I don't review games much. I don't play games much. I follow Brianna of Giant Spacekat on Twitter, and I felt a real enthusiasm and genuine excitement as the game was released. I had to download Revolution 60 and give it a go.
There’s an amusing saying about alternative medicine: “What do they call alternative medicine that has been proven to work? Medicine.” We can adapt this to secure software. “What do they call software that does what it is supposed to do securely? Software.”
This is inspired by a quote I read sometime between May 2000 and May 2002. In my mind I have attributed it to Eric Allman of Sendmail, but I can't find a source to confirm it. The quote I remember¹ is something on the order of "my code is secure because it does exactly what I intend it to do—and nothing else." While that's full of hubris, it's got a certain truth to it. If you really are that good, security is almost an afterthought. Some of the security guys I admire , like Scott Matsumoto and Jim Delgrosso, approach software this way. They get the software right to begin with. And then it's not such a difficult stretch to dot some I's and cross some T's and make it secure.
¹ Do you know what quote I am thinking of? Let me know in the comments.
I have a travel card for London's Underground. I renew it by going up to the machines in the station. Every time I finish my transaction, the machine asks "next time why not renew online?" There's a really good reason: time.
I can get that whole transaction done in 90 seconds at the machine. I tap my oyster, select renew, put in my credit card, enter my PIN, and tap my oyster a second time. Done. I can't even get logged in at the oyster site in that time, using high speed broadband and a fast laptop. And I'm buying a ticket for monthly travel: I'm in the station already.
I would like it so much better if the machine said "wow! You got that done in 75 seconds!" Rather than imply I did something wrong or suboptimal. Let's face it: online is not always better or faster.
If you haven't seen some of the great comedy videos made with "text-to-video" software Plotagon (or its predecessor Xtra Normal), you should. They basically involve deadpan, computer voices reading some fairly funny scripts.
Likewise, if you haven't seen the article about #ScumbagPenTester, it's worth a read. It inspired me to make this.
I Pwned Your Server
Wear headphones. The language is NSFW.
I fly United a fair bit, I'm up to like 500,000 lifetime miles. I used to fly a lot more when I lived near Dulles. Now it's mainly Heathrow to Dulles and the odd flight within the US. This weekend I had the first taste of DirectTV on a flight from Orlando to Dulles. It was bad in so many ways, breaking things that have worked well for so long. It also broke new ground in terms of in-your-face advertisements.