With a wealth of security reading available, the Security Longreads weekly e-mail is designed to highlight particularly interesting longer reads. Our “Security Reads” covers topics related to Information Security while our “Other Reads” are topics that have nothing to do with security but could be of interest to readers of JaySchulman.com.
Did someone forward this to you? Sign up at jayschulman.com.
Commentary: The world is consumed with Blackhat (and soon to be Defcon) presentations. I just couldn’t bring myself to publish many of them this week (see my post on Guns, Toilets and Semis below). I do start off this week with a roundup post on everything interesting at Blackhat. Elsewhere, it came out that the FBI decrypted a Truecrypt volume. If you’ve kept up with Truecrypt, the creators closed it down and many suspected government involvement. An interest read (yet full of hypotheticals). Jeff Moss’s Blackhat keynote on how we’ll all have security jobs — but they’ll be miserable jobs. (So much for “Building A Life” in security.) Finally, it’s hard not to gush about Tesla. As a security guy, it’s good to see the car patched nationwide automatically days before a vulnerability was published.
In Other Reads, I’m big into researching DevOps — and its intersection with security — and this is a good read on the culture. Since it’s summer, the computerization of baseball umpires and how you should work as though your kids are watching. (My daughter joined me at work on Wednesday.)
Black Hat USA is finishing up in Las Vegas. News from its 18th year includes nuclear nightmares, Department of Justice on computer crime and research, Google on the state of Android security and much more. Wait, what? TrueCrypt ‘decrypted’ by FBI to nail doc-stealing sysadmin • The Register
Do the Feds know something we don’t about crypto-tool? Or did bloke squeal his password? IT security staff have a job for life — possibly a grim, frustrating life • The Register
Black Hat 2015 Speaking at the opening of the 18th Black Hat security conference, its founder Jeff Moss warned the assembled throng that while they might have job security, they weren’t going to have fun in the next decade.
“We are all employed for life,” Moss said. “It’s interesting, I see problems and challenges and on one hand am really excited, but on the other I just want to sleep.” Researchers Hacked a Model S, But Tesla’s Already Released a Patch | WIRED
Two hackers figure out how to attack a Tesla Model S, yet also call it “the most secure car that we’ve seen.”
Reads by Jay
Starting in late July every year, we start hearing about fantastic hacks that are going to get presented at Blackhat. The media jumps at the opportunity to report on sensational stories of hacking a refrigerator with a toothpick and an iPad while sitting in the backseat of an Uber. Wired Magazine is almost 100% reporting on … The Only Security Certifications You Actually Need –Jay S Schulman
There are only two certifications you need in information security: The CISSP and CISA. Here’s why.
Some years ago, right after we caught our breath from the financial crisis, I took my then-young-teenaged son to dinner … The Secret Of DevOps: It’s Always Been About People, Not Technology — ReadWrite
An early proponent of DevOps speaks out. For the first time, sensors and a computer play umpire in a pro baseball game | Ars Technica
Pitchf/x, a system you may have seen on ESPN, gives the homeplate ump an easy night.
Thanks! Longreads is published every Friday, just in time for the weekend.
Comments to email@example.com.