Sometime in the 2000s I started reading the RISKS Digest mailing list[1] from the beginning. I did it for fun - it's an interesting mix of fun anecdotes and lessons learned, and the 80's and early 90's were before my time which I found interesting too.
A side effect of reading the mailing list in bulk is that a set of common "stereotypes" of failure (for lack of a better word) start to emerge clearly from the stream of anecdotes. These really influenced my mental model of technology risks. I would still recommend the exercise for anyone interested in the subject.
RISKS Digest got me started too. I think there are some things best learned from the very beginning. "Consider modes of failure" is probably my favourite piece of security advice.
Sometime in the 2000s I started reading the RISKS Digest mailing list[1] from the beginning. I did it for fun - it's an interesting mix of fun anecdotes and lessons learned, and the 80's and early 90's were before my time which I found interesting too.
A side effect of reading the mailing list in bulk is that a set of common "stereotypes" of failure (for lack of a better word) start to emerge clearly from the stream of anecdotes. These really influenced my mental model of technology risks. I would still recommend the exercise for anyone interested in the subject.
[1] https://catless.ncl.ac.uk/Risks/
RISKS Digest got me started too. I think there are some things best learned from the very beginning. "Consider modes of failure" is probably my favourite piece of security advice.
https://www.nytimes.com/2012/10/30/science/peter-g-neumann-a...
https://cacm.acm.org/news/in-memoriam-peter-g-neumann-1932-2...
Previously (25 points - same list, LWN host) https://news.ycombinator.com/item?id=48172640
The mailing list style and his personal web page tells me all that I need to do
(And if you don't get it, you wouldn't get it)
[dead]