There’s an infinite number of studies of ransomware lately, all breathlessly talking about how to fight this dangerous threat. They’re all dangerously wrong. Ransomware is not the problem.

Read the full article over at Dark Reading.

People sometimes ask me about my recording setup, and I wanted to share some thoughts about recording good learning content. The most important thing I’ve learned is the importance of conceptualizing what you want it to look like. The other thing I’ve learned is that the more expensive gear is…

There’s an insightful comment, “Everybody has a testing environment. Some people are lucky enough enough to have a totally separate environment to run production in.” Similarly, everybody has both enterprise and product architecture. Some people are lucky enough to be able to design them.

I have to say that because…

It was just over a year ago that I last walked out of the Seattle airport. Before the pandemic, I was a very frequent flyer. As the pandemic was starting, I was under the weather and chose to skip RSA, having little idea what was coming.

That trip, in early…

You may have noticed that my end of the year posts are all science focused. Today, a set of resources on the COVID vaccines.

First, the FDA has authorized two vaccines for emergency use. The review memoranda (Pfizer, Moderna) are all sorts of fascinating. …

Scientists have discovered a chunk of amber with a dinosaur tail in it. (Poor dinosaur!) National Geographic has the story, which is not brand-new, but is a nice bit of scientific joy for the day.

Fireeye’s announcement of their discovery of a breach is all over the news. The Reuters article quotes a ‘Western security official’ as saying “Plenty of similar companies have also been popped like this.”

I have two comments. First, it’s easy for anyone to label attackers “sophisticated.” Fireeye certainly has more…

Adam Shostack

Generally blogging at, but shared posts here before Medium asked me to jump through more and more hoops..

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store