Securosis Blog

Things are so crazy this week, getting ready for RSA, that I nearly forgot we record this little podcast thing every week. Sure, I’ve only been doing it every week for over a year, but you’d think I’d learn to remember.

Despite my intensive research into cryonics, I have to accept that someday I will die. Permanently. I don’t know when, where, or how, but someday I will cease to exist. Heck, even if I do manage to freeze myself (did you know one of the biggest cryonincs companies is only 20 minutes from my house?), get resurrected into a cloned 20-year-old version of myself, and eventually upload my consciousness into a supercomputer (so I can play Skynet, since I don’t really like most people) I have to accept…

We’ve been hinting at it over Twitter and in other blog posts, but it’s official. We’re sponsoring our First Annual Recovery Breakfast Wednesday morning at the RSA conference (8-11 am at Jillian’s). We’ll have hot and cold food, a selection of over-the-counter recovery items, and the hair of the dog of your choice. No marketing, speeches, or anything else (especially since we’ll be in rough shape ourselves).

It was nearly three years ago that I started the Securosis blog. At the time I was working at Gartner, and curious about participating in this whole “social media” thing. Not to sound corny, but I had absolutely no idea what I was getting myself into. Sure, I knew it was called social media, but I didn’t realize there was an actual social component. That by blogging, linking to others, and participating in comments, we are engaging in a massive community dialogue. Yes, since becoming…

If you can read this, you’ve found the brand spanking new Securosis! We’d call it Securosis 2.0, but we hate all that “2.0” stupidity. (We also hate “next generation”, for the record).

We are putting the final touches on the new site and should be launching it within the next 24 hours. Being the eternal optimists, we’re pretty sure something will go wrong, but maybe we’ll luck out and those beers we bought the migration gods will pay off.

Did anyone else get this email?

You are receiving this email because you are registered for RSA® Conference 2009. Your account information needs to be activated so that you can take full advantage of all the Conference activities including access to the Conference Personal Scheduler and access to the Conference wireless network while on-site. … Please take a moment now to log-in and complete your account activation athttps://sso.rsaconference.com/sso/LogIn.jsp using the following temporary…

The big news at Securosis this week centered around the Conficker worm. As Rich blogged earlier in the week, he got a call from Dan Kaminsky on Saturday with the outline of what was going on. Rich and I scrambled Saturday to reach as many AV vendors as we could to get the word out. While some were initially a little annoyed at getting called on their cell phones Saturday afternoon, everyone was really eager to see what Tillmann Werner and Felix Leder had discovered and get their scanning tools…

Just a quick note today since I’m totally distracted by having some family in town.

Episode 144 is up and features Dino Dai Zovi… co-author of The Mac Hackers Handbook. It’s a great interview, especially if you are interested in Mac security issues. We also discuss the No More Free Bugs meme.

We’ve been talking a lot about application security since we started this blog, and one thing we’ve been tracking closely are training and certification programs. While we couldn’t talk about it, we’ve been quietly involved with the Institute for Certified Application Security Specialists. We reviewed the program during development, and were overall pretty impressed. It has very similar requirements to the CSSLP, but is more cost effective for security practitioners… something we can all…