Shostack + Friends Blog

The National CyberSecurity Strategy: Liability is Coming

(21 Mar 2023)

A screencapture from Star Wars, the first time we hear Darth Vader speak

My David Prouse Moment

Searching my feelings as the audiobook of Threats is released. (17 Mar 2023)

An image from Davinci showing water pouring from a jar

Leonardo da Vinci’s Gravity Experiment

An interesting discovery, hidden in Leonardo da Vinci's notebooks (10 Mar 2023)

Threat Modeling Google Cloud (Threat Model Thursday)

NCC has released a threat model for Google Cloud Platform. What can it teach us? (01 Mar 2023)

Application Security Roundup - Feb

This month is all about memory safety, unless you’re a standards group. (27 Feb 2023)

Roman Concrete

Roman concrete was cool, but the new MIT result may be off-base (24 Feb 2023)

An AI generated image of a robot making converation at a cocktail party

Bing’s ChatGPT

ChatGPT in the headlines again (21 Feb 2023)

The ship from 2001 shooting as if it's a death star

2001, as directed by George Lucas

An amazing mash-up (11 Feb 2023)

The cover of the Jan 2023 IEEE Security magazine

Usable Security and Privacy for Engineers

The new IEEE S+P is all about usable security. (09 Feb 2023)

An AI generated image with a watermark of dreamtime

Watermarks

Watermarks show us wierd edges of AI work (03 Feb 2023)

Application Security Roundup - January

So many interesting articles from AI to an organizatoion of socio-technical harms, fascinating incident reports about Uber and Circle CI and some history of attack trees. (30 Jan 2023)

Fumée d'incendie

(29 Jan 2023)

The Hacker Mind

Adam spoke with Robert Vamosi of The Hacker Mind podcast (27 Jan 2023)

Not all developers can be Jedi

Adam joined Paul Roberts on the Conversing Labs podcast (23 Jan 2023)

An amazon screencapture showing threats as the #1 new release in Computer Network Security, and delivering overnight

Threats, To The Supply Chain

The threats book is in the supply chain, inconsistently. (22 Jan 2023)