 There are three types of people that really write about information security. There are your journalists There are your vendors and then there are the unsung heroes of security They are the bloggers. That's right. So around the world you have got hundreds of thousands Maybe that's an exaggeration, but you've got a fair few bloggers who get online and they write away their views They're normally pretty good. Okay, some of them aren't too good, but a lot of them are very good Maybe they can't spell as well as a journalist and they don't have the marketing machine Behind them like vendors do but generally the content is very good and you get a whole mixture of opinions The site that I go to all the time the bloggers website is InfoSec Island It's a great place I mean it's a place which aggregates a number of you know lots of different bloggers and you get a really good spread of You know analytical bloggers and opinion-based bloggers and ranty bloggers and Scientific bloggers and big bloggers small bloggers brown bloggers white bloggers yellow bloggers smelly bloggers Hairy bloggers shave bloggers you name it if you it's really interesting I mean I was looking at the island and the last post of Last year, so the very last post 31st December 2010 Is posted by Robert Sillianos Silliano The Robert Silliano sounds American Italian Italian American. Do you think he talks like this? Yeah, come over here. I Just should not do accents at all somebody just slapped me the next time I try and do an accent So it was a really interesting post and the very one the very last paragraphs on it says And don't be a fool Scammers consider you the target simple minded They use one thousand and one different techniques to trick you into diverging your data You tend to gain your trust by lying Sending misleading emails or planting pop-up ads that try to convince you to download the software for your own protection Just delete Capiche Wise words, which I'm sure echoed around the security world, especially all the employees working at RSA But imagine that this is a topic raised a whole year ago has much changed throughout the year Then we kicked off the new year with a post by the likes of We was this over a whole need money Urging CEOs to stop talking jogging and start talking solutions Do you want to try to get them all out for a job, mate? Anthony M. Freed Declared that anonymous movement is fueled by cowardice. That's right cowardice And the rest of the year is a blitz of a variety of blog posts So let let let's have a look through some of these posts that went through Guru that Shenoi posted an article on password less authentication And no surprise there it's got about 10 comments on it already What is it with password related blogs and passwords are just like oh anytime there's a blog on passwords There's like a gazillion comments are posted immediately Rod McPherson talks about using India to monitor and kill the wrong privilege escalation You try to escalate your privilege Romney My ninja will decapitate you Brad Bernice wants to change infosec perceptions by being nice Good luck with that one Transrelated identity scams Up 300% Rafaul Loss Says software security. Just what is the meaning of mature? Rafaul I'm glad you posted it on the island because if you had googled it even with safe search on The results are not pretty Alan Pratt What's he saying 10 password tips that never go out of style Well, look at his profile picture. You can tell he's a man who knows a lot about style It's almost like it's perfect to that blue steel look And it jerges and gives us 11 reasons to ask when buying a secure flash drive. I Don't even ask 10 11 questions when I'm buying a car. I mean when we chose a babysitter for our kids I only asked one question One of my favorite guys Scott Turbin He's written loads of posts throughout the the the year and it's very good If you haven't ever seen any of his posts, but he's got this profile picture of like this Viking helmet or Spartan or something And every time I read one of his posts, I can't help reading it But in a Spartan voice from the 300 so, you know And and it just completely throws me every time I read his post. I read his post is like I Mean I can just imagine I mean he's probably sitting there writing the blog at one point and some says hey he writing report Danny Lieberman writes about what's he saying here application software in the cloud Power to the people That's right I'm gonna call him Danny X from now on Ben Roth wrote an article on lessons learnt from legat everyone's favorite security expert celebrity Boris Posted not one not two by trilogy of articles Saying what the sysp won't teach you Pistols at dawn my friend pistols at dawn There are lots more, but I strongly encourage you go to the island read some of the posts and even more importantly Contribute some of your own ideas you can only enrich the pot and If it's not very good, then We'll just get attrition to beat you up As a year draws to the end I suppose from me to all the great security bloggers the people who run Conferences and do so much for our great industry have a really happy new year and Stay secure my friends stay secure my friends stay secure my friends stay secure my friends Stay secure my friends stay secure my friends stay secure my friends stay secure my friends stay secure my friend Stay secure my friend