I guess this is a milestone, isn't it?

Feb 09 2018

As I write this, it's roughly a week before my 40th birthday.  I'm sitting in a hospital waiting room tapping away on Windbringer while Lyssa undergoes surgery to remove a cataract from her left (and only working) eye.*  When this post goes live on the day of my actual 40th birthday, more things will undoubtedly have happened.  I don't know how much time I'm going to have in the next few days, so I guess I'd best take advantage of the spare time I have due to how busy I've been lately.

A lot's happened in this past year that I'm still trying to wrap my head around.  My grandfather diedSomebody I knew but wasn't terribly close to committed suicide.  I've been in the hospital and laid up at home a couple of times with strict "Sit on your ass and read comic books while you heal" orders (which, as you've probably already guessed, got boring pretty fast).  Our landlord has begun the process of selling the house we're presently renting, which has introduced no small amount of uncertainty into the short-term future.

Security nihilism: Never good enough.

Mar 11 2017

In the last couple of years, a meme that's come to be known as security nihilism has appeared in the security community.  In a nutshell, because there is no such thing as perfect security, there is no security at all, so why bother?  Talking about layered security controls that reinforce each other is pointless because they always skip right to the end, which is the circumvention of the nth countermeasure and final defeat.  In the crypto community, cries of "Quantum computer!" are the equivalent of invoking Godwin's Law, leading to the end of all discourse, nevermind trying to separate the marketing hype from what's actually possible or the decade-odd of research into post-quantum cryptosystems.  This has lead to a certain amount of attrition in the community.  It is my considered opinion that this may be one of the main reasons why many so-called security practitioners don't actually bother doing anything, including not even installing patches.  No, I'm not speaking hyperbolically, I've witnessed this first-hand I'm sorry to say.