- @agelastic "you" meaning whom ? #
- @agelastic Yes, and in fact we did before. And your criticism would be just except that you are assuming our threat model. #
- @agelastic (Ah, you're at Atlassian) – so let's be honest, there's should be nothing wrong with assuming JIRA will keep a secret by default #
- @agelastic Put differently: We did not realise that #WordPress does a better job than #JIRA at keeping information secret by default. #
- @agelastic If we /had/ realised that #JIRA did not have a no default and elegant "zero access", then of course I would have said: #
- @agelastic "#JIRA, connected to the internet? Over my dead body it's a piece of insecure-by-default code that can't keep a secret" #
- @agelastic But alas, foolish, foolish me, me/my team assumed that #JIRA might, if you locked it down a bit, manage to keep its data safe. #
- @agelastic I suspect Atlassian gets a free ride over this because so many JIRA installs seem to support FOSS projects, and that's great #
- @agelastic Perhaps it needs more widely advertising that #JIRA needs to be fitted with a security condom if used for less public work? #
- @agelastic S'ok, As a security geek, an app (JIRA) which abrogates any aspect of security is tragic, esp. when it does so well elsewhere. #
- @agelastic As for advertising that JIRA needs a security condom to keep some small %age of its data secure, to whom should I direct that? #
- @agelastic I like JIRA and I want to see it improved to the point of perfection! Hence fixing information security leaks is important to me! #
- @agelastic Yes, that would be why I blogged about it. #
- The season for hot-air-ballooning over my house seems to have returned! Happy Birthday, whomever! http://t.co/ocx7431D #
- @agelastic My colleagues already did. As in fact have several other folk.
Look: https://t.co/Z5pjevIH – total of five complaints so far? # - @agelastic JIRA comments like "completely unacceptable from a security standpoint" and "consider this a serious security bug" seem relevant? #
- @agelastic ps: those are not my words nor those of anyone associated with me #
- @Raj_Samani a) what are the public expected to know about cyber defence? b) since when do we have a strategy? c) How does it defend my Xbox? #
- @Raj_Samani Really, Raj, what will it take to get you to stop retweeting this stuff and start talking about real security issues? #
- "N million passwords stolen – cyberterror!" is not the right way to think;
"N million passwords stolen – it must be tuesday", is. # - @Raj_Samani Worse than that: they are _bad_ issues, fallacious arguments.
"I don't need a seatbelt or airbag the Gov't will protect me" # - @Raj_Samani Worse even than that because it internet is a virtual space and there is no such thing as a regulatable "car" analogue #
- @Raj_Samani To talk about a Gov't strategy when in fact the strategy should be in education and enabling self-protection, is ludicrous. #
- @Raj_Samani Incidentally, "public confidence in safety of digital services" does not equal "public faith in [gov't] cyber defence strategy" #
- @Raj_Samani Education should _be_ the UK Cyber Strategy; anything else (eg: MoD looking after itself) should not be relevant to "strategy" #
- @Raj_Samani Give me three other / non-education cyberstrategy points which are relevant to the general public and are not Gov't housekeeping #
- @Raj_Samani Yo're delegating your argument to a third-party document and then citing "skills innovation" which smells to me like University. #
- @Raj_Samani Reading http://t.co/pTb3BDj8
implies Gov't role is 1) funding 2) legal framework. Not convinced about either. # - RT @hvcco: FFS, Cryptologia subscription (4 issues) £45, price to access one article (cos I can't find my copy of backissue), £27! #obscene #
- @Raj_Samani So (again) other than education and housekeeping-own-systems plz suggest 3 state cybersecurity strategies benefiting the public? #
- @stewarttownsend Yep. #
- @Raj_Samani I'll blog about it later; this has gone beyond tweeting. Thanks. #disappointed #
- RT @mikko: Added the cover of Misha Glenny's "DarkMarket" to my Pinterest Board "Hackers with Hoodies" http://t.co/K0vNgekd
Cc: @mishaglenny # - @Raj_Samani DM? Pah. Alec.Muffett@gmail.com #
- I know about the "You don't own the music forever" #drm thing but #Spotify is turning into essential therapy. Like coffee rather than art. #
- @loudmouthman That's a good one! Female house brown. Crunchy. #
- @Raj_Samani One can only ask "Who _should_ have them?" #
- Announcement: ORG-London September 17th Pub Meet – Shoreditch.
http://t.co/Q3zzT2XO
Speaker TBC
/cc @OpenRightsGroup # - RT: Open Rights Group London Pub Meet – Monday September 17th, Shoreditch;
http://t.co/Q3zzT2XO – Speaker TBC
/cc @OpenRightsGroup # - If this is for real there's only one word for it, "ick". http://t.co/BYHshDgA
/cc @thechurchmouse # - @beng I've been in management meetings like that. #
- Gosh! This is so exciting! Do we stay up all night waiting for reshuffle news? #nobolloxtoittheyllstillbethereinthemorning #
- @Psythor I gather lack of plot depth is a common complaint, even compared to Ahnuld's original #
Leave a Reply