[SecurityRatty] tag: sharon

Pain Ray Test Subjects Exposed to 'Unconscionable Risks'

Tue, 14 Oct 2008 08:00:00 +0000

Last fall, Danger Room's Sharon Weinberger agreed to be a guinea pig in a demonstration of the Pentagon's controversial "pain ray." She was told the weapon was safe. But newly-obtained information shows that the pain ray's operators were dangerously undertrained -- exposing test subjects "to unconscionable risks."

Links List 8.15.08

Fri, 15 Aug 2008 16:04:33 +0000

Cloud Computing will also cure the common cold! Not really. But amidst all the hype and overly-used marketing speak it’s hard to tell the difference. Researchers from the University of Michigan announced CloudAV, a network service using the “cloud-computing” concept to fight malware. Please stop the insanity! I’m just waiting for someone to put “my” and “cloud computing” together…

Here’s an interesting post on High Earth Orbit about the usage and promotion of open source software for defense contracts. As a developer of open source tools, Andrew Turner of course brings up some “pros” for the government to push open source, but it’s the “cons” that are really interesting. A big “con” – the US government having something called “sovereign immunity” which apparently means something like it can’t be sued unless it consents to be sued. Hunh – the Republic of ScienceLogic-Land? Closing the loop here, a federal appeals court just boosted open-source software licenses by saying that any infringements can now get more severe remedies under copyright law (instead of contract law); here’s the case, Jacobsen v Katzer. But apparently not if it’s the US government?? Who knows more?

Does Linus Torvalds hate everyone except for developers? You have to check out this article on an email exchange he had with Network World this week, talking about how fed up he is with the “security circus”. Over the course of the exchange and some other comments from last month, he manages to blast security folk, OpenBSD (on security) in particular, vendors and PR people (of course). In the midst of the barrage of colorful language, it’s difficult to really get his point – which if you can dig it out, ends up being surprisingly sensible.

Sharon Taylor, Chief Architect of ITIL V3, recently wrote that with the release of the latest version of ITIL, BSM is now an ‘ITIL best practice.’ You say potato… “The distinction between IT and the business has blurred, and the language of IT has been replaced with the language of the business.”

I Was a Sonic Blaster Guinea Pig

Wed, 13 Feb 2008 13:25:00 +0000

Danger Room's Sharon Weinberger meets a man with a weapon that uses "sound frequencies" to "make you sick." Then she asks him to blast her with the machine.

Links for 2008-01-17 [del.icio.us]

Thu, 17 Jan 2008 21:00:00 +0000

Begley: Mind Reading Is Now Possible | Newsweek Voices - Sharon Begley | Newsweek.com
CSRF Demystified | GNUCITIZEN
OpenXDAS
InfoDev-Security.net Part Three
Getting with JG Diagrams and Analysis
blog.pmarca.com: The three kinds of platforms you meet on the Internet
The key term in the definition of platform is "programmed". If you can program it, then it's a platform. If you can't, then it's not.
Arbor Networks buys networking company Ellacoya
Semantic Search
The Top Ten Cybersecurity Threats for 2008 - Final Draft « The Complex Event Processing Blog
PCI compliance means operational change, not a one-off technology implementation - Personal Computer World
Many believe that if they implement one piece of software or hardware then this will offer the entire solution to PCI.