- The Six Dumbest Ideas in Computer Security
There's lots of innovation going on in security - we're inundated with a steady stream of new stuff and it all sounds like it works just great. Every couple of months I'm invited to a new computer security conference, or I'm asked to write a foreword for a new computer security book.
- WhatsApp and the domestication of users
28 Jan 2021
WhatsApp’s rise and recent PR efforts highlight a class of business models that I call “user domestication”.
- Delivering with empathy
8 Sep 2020
I remember learning about the difference between sympathy and empathy in middle school. > Sympathy: feelings of pity and sorrow for someone else’s misfortune. Empathy: the ability to understand and share the feelings of another. Pretty damn simple to understand the difference when you read each of…
- White House Youtube Dislike Manipulation
27 Jan 2021
I’ve seen screenshots of YouTube modifying dislikes of White House videos. I decided I would do a thorough analysis myself. I wrote a script to check video stats every 80 seconds for 24 hours…
- The great SameSite confusion
29 Jan 2021
In this post, I expose a common misconception about the SameSite cookie attribute and I explore its possible impact on Web security. TL;DR The SameSite cookie attribute is not well understood. Conflating site and origin is a common but harmful mistake.
- Why I’m losing faith in UX
Digital design increasingly exploits users.