MadMode

The consequences of hooking stuff up to the Internet without sufficient care are going up all the time:

• Iranian Cyber Attack on New York Dam Shows Future of War Mark Thompson @MarkThompson_DC March 24, 2016

As an open source advocate, I initially bristle at this...

These sectors may be particularly vulnerable to cyberattack because they rely on open-source software or hardware, third-party utilities, and interconnected networks

but it is a factor: it lets people hook their stuff up to interconnected networks without going up the management chain to authorize a purchase.

Meanwhile, it's going to get worse before it gets better, from every indication I see. This sort of accountability might actually be healthy:

• FTC Demands Info From PCI Auditors On Breached Companies' Compliance

I can imagine demand for software audits will increase as a result. Perhaps that provides an opportunity, since object capability discipline facilitates software audits. The effort to get the value of ocap recognized widely in the security and compliance community is daunting, but I sure hope it happens.

I managed to do a bit. I was invited to speak to a small C.S. class at a nearby college while the regular professor was away. I took the opportunity to review and re-package two of Mark Miller's talks from 2011, prefaced with the "giant bags of mostly water" slides. It was fun!

• Web Security: Patterns of Cooperation Without Vulnerability