Shostack + Friends Blog


Application Security Roundup - October and Nov

Interesting reads this month include signals from the administration, a history of appsec by one of the originals, and a longread from Apple about kernel memory design. A set of puzzle pieces

Also, I’m formalizing an informal approach I’ve had: I won't include anything behind a paywall in these roundups. I’ve lost track of the time I’ve wasted trying to get access to papers whose authors have chosen to lock them away. I have library access at the University of Washington, and despite that, I can’t figure out how to get access to IEEE, Elsevier, and others, and you know? I’m done working extra hard to get workable links. “The literature” is open access.

If you have something open access you'd like to nominate, send it along!