Shostack + Friends Blog

Recent Blog Posts, Page 15

The National CyberSecurity Strategy: Liability is Coming

(21 Mar 2023)

 

My David Prouse Moment

Searching my feelings as the audiobook of Threats is released. (17 Mar 2023)

 

Leonardo da Vinci’s Gravity Experiment

An interesting discovery, hidden in Leonardo da Vinci's notebooks (10 Mar 2023)

 

Threat Modeling Google Cloud (Threat Model Thursday)

NCC has released a threat model for Google Cloud Platform. What can it teach us? (01 Mar 2023)

 

Application Security Roundup - Feb

This month is all about memory safety, unless you’re a standards group. (27 Feb 2023)

 

Roman Concrete

Roman concrete was cool, but the new MIT result may be off-base (24 Feb 2023)

 

Bing’s ChatGPT

ChatGPT in the headlines again (21 Feb 2023)

 

2001, as directed by George Lucas

An amazing mash-up (11 Feb 2023)

 

Usable Security and Privacy for Engineers

The new IEEE S+P is all about usable security. (09 Feb 2023)

 

Watermarks

Watermarks show us wierd edges of AI work (03 Feb 2023)

 

Application Security Roundup - January

So many interesting articles from AI to an organizatoion of socio-technical harms, fascinating incident reports about Uber and Circle CI and some history of attack trees. (30 Jan 2023)

 

Fumée d'incendie

(29 Jan 2023)

 

The Hacker Mind

Adam spoke with Robert Vamosi of The Hacker Mind podcast (27 Jan 2023)

 

Not all developers can be Jedi

Adam joined Paul Roberts on the Conversing Labs podcast (23 Jan 2023)

 

Threats, To The Supply Chain

The threats book is in the supply chain, inconsistently. (22 Jan 2023)