Security theater of the absurd
[en] Scribbles	security, absurd, terrorism, 2010-01-15

Taking a commercial airplane is an exercise in giving up personal freedom and privacy. Even if there is no reason at all that you are suspected of anything... What happened with "innocent until proven guilty"? Why do 100% of the passengers loose all their civil-rights when wanting to travel by air? These so called "security checks" are a farce, they accomplish nothing for security. Of course they do make people feel powerless in the face of bureaucratic rent-a-cops with completely arbitrary rules and regulations. First there was the "war on drugs", when that idea became stale, this "war on terrorism" was invented.. Seems like the "war" in the Orwell's 1984 was implemented by the western states. A never ending war that has no end, but that does need endless sacrifices on personal freedom. If anything this is a war on our personal freedom and until now we're all losing out.

Sans top 25 dangerous programming errors.
[en] Scribbles	sose, security, development, 2009-02-12

[I didn't blog about this since I assumed most people would grab these headlines, but since i found a few inteligent people not having heard about them, I'd rather help spread the word...]

A few weeks back the SANS institute published a compilation of the top 25 most dangerous errors developers can make.

http://www.sans.org/top25errors/

It was compiled by a long list of corporate hot-shots but is mostly a good listing of proper common sense. Most code reviews would catch these things.... Hmmm... code reviews.. now there is a novelty!...

Of course the big software pushers are going to try to sell you semi-automated tools for detecting+fixing the stuff.  Also expect new empty marketing BS like "SANS25 verified" on software. But such is the state of IT.