This is a much delayed discussion on the complexity and nuance of the SolarWind hack. The simplistic and wrong messaging from some quarters of the infosec community has resulted in an atrocious misunderstanding of the hack in the public sphere. This has extended into the policy world as these bad takes are treated as cogent […]
Why Backdoor the Golden Goose?
Why I don’t think Huawei will install back doors in 5G telco equipment — it would be a forced error when they are poised to achieve a win that will give them a strategic advantage for years and maybe decades to come. I don’t think they want to backdoor everything. That’s a sort of crude […]
On Pre Op Hackers
Proper Planning and Preparation Prevents Piss Poor Penetrations I was asked for good references on pre-operation phases of hacking. I recommended Matt Monte’s “network attacks and exploitation: a framework”, and Bill McRaven’s “Spec Ops: Case Studies in Special Operations Warfare: Theory and Practice”. The Monte book is the best book on cyber written so far. […]