am mainly posting on Twitter these days, you can follow me here www.twitter.com/curphey .
I am not sure how I missed this absolute gem of a blog post but I did. It’s a great read [...]
Archive for the 'Security Bullshit' Category
Gem of a Security Post
June 15, 2009S = ƒ ( ___ )
April 24, 2009S = ƒ(°WFF)
Degrees of Warm Fuzzy Feeling
S=f(p,d)+Rn
(Prayer, Denial) + Number of Days till Retirement
S=f(n)
Where n is the number of security guys you know
S=f(1/n)
Where n is the number of security standards documents you have read
S = ƒ(#B*#FCA)
Number of people you can blame multiplied by the number of friends you have that can cover your back-side
S [...]
Is More Bullshit Being Called Out? Great Posts
February 17, 2008Is more bullshit being called out? Great Post.
As is this on the same topic.
Now That’s a Novel Way to Kill the FUD
February 17, 2008Static Analysis Tools Exposition (SATE). If these guys would do this on other tool classes I think we could breakdown some more security religion and get back to creating pragmatic solutions to real problems. Wow, the first two rants ever on my blog each within a few minutes, strange day.
Security Marketing Spinning Further Out of Control
February 7, 2008In the UK we have the Advertising Standards Authority. If someone makes a claim in an advert, they need to be able to back it up. If you say Fish Fingers are rich in Omega 3 then be prepared to prove it. If you have a magic face wand that removes wrinkles then make sure [...]
Bring Back Security Bullshit?
January 30, 2008Last year I had some cartoons calling out BS where BS prevailed. The cartoons are still up although I let the domain expire. There were quite a few “that’s hilarious” “or spot on” and quite a few “You’re an ass (from people who were probably uncomfortably close to the topic).
A few people are asking for [...]
Why Risk Management is Like Eating Lettuce
January 30, 2008On Sundays it’s a British tradition to wake up with a hangover, get a copy of the Sunday Times and watch the morning politics shows on the beeb. This Sunday past was traditional for me. Data breaches and privacy are hot political topics in the UK after the national fiasco overseen by Alistair Darling. I [...]
O’McAfee, Where Art Thou
January 19, 2008Some friends on the “inside” were horrified when McAfee bought ScanAlert. It’s ironic that McAfee are now busted with basic web vulns on their own sites.
Curphey’s Law: When you create (or participate in) a security market based on low cost, expect (or deliver) low quality.
This is the same argument I have against PCI [...]
Dear Idiot, Your New UK Security Tools Law Sucks!
January 18, 2008Dear Idiot (Tom Harris – Labour MP for Glasgow),
The world has gone mad and I am boarding the next commercial flight on Virgin Galactic in search of a world where numnuts and numties no longer rule.
It was my birthday last Thursday and very peasant it was too. I got back from a week in [...]
Online Banking – Making Phishing Better or Worse
December 22, 2007It’s Christmas. I know it’s Christmas as I have a shiny XBox 360 Elite waiting to be installed along with my Microsoft Home Server and other cool gadgets for the family me.
I also know this because I have to go outside and stack a pile of fire logs in the cold, so you’ll forgive [...]
Recent Comments