Mike Ashley


A Rubicon
Dan Geer essay on software and AI risk.
Richard Stallman on Privacy, Data, and Free Software
Classic Stallman. The problem with today’s plutocratic, neoliberal ideology goes way beyond software, however.
Supply-Chain Security
Very scary. Traditional supply chain infrastructure doesn’t manage software change well at all, despite the technology being available to do it. It doesn’t adequately address malware injection at inception, either.
Details on a New PGP Vulnerability
Initial report from Bruce Schneier. Some followup in the comments. This isn’t a vulnerability in PGP. It’s the way it interacts with modern email programs. It’s a good example of unintended consequences in system integration.
EFF’s New Wordlists for Random Passphrases
From 2016, but this is a good reference. You are using passphrases for your important passwords, right?