1/ In researching #breakingsmart, I concluded security is Achilles heel of pragmatic-Promethean rough consensus and running code philosophy
-
-
Replying to @vgr
2/ Here's an interesting thing on state of IoT security, HT
@maradyddhttp://arstechnica.com/security/2016/01/how-to-search-the-internet-of-things-for-photos-of-sleeping-babies/ …2 replies 2 retweets 6 likes -
Replying to @vgr
3/ Original Internet security culture was/is weak because of some mix of RCRC-RERO, NSA, key leverage ideas like blockchain being in future
3 replies 0 retweets 1 like -
Replying to @vgr
4/ Another angle I've learned from DevOps people (see
@RealGeneKim 'Phoenix Project') is security concerns can drive irrational decisions1 reply 2 retweets 4 likes -
Replying to @vgr
5/ State of s/w security culture: industry spends too much on security theater that does nothing, too little on fundamental advances
2 replies 7 retweets 8 likes -
Replying to @vgr
5/ I think one reason for this state is that security concerns, like usability concerns, fundamentally conflict with agility concerns
1 reply 0 retweets 11 likes -
Replying to @vgr
7/ Both usability and security as conceived today seem to require systems-level mental models of full product in like week 1 of project
3 replies 3 retweets 14 likes -
Replying to @vgr
8/ But you can't fully model either user behavior or threat environment that early, to build usability/security "theory" into product DNA
5 replies 1 retweet 9 likes
9/ So InfoSec people, like design people often seem to feel ignored and underappreciated until a crisis makes their role important
-
-
Replying to @vgr
10/ So one question I'm tracking with interest is whether IoT repeats pathologies of original web evolution or figures out "agile security"
4 replies 5 retweets 10 likes - Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.