Aspartame is toxic, so they renamed it AsparSweet(tm) to confuse consumers. GMAC was fined for mistreating customers and accused of violating state laws, so they renamed themselves Ally. Slumping sales of high fructose corn syrup, a substance many feel contributes to obesity and reduced brain function, inspired the new name “corn sugar”. Euro bonds are now “stability bonds”. Corn-fed stockyard beef can now be labelled ‘Organic’. And that is that whole weird discussion on whether pizza is legally a vegetable or not.
How can you generate better sales in a consumer hostile market? Change names and contribute to politicians who will help you get favorable legislation, that’s how! Like magic, lobbying and marketing help you get your way. In this week’s big news we have the Stop Online Piracy Act. Yes, SOPA is a new consumer-hostile effort to prop up an old economic model. And as we witnessed for the last decade with RIAA and the MPAA, entrenched businesses want the authority to shut down web sites simply on the strength of their accusation of infringement on their IP – without having to actually prove their case.
We know full well that a lot of piracy goes on – and for that they have my sympathy. We here at Securosis get it – our content is often repurposed without consent. But – as you can see here – there are other ways to deal with this. As I have written dozens of times, there are economic models that curtail piracy – without resorting to DRM, root-kitting customer PCs, or throwing due process out the window. The Internet is about exchange of information through a myriad of (social) interfaces for the public good. It has created fantastic revenue opportunities for millions, and is an invaluable tool for research and education. One downside is content theft. I am all for content owners protecting their content – I just want it to be done without undermining the whole Internet. SOPA is the antithesis – its sponsors are perfectly willing to wreck the Internet to ensure nobody uses it to copy their wares. It’s the same old crap the RIAA has been pulling for a decade, in a new wrapper.
On to the Summary:
Webcasts, Podcasts, Outside Writing, and Conferences
Securosis Posts
- New White Paper Published: Applied Network Security Analysis.
- Incite 12/14/2011: Family Matters.
- Pontification Alert: Upcoming webcast appearances.
- Tokenization Guidance White Paper Available.
- Friday Summary, December 9, 2011.
Favorite Outside Posts
- Mike Rothman: It Won’t Be Easy for Iran to Dissect, Copy US Drone. It’s good to see someone is thinking about the reality of reverse engineering. But I suspect Iran would only have to consult your friendly neighborhood APT to get the schematics for a drone (or any of our other military devices).
- Adrian Lane: Deconstructing the Black Hole Exploit Kit. A thorough look at an exploit kit – very interesting stuff!
Project Quant Posts
- DB Quant: Index.
- NSO Quant: Index of Posts.
- NSO Quant: Health Metrics–Device Health.
- NSO Quant: Manage Metrics–Monitor Issues/Tune IDS/IPS.
- NSO Quant: Manage Metrics–Deploy and Audit/Validate.
- NSO Quant: Manage Metrics–Process Change Request and Test/Approve.
Research Reports and Presentations
- Applied Network Security Analysis: Moving from Data to Information.
- Tokenization Guidance.
- Security Management 2.0: Time to Replace Your SIEM?
- Fact-Based Network Security: Metrics and the Pursuit of Prioritization.
- Tokenization vs. Encryption: Options for Compliance.
- Security Benchmarking: Going Beyond Metrics.
Top News and Posts
- Why Iran’s capture of US drone will shake CIA.
- Nomination for the biggest personal washer (Individual) Poll Results for: Thursday, December 15, 2011.
- sIFR3 Remote Code Execution.
- Native webcam access in a browser using JavaScript & HTML5.
- Congress Authorizes Pentagon to Wage Internet War.
- Carrier IQ Explains Secret Monitoring Software to FTC, FCC.
- Security updates for Windows and Java–with a Duqu Trojan patch–via Krebs.
Blog Comment of the Week
No comments this week. Guess we need to post more stuff!
Reader interactions
One Reply to “Friday Summary: December 16, 2011”
“No comments this week”. Have you guys considered exploring Google+ as a forum for a richer interaction with security minded folks and those looking for security knowledge and awareness?