Sixteen and a half years after I first proposed looking at the Underwriters Laboratories as a model for addressing security issues in Cyberspace, the idea has actually reached the White House's agenda; not as a talking point but as an action item.
While the vast majority of comments have been positive and supportive of the idea being implemented, there have been a handful of opinions on the other side. The frustrating part being that the arguments being made suggest the critics haven't read the entire paper. I hope to call out some of the misconceptions that are incorrectly positioning what my CyberUL paper was, to some extent, proposing.Read More...
One of the longstanding problems in security - and the software industry in general - is the lack of any universally acknowledged authority on quality and reliability. But the industry moved one step closer to making such a clearinghouse a reality this week when Peiter Zatko, a longtime researcher and hacker better known as Mudge in security circles, announced he's leaving Google to start an initiative designed to be a cyber version of Underwriters' Laboratory.
Zatko said on Monday that he had decided to leave Google's Advanced Technology and Projects team and start a cyber UL, at the behest of the White House.
"Goodbye Google ATAP, it was a blast. The White House asked if I would kindly create a #CyberUL, so here goes!" Zatko said on Twitter.973-781-2497
The news report begins with shots of a tense space shuttle launch. Engineers hunch over computer banks and techno music pounds in the background. There is a countdown, a lift-off, and then you see a young man in a black T-shirt and sunglasses, apparently reporting from space. This is the Hacker News Network, and after a decade offline it is lifting off again, this time with a quirky brand of video reports about security.(read more)
Hacker News Network is one of the side projects of the Boston-based hacker collective known as L0pht Heavy Industries. They're the guys who famously told the U.S. Congress that they could take down the Internet in about 30 minutes, and who helped invent the way that security bugs are reported to computer companies.