Weekend Reads 052220

Oh, the customers you’ll help and the money you’ll make! All you have to do first is… write a lot of code. How much code? Well, obviously that depends on your idea and what business you’re planning on setting up. But there’s a huge amount of code you’ll need and want for any SaaS business, and a lot of it you’ll have to write before you can write even line one of your business logic. —Dan Hulton

A cybersecurity researcher today uncovers a set of 7 new unpatchable hardware vulnerabilities that affect all desktops and laptops sold in the past 9 years with Thunderbolt, or Thunderbolt-compatible USB-C ports —Mohit Kumar

When Jean-Jacques Rousseau wrote The Social Contract in 1762, he argued that only humans possess sovereign power, and that they alone may choose which freedoms they surrender in exchange for the benefits and stability of government. Now, for the first time in more than a century, we are debating amending or rebalancing aspects of the social contract in order to deal with a deadly pandemic. —Shuman Ghosemajumder

When $FAMOUS_COMPANY launched in 2010, it ran on a single server in $TECHBRO_FOUNDER’s garage. Since then, we’ve experienced explosive VC-funded growth and today we have hundreds of millions of daily active users (DAUs) from all around the globe accessing our products from our mobile apps and on $famouscompany.com. —Saagar Jha

The Cyber Security Body of Knowledge project or CyBOK is a collaborative initiative mobilised in 2017 with an aspiration to “codify the foundational and generally recognized knowledge on Cyber Security.” Version 1.0 of the published output of this consultative exercise was quietly released last year and then more publicly launched in January 2020.

Over the last few years, smart city networks and platforms have emerged as a critical element of the future technology-led social and environmental landscape. Municipalities have complex webs of transport, energy, housing, waste, safety and various other functions. They can foster collaboration between public and private sectors. —Dean Bubley

Over the past decade, desktop software has gradually been eaten by the web browser: Music moved from iTunes to Spotify and Pandora, word processing moved online to Google Docs and Office 365, and design moved from Photoshop to Figma. —Owen Williams

Newly-discovered zero-day vulnerabilities may generate the biggest headlines in the security press, but that doesn’t mean that they’re necessarily the thing that will get your company hacked. —Graham Cluley

The UK’s designated national agency responsible for providing information and expert guidance on qualifications (UK NARIC) recently announced that the Certified Information Systems Security Professional (CISSP) credential offered by (ISC)2 is rated RQF Level 7, thereby placing it equal to a particular level of a Master’s Degree. This declaration is not without precedent. —Bob Covello

There are few college programs for “cybersecurity”. Instead, people rely upon industry “certifications”, programs that attempt to certify a person has the requisite skills. The most popular is known as the “CISSP”. In the news today, European authorities decided a “CISSP was equivalent to a masters degree”. —Errata Security

The idea that cybercriminals never interact with their targets is one of many cybersecurity myths that need to be debunked. With millions of employees now attempting to work from home for the first time due to the COVID-19 pandemic — which increases their vulnerability more than ever — it’s vital to challenge stubborn misconceptions about cybersecurity. —Zack Schuler

Today, more than 30 civil society organizations joined in launching the Global Encryption Coalition, to promote and defend encryption in key countries and multilateral gatherings where it is under threat. The new coalition is led by a Steering Committee consisting of the Center for Democracy & Technology (CDT), the Internet Society, and Global Partners Digital. —Natalie Campbell