Xiegu G90 & Digimode-4
Getting up and running with HF digital modes
Meta preamble
I am well aware of my long hiatus in posting, as many of you may know, I served as a Program Manager at DARPA where the results of my technical work required approvals prior to publication, and I thought it best to avoid adding commentary and other contributions in any unofficial capacity. Following DARPA, I spent a brief . . .
TROOPERS 2017 Day 2 Re-cap
Please pardon the delay, I was enjoying some of the fine European weather in the French Riveria and neglecting my TROOPERS blogging duties. As promised, here is a short description of my day 2.
Starting early in the morning for the annual 10k charity run up the Philosopher's Way, a large group of brave (and sleepy-looking) . . .
Troopers 2017 Day 1 Re-cap
It's late March, thus time for TROOPERS; this year is the 10th anniversary edition of the fantastic conference in Heidelberg, Germany, so an extra special week to be a part of. As I spoke at a pre-conference workshop, the stress was off so I could reflect and re-cap on the content without worrying about an incomplete slide deck. Below . . .
Defensive Programming
Coding in a post-Rowhammer world
Earlier this year at TROOPERS I presented on how many tenets of the LangSec theories could be integrated into a modern SDLC through providing a framework for "verification-oriented programming". This idea revolved around the notion that "to err is human, to be caught at compile-time (or as close to it as possible) divine", and that developers . . .
Consent in InfoSec
An analogy
Recently the buzzword-du-jour has shifted in some circles from "Threat Intelligence" to "Information Sharing", with policy being proposed or enacted to drive companies to share breach and breach attempts with other entities to hopefully assist in their network defenses. One challenge I see to free information sharing between willing and . . .
Verification-Oriented Programming
Accepting LangSec into your heart (or SDLC)
To err is human; to be caught at compile-time, divine
— Jacob Torrey (@JacobTorrey) March 2, 2016
Next week at TROOPERS I am acting as a TA for Tamas on our VM Introspection training as well as giving a talk aimed at developers and their managers to augment their software development life-cycle (SDLC) with LangSec . . .
The Depressing Effect of Bug Bounties
Why we need to focus on capacity building
Watching the InfoSec industry change over the last few years leaves little doubt in my mind that the majority of players jump onto what is hot, either through a re-branding campaign, acquisition, or legitimate shift. At RSA this spring, the buzzword du jour was threat intelligence; of late however, the hype-machine has been focusing on bug . . .