Feeds
The Register Columnists

Jon Lasser

Contact Mail Follow RSS feed
The Register breaking news

Getting realistic in the war on hackers

Opinion Give up on the notion that computer security can be improved by putting more people in prison, argues Jon Lasser, SecurityFocus columnist. The war on hackers is failing for the same reason the war on drugs failed: Most individuals can control themselves, but there is a substantial group of people for whom no legal penalties …
Jon Lasser, 18 Apr 2003
The Register breaking news

Too cool for secure code

Opinion Until Unix and Linux programmers get over their macho love for low-level programming languages, the security holes will continue to flow freely, argues SecurityFocus columnist Jon Lasser. The last several weeks, as always, have brought a constant flow of security advisories. Perhaps not a torrent, but certainly more than a mere …
Jon Lasser, 26 Mar 2003

New Linux support policies are ominous

Opinion Red Hat and Mandrake are cutting support for older versions of their Linux distributions... The results will be a security nightmare for the Internet, says Jon Lasser. Open source opponents have for years warned, "You get what you pay for." Now some Linux distributors are planning to make good on that threat. Red Hat …
Jon Lasser, 14 Feb 2003
The Register breaking news

Caught in a BIND

How did one of the Internet's most ubiquitous software packages grow up to be chronically insecure? History offers a lesson, says Jon Lasser. Weinberg's second law, a decades-old programmers' joke, states, "If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy …
Jon Lasser, 21 Nov 2002
The Register breaking news

Responsible bug disclosure by corporate fiat

I must have a masochistic streak. Nothing else could explain why I occasionally argue in this space that people should act responsibly when disclosing holes in software. If I even hint that the doctrine of full disclosure has limits, the reaction is overwhelming. Among other things, I've been called a Microsoft lackey, a …
Jon Lasser, 31 Oct 2002
The Register breaking news

Lobbying for insecurity

The U.S. National Security Agency's contribution to open-source security, Security-Enhanced Linux, found broad approval and support in geek forums from Wired News to Slashdot that are typically suspicious of the government. It's not surprising that it couldn't last, however, and a recent CNET article suggests that the NSA may …
Jon Lasser, 30 Aug 2002
The Register breaking news

Linux security self-censorship ominous

October was a bad month for proponents of full disclosure. First, Microsoft's Scott Culp argued in an essay that security researchers shouldn't reveal the nature of security holes in software. Then Culp may have found an unexpected ally in his war against full disclosure: Linux's second-in-command, Alan Cox. Cox's decision to …
Jon Lasser, 07 Nov 2001