Month: November 2017

  • John Thomas Draper: Setting the Record Straight re: Blue Box

    The tl;dr cliffnotes: John Draper was not invent the Blue Box. In April of 2015, several years after Phil Lapsley published “Exploding the Phone” giving a detailed history of the early days of phreaking, I wrote a blog largely based on that book to clear up long-standing rumors and mistakes in a variety of publications. […]

  • Thoughts about CNNVD vs. US NVD

    [This was originally published on in the 2017 Q3 Vulnerability QuickView report.] In October, Bill Ladd of Recorded Future released a study comparing CVE and the U.S. NationalVulnerability Database (NVD) with China’s National Vulnerability Database (CNNVD). This report, titled“The Dragon Is Winning: U.S. Lags Behind Chinese Vulnerability Reporting” was covered by John Leyden inThe […]