Security Debt Is the New Technical Debt

What is Technical Debt? Technical debt is a popular term within the software industry. First coined by well-known programmer Ward Cunningham, technical debt is a metaphor that explains the long-term burden developers and software teams incur when taking shortcuts. ThoughtWorks’ Martin Fowler sums up the point well: “Doing things the quick and dirty way sets us up with a technical debt, which is similar to a financial debt. Like a financial debt, the technical debt incurs interest payments, which come in the form of the extra effort that we have to do in future development because of the quick and dirty design choice.

Why Mobile Should Stop Worrying and Learn to Love the Root

One of my talks at RSA 2014 tried to convince attendees that they shouldn’t fear root on mobile. The talk, while lightly attended, seemed well received. Max Eddy of PCMag did a nice write up on it entitled Phones Can’t Be Trusted, Security Needs Root in Mobile. Abbreviated “history” of root access It’s funny if you think about the history of privilege on computer systems (this is a broad generalization of computer history).