{"id":979,"date":"2014-04-04T10:16:15","date_gmt":"2014-04-04T14:16:15","guid":{"rendered":"http:\/\/control-h.org\/blog\/wordpress\/?p=979"},"modified":"2014-04-04T10:16:15","modified_gmt":"2014-04-04T14:16:15","slug":"so-much-this","status":"publish","type":"post","link":"https:\/\/control-h.org\/index.php\/2014\/04\/04\/so-much-this\/","title":{"rendered":"So Much This"},"content":{"rendered":"<p>It&#8217;s pretty rare when you run across a sekurity mastar who gets it.  But, <a href=\"http:\/\/www.tripwire.com\/state-of-security\/featured\/security-meaning-hype\/\" target=\"new\">this<\/a> is one of the best things I&#8217;ve read in a long time.  <\/p>\n<p>(Hattip to <a href=\"http:\/\/www.andrewshumate.com\/\" target=\"new\">Drew<\/a>, who told me about the <a href=\"http:\/\/insecure.org\/news\/fulldisclosure\/\" target=\"new\">FD reboot<\/a>.)<\/p>\n<p>I guess my sense of amazement at the pitiful state of the industry should wane over time.  It hasn&#8217;t.  The mastars keep getting more letters after their names, and bigger salaries.  (I&#8217;ll set aside the fact that I have met CISSPs who are unable to parse, much less write, a script to manually patch and secure a Windows box&#8230;.) Meanwhile, various vendors&#8217; products render many solutions nearly unusable.  <\/p>\n<p><a href=\"http:\/\/www.tripwire.com\/state-of-security\/featured\/unbalanced-security-increasing-attack-surface-2\/\" target=\"new\">This one<\/a> is along the lines of what I&#8217;d planned to speak on at Shmoocon 2013.  I was writing my CFP response, and got to counter arguments I didn&#8217;t think I could easily refute.  Are you really securing things if you have to increase the attack vector to use a tool?  Are things more secure if you have to install Java and Flash for a tool to work?  How about .NET? <\/p>\n<p>It&#8217;s wrong of me to think such things;  I should just shuttup, and improve my Minesweeper skills. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>It&#8217;s pretty rare when you run across a sekurity mastar who gets it. But, this is one of the best things I&#8217;ve read in a long time. (Hattip to Drew, who told me about the FD reboot.) I guess my sense of amazement at the pitiful state of the industry should wane over time. It [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[36],"class_list":["post-979","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-uncategorized"],"_links":{"self":[{"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/posts\/979","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/comments?post=979"}],"version-history":[{"count":0,"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/posts\/979\/revisions"}],"wp:attachment":[{"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/media?parent=979"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/categories?post=979"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/control-h.org\/index.php\/wp-json\/wp\/v2\/tags?post=979"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}