Where do you go to get your security news?

re: Where do you go to get your security news?

Skywing — Sat, 16 Jun 2007 01:47:03 GMT

Oh, wow, didn't know you read Nynaeve. Nice :)

BTW, it's Ken Johnson, not Kevin Johnson.. :)

re: Where do you go to get your security news?

molotov — Sat, 16 Jun 2007 01:56:43 GMT

Mark Russinovich's blog is at http://blogs.technet.com/markrussinovich/.

re: Where do you go to get your security news?

Stuart Ballard — Sat, 16 Jun 2007 03:45:17 GMT

Interesting. You're the first smart person I've encountered who doesn't think Schneier is pretty definitive on security-related topics. (http://geekz.co.uk/schneierfacts/, for example ;) )

I'm curious about what the nature of your disagreement is...

re: Where do you go to get your security news?

Chris — Sat, 16 Jun 2007 05:05:52 GMT

<blockquote>Bruce Schneier - I don't agree with a lot of what he says, but he's always interesting.</blockquote>

How can you disagree with Bruce Schneier and maintain security self-respect? What are your particular issues?

re: Where do you go to get your security news?

Cheong — Sat, 16 Jun 2007 06:29:26 GMT

And the URL to "Alun Jones" Blog has typo. It's msmvps.com not wsmvps.com.

re: Where do you go to get your security news?

Steve Dispensa — Sat, 16 Jun 2007 07:25:29 GMT

I generally find myself agreeing with Schneier. Care to elaborate on where you part company with him?

Also, Ken, Matt Miller (skape), and a talented group of others regularly publish in uninformed (uninformed.org). Pretty technical / long papers, but some real gems there.

re: Where do you go to get your security news?

Jani — Sat, 16 Jun 2007 10:49:08 GMT

http://www.f-secure.com/weblog/

I subscribe to F-Secures weblog feed for my small security news needs :)

re: Where do you go to get your security news?

JLennox — Sat, 16 Jun 2007 15:36:00 GMT

I just keep an RSS feed on milw0rm.

re: Where do you go to get your security news?

haroon — Sat, 16 Jun 2007 19:13:03 GMT

i dont think disagreeing with schneier is that hard to conceive. (his famed ability to divide by 0 aside), he has also gone on record saying things like "i used to think crypto was the answer.. it clearly is not" (a good indication i guess that anyone who disagreed with him between his starting point and his realization would at least by his current perspective be proven correct.)

His question on "do we need a security industry" a few months after selling his security company also raised a few eyebrows..

Take nothing away from him, he is a smart man with interesting thoughts (which i guess is why the author reads him) but he is human, fallible,comes with his own personal biases, and i suspect will be the first person to tell you that you shouldn't be blindly following _any_ authority figure..

/mh

re: Where do you go to get your security news?

nksingh — Sun, 17 Jun 2007 03:36:11 GMT

Schneier did pretty uncritically link to the Gutman DRM paper. I could see how one could find Schneier in a different light after giving airtime to that tripe.

re: Where do you go to get your security news?

Norman Diamond — Mon, 18 Jun 2007 04:28:09 GMT

> Edit: Sorry Skywing :)

Unnecessary ^_^

If he wanted people to remember his real name, he wouldn't use a pseudonym ^_^

Hmm, I wonder if I should use a pseudonym. rwx---rwx.

Why don't I agree with Bruce Schneier all the time :)

Larry Osterman's WebLog — Mon, 18 Jun 2007 21:10:36 GMT

Friday's post about security blogs apparently contained a bit of unintended controversy. When describing

re: Where do you go to get your security news?

Skywing — Mon, 18 Jun 2007 22:42:51 GMT

Norman: I typically go by both. The reason I don't drop the pseudonym (other than that I happen to like it) is that a lot of people know (or knew) me by it exclusively.

re: Where do you go to get your security news?

Bob — Tue, 26 Jun 2007 21:22:48 GMT

Norman, the way you're always complaining about MSDN Japan, your pseudonym should really be rwxrwx---.

re: Where do you go to get your security news?

SHODAN — Tue, 21 Aug 2007 23:20:49 GMT

Shodan recommends unsigned kernel-mode drivers.