More secure workstations in the federal government?

The new Federal Desktop Core Configuration standard just kicked in. This standardized configuration for government computers should help to limit some of the crazy misconfigurations we see in many government computers. For more info on the FDCC and the sister project Security Content Automated Protocol (SCAP) you can go to these web-sites:


Logical vs Emotional Fears...

Disregarding the fact that fear is emotional by nature, I recently engaged my students in a discussion of whether our fears are based on:

  • something logical, reasonable and quantifiable OR
  • something rooted in emotion or gut reaction
Shortly after we had that discussion, I came across this article in Psychology Today and wanted to share it with you...
Ten Ways We Get the Odds Wrong

There is a quiz at the end of the article. Good luck.


DHS funding something worthwhile?

Bruce Schneier linked to an interesting factoid about the Department of Homeland Security.  Seems they are funding scans of a number of open source software project codebases to check for flaws and defects.  Coverity is providing the scanner and the software packages include some big ticket items...including a number of items that form the backbone of the Internet (Apache, Linux, etc).  Because of the scans, over 7,000 flaws have been fixed to date.  The comments by the readers are pretty insightful.  I posted my own comment in the mix, just for good measure.