39,000 ft over yet another ocean …… I just watched an old Bill Joy talk from Ted 2006 via iTunes. Two key paraphrases struck me as prophetic. “You can’t regulate the problem away” “What we need is better networks” In 2005 I did a series of public speaking events using a theme Naked security in [...]
Archive for the ‘Software Development’ category
CAT.NET and Anti-XSS 3.0 Released for Free
December 15, 2008We have just released a free static analysis tool for .NET and the open source Anti-XSS 3.0 library (complete with Security Run-Time Engine). http://blogs.msdn.com/cisg/archive/2008/12/15/anti-xss-3-0-beta-and-cat-net-community-technology-preview-now-live.aspx
Modelling Throughout the Ages
November 18, 2008Just brilliant! http://www.modelsremixed.com Requires SilverLight…..
Azure – The Microsoft Cloud Arrives!
October 27, 2008Azure Platform Home Page Windows Azure – The Cloud Services Operating System .NET Services – Access Control, Services Bus and Workflow SQL Services – Database Services Live Services – LiveID, LiveEarth, Contacts Digest that for a while (yes it really is that big), chuck in some LiveMesh and you’ll realize that Microsoft is now not [...]
Security Runtime Engine
October 24, 2008Today we posted some preview details about a .NET security runtime engine we have been working on that overloads encoding methods in the .NET framework. It’s pretty cool, running at near native speed! http://blogs.msdn.com/cisg
Consumer Application Security or Enterprise Application Security ?
October 21, 2008When Linus Torvalds wrote about the security circus he echoed a lot of the sentiment I have felt for a while; when it comes to software security, people care about the wrong things for the wrong reasons. The sensationalism that follows the release of security bugs is of course understandable. The popular press want to [...]
NSA Posts Secrets to Writing Secure Code – Write at 38 LOC Per Day
October 21, 2008The National Security Agency has released a case study showing how to cost-effectively develop code with zero defects. If adopted widely, the practices advocated in the case study could help make commercial software programs more reliable and less vulnerable to attack, the researchers of the project conclude. The case study is the write-up of an [...]
Free Atlas of Cyberspace
October 20, 2008I used to spend hours playing with Mappa Mundi tool (screen shots in the book) envisaging ways you could map security properties to parts of a web system and infer meaning. This totally free eBook (you can pay for the print version) is brilliant. (The full content can be downloaded here, made available [...]

Farewell Security Buddha – Hello Curphey 2.0
March 5, 2010I openly admit I had a mis-spent youth. I was expelled from school and then went on a rampage of sex, drugs, booze and rock and roll for the best part of a decade. I lived hand to mouth and did everything from stacking yogurts in a yogurt factory (working nights), selling houses, working behind [...]
Categories: Beautiful Security, Careers, Getting Things Done, Long Tail Security, Microsoft, OWASP, Productivity, Security Blogs, Security Book Reviews, Security Bullshit, Security Industry, Software Development, Software Security, Speaking, Technology Commentary, Travel, UX, Working at Microsoft, information security, open source
Comments: 9 Comments