Originally posted on December 17, 2020. Reposted here without edits. There have already been several fairly readable articles on the SolarWinds hack published in the mainstream press1 – and even better ones in InfoSec-specific resources such as the Krebs on Security blog2. Nevertheless, it would do well to provide a rough summary of the sequence […]
Originally posted on December 9, 2020. Reposted here without edits. On December 8, Anne Longfield, the children’s commissioner for England, published a briefing decrying the planned move to end-to-end encryption for their direct messaging (“DM”) applications by social media companies such as Facebook1. The utterly cynical interpretation of all this is that the government plans […]
Originally published on November 2, 2020, edited for grammar and better readability. As I have managed to pass the CISSP examination this past Saturday morning, on my first try, no less, I thought it worthwhile to set down my overall impressions of the thing. First, a general comment. Having sat for more university and professional […]