Duncan Hart
It’s Not Information Overload. It’s Filter Failure.
This piece from Clay Shirky isn’t new, but it’s sure still absolutely relevant. http://www.youtube-nocookie.com/embed/LabqeJEOQyI?rel=0
The right question
“If you’re not asking the right question, then there is no correct answer.” Merlin Mann
Unacceptable, unacceptable, unacceptable
I think Chris Chant has hit the nail on the head with his recent Institute of Government piece. “It is unacceptable at this point in time to not know the true cost of a service and the real exit costs from those services: the costs commercially, technically and from a business de-integration standpoint. So, how [...]
The wrong questions
“ The most serious mistakes are not being made as a result of wrong answers. The truly dangerous thing is asking the wrong questions.” Peter Drucker
The security sky is falling (but what should I do?)
I’m increasingly becoming irked by lots of security folks who are screaming ‘the security sky is falling.’ Stopping there, with simply the frightening aspect of worrying, is like screaming “Danger!” without knowing what to do or where to run. All that happens is that the screaming causes disturbance but has not told anyone what they [...]
Communicate
I spend a lot of time thinking about communication systems that have low control, and high expectations. As a result I’m rarely using e-mail these days. Instead, if you want to contact me please do it via Twitter: @duncanhart
Security utopia
The problem I’ve most often met in building secure systems is that this particular subject seems to bring out the utopian in people like no other. This ‘should’ happen, that ‘should’ happen, its unfair or wrong or wicked that such and such is allowed to continue. Well, yes. But what are we actually going to [...]
The fallacy of control in all broadcast era organisations
If you think you have control then think again
Mike Bracken
Really pleased to see that Mike Bracken has been appointed Executive Director of Digital Efficiency and Reform Group. Great news. Good luck Mike.
IT Fascism
A friend mentioned that security might well be the last bastion of IT fascism. He could well be right. But surely it doesn’t have to be that way?
Security involves compromise
I was struck by how much this Bryan Lawson quote could actually be about security design decisions and tradeoffs. “Design security almost invariably involves compromise…. Rarely can the designer security engineer simply optimise one requirement without suffering losses elsewhere…. There are no established methods for deciding just how good or bad solutions are, and still the [...]
Trust comes from knowing….
” Trust comes from knowing, not from blind faith. And to know one must understand, and to understand one must have an intimate awareness of what conditions are truly present, what people do and what they don’t, how people do what they do and don’t.” Michael Gerber, “The E-Myth Revisited“
Churchill
George Bernard Shaw is meant to have sent Winston Churchill a pair of tickets to the opening night of one of his plays, saying “bring a friend… if you have one”. Churchill is meant to have replied, returning the tickets, “can’t make opening night. will make second. if you have one.”
Bruce Schneier: The security mirage
The feeling of security and the reality of security don’t always match, says computer-security expert Bruce Schneier. At TEDxPSU, he explains why we spend billions addressing news story risks, like the “security theater” now playing at your local airport, while neglecting more probable risks — and how we can break this pattern.
Actionable Problem Statements
Bertrand Russell said, “The greatest challenge to any thinker is stating the problem in a way that will allow a solution.”
Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon
A superb piece from TED.com with Ralph Langer clearly explaining the internal workings of Stuxnet, a 21st-century cyber weapon.
Steal time, everyday
Another gem from Hugh Macleod and his Evil Plans: Napoleon once said, “I can always regain lost territory. A single second, never.”
Extinction Management
From Hugh Macleod’s Evil Plans…. “Either get with the programme or hire a consultant in Extinction Management.”
Backwards Maxim
“Most people will assume everything is secure until provided strong evidence to the contrary. Exactly backwards from a reasonable approach.” Anon.
Irrelevance
I’m continually and constantly amazed about the general myopia from people who have no idea that what they’re doing, or how they’re doing it is becoming irrelevant. If you think change is hard then irrelevance is even more miserable.
Reading
This is so important I’m posting it again. “No matter how busy you may think you are, you must find time for reading, or surrender yourself to self-chosen ignorance”, Confucius.
Sender Policy Framework and DomainKeys Identified Mail
E-mail – I love to hate it. I could write so much about what is wrong, on so many levels, with e-mail. That’s another matter for another time. But even with problematic e-mail corporations and enterprises have come to rely on e-mail to support, or even build and maintain their business processes. There’s a lot [...]
Misjudging risk (and bad decisions)
I’m a huge Seth Godin fan. This is a particularly good post that especially resonates with me: Misjudging risk (and bad decisions).
Right risks
Love this quote: Safe is good for sidewalks and swimming pools, but life requires risk if you are to get anywhere. http://twitter.com/simonsinek/status/4545842635603968
Reading or ignorance
I really do believe this quote: “No matter how busy you may think you are, you must find time for reading, or surrender yourself to self-chosen ignorance”, Confucius.
On sharing
I’m a huge admirer of Steven Pressfield. His book The War of Art made a particularly big impact with me. I’m now a regular reader of his blog and his latest piece (31 December 2010), On Sharing, really caught my eye. Sharing is something that has my attention at the moment. I spend a lot [...]
Adding manpower to a late (software) project makes it later.
I’m still gripped by my holiday reading – The Mythical Man-Month. “This then is the demythologising of the man-month. The number of months a project depends upon its sequential constraints. The maximum number of men depends upon the number of independent subtasks. From these two quantities one can derive schedules using fewer men and more [...]
Wait or eat it raw
Spending some of the seasonal holidays rereading the The Mythical Man-Month, Essays on Software Engineering. From Gutless Estimating: “Observe that for the programmer, as for the chef, the urgency of the patron may govern the scheduled completion of the task, but it cannot govern the actual completion. An omelette, promised in two minutes, may appear [...]
