It’s been a little time since I have written in the blog. I’m still experimenting with how often to post to balance out the drivel with the interesting and the original. I have to say that I’m was a little surprised at how well received the “Best Security News Stories” line has been so I will keep that up. If a story makes me want to run down the halls and tell my co-workers, I’ll post it here instead.

Thanks to for linking to my blog and adding my blog to the “Featured Bloggers” section of the page. Most appreciated!

The most fun security news story has been covered everywhere but I’m going to include it here anyway precisely because it is so much fun. Joe Barr interviewed Linus Torvalds, Andrew Morton, Ted T’so, and Fyodor and wrote up an article called “Celebrity Advice on keeping your desktop secure”. It includes some excellent tips, like be wary of macro viruses which can also impact OpenOffice (from Ted) and update often, preferably nightly (from Fyodor). Fyodor made the point that the desktop is not the only critical factor for internet security because it can’t save people from themselves – falling for 419 scams, etc. In the end, perhaps the most fun part of the article is the voyeuristic thrill from knowing that Linus is so paranoid about the security of his systems.

With LCA’08 ongoing, there are some interesting news stories appearing on the LCA Planet and it is all too easy to lose far too much time there. I highly recommend the Jim Gettys’ post about the OLPC which reiterates all of the reasons why the OLPC is a critical project for our industry, our children, and our world.

Bruce Schneier’s keynote sounds like it was a good one hitting the high notes on psychology and information: “As security designers we need to address both the feeling and the reality of security” and “‘The way to get people to notice that reality and feeling haven’t converged is information. Information is the best weapon we have.’ In the IT industry, this information is a scarce resource, he said.” It will be interesting to see what he does next to get the industry to produce and publish the data.

On the convergence of security and productivity, zenhabits, a well-known productivity blog, has a guest post on How Productivity Habits Reduced the Impact of Theft … Twice in which Lodewijk’s habit of storing no files on his laptop which he started to improve his productivity has the nice effect of preventing data loss when two company laptops were stolen from him.

And finally, if you don’t already read Bob Blakley’s blog, I highly recommend it. He posts infrequently, but thinks deeply and writes beautifully. Plus he often adds gorgeous photographs. His most recent post is about why he bet his buddy a bottle of Scotch that DRM will be non-existent in the film industry within 4 years. His premise is that in the manner of Robert Rodriguez of old, new artists will make movies on the cheap and release them without DRM. Of course, Robert Rodriguez now makes $100M movies and YouTube is full of movies made on the cheap. That snarky remark aside, I wouldn’t bet against Bob’s vision but I might bet against the timeline. Despite the risk to the existing movie studios, I don’t see them changing their business model until faced with extinction because the New Studio’s massive growth. I would also expect them to pull whatever business tricks are necessary to keep the New Studio down as long as possible.