• The Night I Almost Died
    The Night I Almost Died

    I write a lot. Most recently it has been about information security, movie reviews, so-called AI, and a few other topics. It’s been four years since I blogged about my poor experience with Abbott’s Libre2 glucose sensor technology and all the shortcomings. Since then I have tweeted to them a considerable amount when my continuous…

  • Starfleet Academy; The Review
    Starfleet Academy; The Review

    Starfleet Academy (SA), the latest TV show in the Star Trek line, debuted this year with a lot of fanfare and a fair share of drama. The show almost immediately hit the news with cries of it being “too woke”. The Washington Times headline called it a “woke culture war casualty” and Outkick said the…

  • Why Data From So Many Breaches Never Sees the Light of Day
    Why Data From So Many Breaches Never Sees the Light of Day

    Months ago I was chatting with a colleague about a recent data leak (a.k.a. Data breach), as we tend to do in this industry. Those terms are defined by Microsoft as “an unauthorized disclosure of sensitive, confidential, or personal information from an organization’s systems or networks to an external party“. Any time I see an…

  • InfoSec News (ISN) Mail List History
    InfoSec News (ISN) Mail List History

    As early as 1996, I created a mail list called InfoSec News (ISN) which initially was to share news about the industry. At the time, there were no online news sites covering the topic with any regularity and most were hobbies at best. So the original list had many articles that I had typed in…

  • An AI agent destroyed … hey wait a minute!
    An AI agent destroyed … hey wait a minute!

    Yesterday many people ran across a headline that was shocking, and repetitive. This time it read “‘Gone in 9 seconds’: Claude-powered AI agent deletes startup’s entire database“. For myself, the first thing I had to do was check the date of the article because I swore I had just read about this recently. Yep, April…

  • Don’t Call Me Boss
    Don’t Call Me Boss

    I don’t remember when it started but it was easily five to ten years ago. I’d be in a restaurant typically and a server or cashier would call me ‘boss’. It bothered me from day one because it usually came from a younger kid who presumably didn’t understand all of the connotations behind the word…

  • Security Software: Holding the Vault Door Open for Criminals
    Security Software: Holding the Vault Door Open for Criminals

    I have been consistently tracking a fun metric around vulnerabilities since March 19, 2024. Before that I would occasionally mention it during talks or chat, but I don’t think I formally blogged about it before this and didn’t track the exact number. So here we are to discuss the prevalence of vulnerabilities in security software,…

  • Another Wave of Random Thoughts
    Another Wave of Random Thoughts

    ATM ATMs have way too many options for many users, and definitely for most uses of the machines by volume. Sometimes, when I put my card in, why are you asking what language I want to use? The same one as last time maybe? And for someone who has the same exact transaction 95% of…

  • Death Bed Then vs Now; Societal Impact and Contentment
    Death Bed Then vs Now; Societal Impact and Contentment

    An abstract thought. Our grandparent’s generation seemed content on their deathbed, some with religion, some without. In TV, movies, and books, you see one in a hospital or at home surrounded by loved ones, with a gentle smile. I wonder if that will get much more difficult in today’s age, as society declines and the…

  • NVD Gives Up
    NVD Gives Up

    Since 2024, representatives from NIST’s National Vulnerability Database (NVD) have given a presentation at VulnCon with updates to the program. This has been where news broke about significant changes, admissions, and omissions. The talks, typically 30 minutes, are certainly not enough time to tell us what the industry needs to know and leaves no time…