Welcome to the third issue of De Programmatica Ipsum, dedicated to the subject of Security. In this edition our guest writer Anastasiia Vixentael exposes the dramatic state of security practices among software developers, Adrian talks about the weakest link in software security, asking some questions about society and ethics, and in this issue's subscriber-only article, Graham provides a thorough review of current trends in software security.
-
-
Secure Development Is Dead, Long Live Secure Development
Only those who (happily) live under a rock may have missed the latest news. One company has a critical security bug, another has leaked emails and passwords to millions of user accounts (yours and mine included,) and another will be fined millions of Euros due to a GDPR violation. I do not want to add to the existential dread, but I would love to discuss the problems behind creating secure software.
-
The Weakest Link
The professor stopped the class. He asked one students for his phone number. After entering the number into a device looking like a handheld calculator, he asked this unsuspectful student to go outside the classroom and call a friend or a relative. The student complied. After a few seconds, to our astonishment, the machine picked up the call. We could all clearly hear our friend talking to his mum about dinner plans for that evening.
-
On Modern Security Culture
In this article I'm going to talk about some of the more progressive parts of the infosec world, by introducing the people who informed my view on those parts. If they inspire you as much as they did me, then you will come to think of infosec as something your whole organisation, and your whole community, can come together on.
