SolarWind, enough with the password already!

This is a much delayed discussion on the complexity and nuance of the SolarWind hack. The simplistic and wrong messaging from some quarters of the infosec community has resulted in an atrocious misunderstanding of the hack in the public sphere. This has extended into the policy world as these bad takes are treated as cogent […]

This entry originally appeared at, and may be a summary or abridged version.