Down The Security Rabbithole

In this episode Who is Dan Geer (just in case you live in a cave and don't know) Dan's definition of security - "The absence of unmitigatable surprise" What exactly is the pinnacle goal of security engineering? Responsibility, liability and when software fails as a result of security issues In a liability lawsuit - "What did you know, when did you know it?" The fraction of the population who could sign an "informed consent" is falling - so now what? Why ICANN is actually making all of this so much worse What do we do about "abandoned software"? Fixing security bugs in software is a tricky business...good, bad, worse Are things getting better [in security]? Dan talks about a "diversity re-compiler" and how we can make the exploit writer's job harder (from Jason White) -What "low hanging fruit" issues are we simply not addressing properly right now? (from Jason White) If the Internet were being built from scratch today, what would you keep and throw away? Guest Dan Geer - Dan Geer is a computer security anal