Schneier is talking about a "failure of imagination" and the money we are spending on anti-terrorism.
The British government "lost" a few (150) PCs this year. (I could really use a laptop...)
Kelly Martin at SecurityFocus talks about who's to blame but failed to mention blaming: the end users or corporate administrators. I think these are the two areas we can effect security the most.
Help Net Security has a white paper on penetration testing. Let me know if it's any good.
The ID Theft Resource Center is online to help out people who hav efallen victim.
Pundits at SecurityFocus mull over issues such as who owns our personal information. The answer should be simple: we don't right now but we should enact legislation to give return control to the individual. While I was in Curacao, I talked to a guy from Holland who's company connects into the credit reporting agencies throughout Europe. He said that if they ever disclosed or sold information about an individual (and I mean name and address here) they could be fined up to $10k per incident! The courts would rule in favor of the individual and it would be an open and shut case. He said the telephone books are all "opt in" systems and that companies cannot even share information with other companies held by the same entity. This is the world I wish I lived in.
Dave Piscitello started working at ICANN and started investigating domain hijacking with the Security and Stability Advisory Committee (SSAC). Check out their report [PDF] at ICANN.
Don't know jack about DNS? Daniel Karrenberg, Chief Scientist at the RIPE NCC explains in laymens terms what DNS root name servers are. Paper in PDF.
On a funnier note, everyone's talking about how the FTC Chair’s credit card data was stolen. Ok, maybe it's not so funny. Chairwoman Deborah Platt Majoras was among those stolen from DSW Shoe Warehouse. PrivacyClue writes: