Here is Part 0 (or part 1) of a series on threat modeling the Internet of Things. Here I introduce these two topics: Internet of Things and Threat modeling and suggest that maybe we need to spend more time putting them together. I like the intro and extro for this piece :)
I've been a cryptocurrency skeptic for years. Much of that skepticism comes from hundreds of hours of talking with real CISOs and directors of security about how they can better protect real (not virtual) currency. Even with the resources of enormous budgets and huge security teams they can barely keep the hackers from stealing all the monies. When F5 Labs asked me to write up my opinions about Bitcoin, I threw this together. Not a bad little piece.
Maria Korolov interviewed and quoted me extensively for a Data Center Knowledge piece on WannaCry. I had no time to prepare for this interview, and was surprised when it got published. Sometimes I prepare a LOT and nothing comes of it. You never know, I guess. Just keep doing them.
My writeup of the 25th annual DEF CON, the world's premiere hacker conference in Las Vegas, Nevada. I've been going since DEF CON 7. What has changed? You'd be surprised at what has, and what hasn't.
Three researchers, two from Bastille Networks, gave a fantastic talk about reverse engineering the Comcast and Time Warner home networks. Really well done! I was surprised no one was writing about it, so here you go!
I'd like to take credit for this one, I really would. We had a fascinating email discussion at work and our primary SSL/TLS engineer wrote this great email about the nuances of the asymmetric algorithm, RSA, and how it might be affected by computing advances in the future. I told him it would make a nice little article, and we tried to put his name on it but he didn't want the attention, and he asked me to put my name on it. So we did. Sometimes that happens.