Category Archives: Security

One the hardest things we have to do is to build trust. It’s not hard for everyone, just us specifically. It’s not in our nature. Security people tend not to trust anyone. Everything we do is based on not trusting anyone, it’s literally our job. Trust is a two way street. If you expect someoneContinue reading “How to build trust”

We can’t. You think you can, but you can’t. This reminds of the Feynman video where he’s asked how magnets work and he doesn’t explain it, he explains why he can’t explain it. Our problem is we’re generally too clever to know when to stop. There are limits to our cleverness unfortunately. I’m picking on bufferContinue reading “How can we describe a buffer overflow in common terms?”

Sometimes it’s really hard to be nice to someone. This is especially true if you think they’re not very smart. Respect is a two way street though. If you think someone’s an idiot, they probably think you’re an idiot. You’re both going to end up right once it’s all over though. As an industry weContinue reading “Being a nice security person”

How many times have you been afraid to say something about security because you knew if you’re wrong, you’re going to be destroyed in public about it by your peers? How many times did you try really hard to completely discredit someone who said something wrong about security? How many times have you been wrongContinue reading “Everyone is afraid of us”

You’re probably bad at talking to people. I don’t mean your friends you play D&D or Halo or whatever hip game people play now, I mean humans, like the guy who serves you coffee in the morning. We’ve all had more than once instance where we said something and ended up with a room fullContinue reading “You are bad at talking to people”