Shostack + Friends Blog

My newest post over at Dark Reading ponders regulation. (07 Jun 2019)

The more we see it, the more we ignore it. (29 May 2019)

Some thoughts on promoting others’ threat modeling work. (13 May 2019)

There are a couple of new, short (4-page), interesting papers from a team at KU Leuven discussin the building blocks of threat modeling. (07 May 2019)

Today is the last Star Wars Day before Episode 9 comes out, and brings the Skywalker saga to its end. (04 May 2019)

Top 3, from Continuum (24 Apr 2019)

A resource for those developing games. (10 Apr 2019)

Recent article in Bentham’s Gaze (09 Apr 2019)

Secrecy isn't the best policy when it comes to public health. (08 Apr 2019)

Congratulations to the Hayabusa2 mission team, who flew to an asteroid, dropped multiple rovers, an impactor and a separate camera satellite to observe the impactor. The Hayabusa2 then flew around, to the far side of the asteroid to avoid ejecta from the impactor. In a few weeks, Hayabusa2 will probably land, collect more samples and then fly back to Earth. (06 Apr 2019)

Just what the title says... (05 Apr 2019)

Over-inflated numbers won't scare me into buying your ‘solution’. (02 Apr 2019)

Has it been that long already? (01 Apr 2019)

Some points to consider, from Andrew Odlyzko. (22 Mar 2019)

RSA has posted a video of my talk, “Threat Modeling in 2019”. (19 Mar 2019)