Mi Amigo wrote:Hey zzm, I certainly don't want to get into a pissing contest either, partly because I'd obviously lose, given that you are a security expert and I'm just an interested amateur; but also because I respect you as a long-standing member of this forum. I apologise if my comments came across as provocative - that certainly wasn't the intention.
Oh wow no! No offense taken at all! Sorry if I perceived as hostile in my reply.
Brian Kreb's article is the one I would recommend for non-security (but technical) people in lieu of GRC. It's pretty good. My person favorite Podcast is Risky Business, it's weekly (http://risky.biz/). It always has a news then technical interviews, and he keeps both sections grounded pretty well with accurate technical info but at a level non-security people can still follow along. The news section is particularly good because they tend to call out ridiculous media hype on these issues and comment as to why.Just out of interest, which sites, podcasts, etc. do you use to get reliable security information? I read Brian Krebs' blog and check out the Sans site from time to time, plus I listen to the 'Cisco Cyber Risk Report' podcast. I'm sure there are many other good sources of info, but some of the other ones I've found have been somewhat impenetrable for a non-expert like me.
A decent blog also is threatpost.com. Here is a post from it on this particular story:
http://threatpost.com/en_us/blogs/incom ... ess-011113