I am a pretty upbeat person, and despite my tendency towards snark I am optimistic by nature. You might find that surprising, given my profession of computer and software security, but it’s not. I have gotten a daily barrage of negative news about hacks, breaches, and broken software for well over a decade now. Like rainwater off a duck’s back, I let the bad news wash over me, and continue to educate those interested in security. Sure, I have had days where I say “Crap, security on everything is broken – and worse, nobody seems to get it.” Which is pretty much what Quinn Norton said last week with Everything is Broken. But her article was so well-written that it got to me. It is a testament to the elegance and effectiveness of her arguments that someone as calloused as I could be dragged along with her storyline, right into mild depression. It didn’t help that my morning reading consisted of that and this presentation on how the Internet and always-on connectivity may be making our lives worse. Both offer a sober look at the state of security and privacy; both were well done, with provocative imagery and text. And I admit, for the first time in a long time, I allowed them to get to me. Powerful posts.

I think most people in security get to this same point of frustration at some point in their career. Like Quinn, I try to un-frack my little corner of the world whenever possible. Perhaps unlike Quinn, I accept that this is a never-ending game. Culture is not broken – it is in its natural state between civilization and chaos. It just pisses us off that it’s our own government spending our tax money to create so much of the chaos. Computers and electronic systems are probably a bit more secure from Joe Hacker than they were in 2001 – about when I came to this realization – but government hackers and criminals are much better too. For most folks the daily grind is a balancing act, where things are only unbroken enough to work most of the time. Those of us in security think that if you don’t control your systems, they are essentially non-functional and broken. But for the people people who own the systems, software, and devices there are many competing priorities to worry about; so they put just enough time, effort, and money in to patch things up to achieve their acceptable level of dysfunction. In the balancing act I can apply some affect momentum, but not define the balance point. At least that’s what I tell myself as I swing in my hammock, shaking off the blues.

On the totally opposite end of the spectrum is Shack. And thank $DEITY for that! His post this week – A Hacker Looks at 40 – is a classic. Reading it is like surfing the banzai pipeline. “First, the industry we’re in. WOW. What a shit show … Yeah, it is volatile, and messy, and changes all the time. Thank goodness.” It’s all that an more. Loved Shack’s #1 takeaway: Learn Constantly. That is one of Rich Mogull’s too. You may be tired of hearing about cloud, mobile, and big data as disruptive tech; and the term DevOps makes many wince, but once you jump in it’s awesome and exciting. What a great time to be in security!

They say there is no such thing as bad press, but Ubisoft’s promotion of Watch Dogs got pretty close. Apparently they anonymously mailed a black safe to several media outlets, including Ninemsn. Locked, of course. Then they mailed an anonymous letter telling the recipients to check their voicemail. And left anonymous voicemail with the PIN to open the safe, but not before it started beeping. Cool, right? But Homer Simpson was not there to open the safe for them, so Ninemsn called the bomb squad. After the initial panic and clearing of the building, a copy of the new Watch Dogs game was found. Ah, good times! The presence of booth schwag is unconfirmed. I am just disappointed that the bomb squad wouldn’t say whether they liked the new video game or not. I mean, getting the word out was the whole point, right?

On to the Summary:

Webcasts, Podcasts, Outside Writing, and Conferences

Favorite Securosis Posts

Other Securosis Posts

Favorite Outside Posts

Research Reports and Presentations

Top News and Posts

Blog Comment of the Week

This week’s best comment goes to Andrew Yeomans, in response to Mike’s post on Auditory Dissonance.

Soon all the adverts in your web pages will be for Bieber shirts and perfume! Enjoy!