De Facto Wars

2011-05-05 00:12:03 by chort

Recently I became involved in a debate with Jacob Appelbaum regarding the legality of US forces killing Osama bin Laden. Jacob contends that bringing bin Laden to justice is essentially a law enforcement matter and as such he is afforded a trial (making his recent death illegal). I disagree. Due to the limitations of Twitter we were not able to have real debate. I'm going to present my side here.

Read the rest of this story...

The Problems in Certifying Software Safety

2010-11-03 14:38:57 by chort

I just finished reading @TanAtHNN's 1999 paper contrasting inspection of electrical devices and safes with software and information security products (thanks toJosh Corman for brining it up). The paper pointed out failings of prominent technology associations in the area of certification, and indicated encryption standards (such as FIPS) as examples of how it could be done right.

Overall I think the paper raises good questions. I think you would be hard-pressed to find people in the industry (especially security researchers) who don't think companies should be held to a higher-than-current standard for information technology. I believe the paper comes up a bit short, however in recognizing the differences between physical productions and digital products.

Read the rest of this story...