I think I am going to rename this blog “Stuff that doesn’t fit into 140 chars” (stolen from Chris Anderson). I am mainly posting on Twitter these days, you can follow me here www.twitter.com/curphey . I am not sure how I missed this absolute gem of a blog post but I did. It’s a great [...]
Archive for the ‘Security Industry’ category
Gem of a Security Post
June 15, 2009SDL in Visual Studio Team System
May 19, 2009….has arrived. Full details here.
S = ƒ ( ___ )
April 24, 2009S = ƒ(°WFF) Degrees of Warm Fuzzy Feeling S=f(p,d)+Rn (Prayer, Denial) + Number of Days till Retirement S=f(n) Where n is the number of security guys you know S=f(1/n) Where n is the number of security standards documents you have read S = ƒ(#B*#FCA) Number of people you can blame multiplied by the number of [...]
This Blog Is Changing – Watch This Space
February 25, 2009Posting has obviously been slow over the last few months. I keep meaning to post a long reflective article about why I have decided to make some big changes about what and why I blog but I just never seem to find the time. In short I have become rather bored making general security commentary; [...]
The World Has Started to Slope Backwards
December 17, 2008‘….A few months ago, a major Bangalore-based infotech company lost out on a $8 million contract. The company was expecting a business delegation to visit India before signing the contract, but 15 days before the date set for the deal, the meeting was abruptly called off. The same team went to China instead. When the [...]
Consumer Application Security or Enterprise Application Security ?
October 21, 2008When Linus Torvalds wrote about the security circus he echoed a lot of the sentiment I have felt for a while; when it comes to software security, people care about the wrong things for the wrong reasons. The sensationalism that follows the release of security bugs is of course understandable. The popular press want to [...]
OWASP CISO Panel
October 20, 2008I didn’t go to OWASP NYC (put off by the vulnerability circus to be brutally honest) but I just watched the CISO panel and it’s just fantastic to see a panel of CISO’s discussing really important application security topics. Jim Routh ‘…..view application security as a supply chain management problem’. Very wise! ‘Static analysis tools [...]
Farewell Security Buddha – Hello Curphey 2.0
March 5, 2010I openly admit I had a mis-spent youth. I was expelled from school and then went on a rampage of sex, drugs, booze and rock and roll for the best part of a decade. I lived hand to mouth and did everything from stacking yogurts in a yogurt factory (working nights), selling houses, working behind [...]
Categories: Beautiful Security, Careers, Getting Things Done, Long Tail Security, Microsoft, OWASP, Productivity, Security Blogs, Security Book Reviews, Security Bullshit, Security Industry, Software Development, Software Security, Speaking, Technology Commentary, Travel, UX, Working at Microsoft, information security, open source
Comments: 9 Comments