Essays, link dumps, and opinion pieces about current events in the software landscape, offering what I hope is new perspective.
You can reach out to me with constructive criticism or insights at infosec.exchange@lmk.
Whether or not this unscientific test is reliable, asking generative AI if a mushroom is safe to eat — it misclassified a highly toxic variety that looks like a common edible one — is a terrible idea if you are prepared to eat according to what it says. This illustrates my rule of thumb:
[Read More]This article is a continuation of Better Security Discussions.
This analysis can be extended by considering potential mitigations for additional threats.
[Read More]
(900 words) May 2024 – Loren Kohnfelder
We understand software security best through specific threats and mitigations, articulated by threat models shared openly. Without this context we avoid much needed meaningful security discussions.
[Read More]