Alrighty, my second blogroll (of three)... this one is focused on security (multiple aspects), ranging from aviation security to faulty bridge design (physical security) to threats from the plague to commentary on compliance and PCI DSS. Also, a collection of very entertaining videos of Derren Brown performing his "mind hacking" tricks. The links are further on, but the full list of articles is:
* Refuse to be Terrorized
* Source: Design flaw caused bridge collapse
* Plague: The new Black Death
* Patrick Smith on Aviation Security
* Demos Report on National Security
* From Monitoring To Prevention: Switching To Debix
* US Policy Would Allow Government Access to Any Email
* Cloned animals are 'safe to eat'
* An Assertion About PCI & Risk Management
* IT Security Compliance: What are the Critical Success Factors?
* Bayesian Truth Serum
* OWASP London Chapter December 6th Presentations Now Online
* Mind Hacking.
Refuse to be Terrorized
from Schneier on Security by schneier
http://www.schneier.com/blog/archives/2007/12/refuse_to_be_te.html
An imperative, with rationale, from Bruce Schneier. Be ye exhorted! :)
Source: Design flaw caused bridge collapse
from CNN.com
http://www.cnn.com/2008/US/01/15/bridge.collapse.ap/index.html?eref=rss_topstories
NTSB confirmation is forthcoming that the bridge design in Minneapolis (I-35 collapse) was, in fact, faulty.
Plague: The new Black Death
from The Register
http://www.theregister.co.uk/2008/01/15/plague_threat/
There is concern that the plague is spreading to new areas, posing a viable risk for a massive outbreak.
Patrick Smith on Aviation Security
from Schneier on Security by schneier
http://www.schneier.com/blog/archives/2008/01/patrick_smith_o_1.html
Some interest critical commentary of aviation security. Nothing we haven't heard before, just more pointed.
Demos Report on National Security
from Schneier on Security by schneier
http://www.schneier.com/blog/archives/2008/01/demos_report_on.html
Demos is a think tank, not shorthand for "Democrats." An interesting skim.
From Monitoring To Prevention: Switching To Debix
from securosis.com by rmogull
http://securosis.com/2008/01/03/from-monitoring-to-prevention-switching-to-debix/
Instead of just monitoring your credit report, you can now - under federal mandate - lock your credit to prevent new accounts being opened. In addition to Debix mentioned here, I've also received solicitation from Equifax offering the same type of service. A very good idea, if you ask me.
US Policy Would Allow Government Access to Any Email
from Slashdot by ScuttleMonkey
http://yro.slashdot.org/article.pl?sid=08/01/14/2129214&from=rss
From the "you've got to be kidding me" files, the National Intelligence Director is "helping" with a new CyberSecurity policy that would allow unfettered government access to email. If this doesn't tick you off, then you're simply not paying attention. Yet another attempt to broaden the unconstitutional police state that the Bush administration has worked very hard to implement and instill over the past 7 years. Ugh!
Cloned animals are 'safe to eat'
from BBC News | News Front Page | World Edition
http://news.bbc.co.uk/2/hi/science/nature/7190305.stm
Ummm.... yeah. I'm not going to rush out and try some, and I hope that there will be a requirement to label products as coming from cloned animals. Yet another reason to support the "Buy Organic, Buy Local" initiative...
An Assertion About PCI & Risk Management
from RiskAnalys.is by Alex
http://riskmanagementinsight.com/riskanalysis/?p=319
A fairly decent and interesting commentary on the role of PCI DSS. Given that the standard is pure reactionary based on incidents that have occurred, it is then a mix of risk management and mitigation, but he makes some interesting points.
IT Security Compliance: What are the Critical Success Factors?
from Security Response Weblog
http://www.symantec.com/enterprise/security_response/weblog/2008/01/it_security_compliance_what_ar.html
A somewhat interesting, though slightly convoluted, discussion of how to be successful in a compliance program.
Bayesian Truth Serum
from Statistical Modeling, Causal Inference, and Social Science
http://www.stat.columbia.edu/~cook/movabletype/archives/2007/12/bayesian_truth.html
Would we really want to rely on Bayesian statistics to determine truth? Hmmm...
OWASP London Chapter December 6th Presentations Now Online
from Web Security Blog by ivanr
http://www.modsecurity.org/blog/archives/2007/12/owasp_london_ch.html
Presentations include:
* Adrian Pastor: Cracking into embedded devices and beyond!
* Rodrigo Marcos: Blind SQL Injection: Optimization Techniques
Mind Hacking.
from 0x000000 Security
http://www.0x000000.com/?i=489
Several links of Derren Brown doing his thing. He's amazing! My favorite is him beating 9 chess masters.