The content of Think Security is Copyright © Chad Perrin, and may be excerpted, modified, and redistributed under the terms of the Open Works License with proper attribution where appropriate. Excerpts and verbatim copies should be directly credited; modifications and derivations should be identified as such.
Open Works License
This is version 0.7 of the Open Works License.
Terms
Permission is hereby granted by the copyright holder(s), author(s), and contributor(s) of this work, to any person who obtains a copy of this work, in any form, to reproduce, modify, distribute, publish, sell, use, or otherwise deal in the licensed material without restriction, provided the following conditions are met:
- Redistributions, modified or unmodified, in whole or in part, must retain the above license notice, this list of conditions, and the following disclaimer.
- Redistributions, modified or unmodified, in whole or in part, must retain any applicable notices of attribution and copyright.
No warranty or guarantee is implied, or should be inferred, by this license or the act of distribution under the terms of this license. This license does not grant permission to use the trade names, trademarks, service marks, product names, or other identifications used by the licensor except as required for reasonable and customary use in reproducing, and describing the origin or use of, the work.
Sharing the knowledge at Think Security is encouraged, particularly when accompanied by links or directions back to the site so that recipients will be able to benefit from more of the same. If you like what you see, please pass it on.
My name is Chad Perrin. I'm the creator, author, and admin for Think Security.
When it comes to security, I am a strong believer in:
- Autodidactism
- Ethics
- Innovation
- Privacy
- Transparency
At various times in my life, I have been involved in private physical security, military security, disaster recover, security assessment, privacy technology deployment, and self defense policy. I am also TechRepublic's primary IT Security writer.
My articles about security policy have been cited by educators, software development policy makers, other security writers, and by the Second Life developers in their explanation for why they opened the source to the Second Life Viewer client application.
I am an independent consultant. I am always looking for more work to turn down, to pass on to someone more qualified than me for the specific task at hand, or even to take on as a contract because I believe I have both the time and the expertise the client needs. If you believe you can benefit from my knowledge, please feel free to get in touch.
I am a writer. I am always looking for more opportunities to share my knowledge with the world at large. If you have need of a writer with my expertise, please feel free to get in touch.
This site was launched to fill a need for a place to actually think about security, and to encourage others to do the same.
For a few years, I have been the primary security writer at TechRepublic. During that time, I have always endeavored to prompt readers to think about security, and to learn principles that will serve them well in a variety of circumstances rather than just memorize rote behaviors that are considered "industry best practices". The moment your focus on security has been reduced to knee-jerk reactions based on popular practices indoctrination, you have begun losing the battle for security.
Unfortunately, I (along with the rest of the regular contributing writers at TechRepublic) was asked to focus my writing more on "actionable content", which is basically a code phrase for "checklists and task-oriented tutorials". In other words, the focus of TechRepublic is shifting to exclude much in the way of thinking, in favor of including mostly rote memorization. This means that an important need is being unfulfilled in the security realm.
As a result, I created Think Security so I would have a place to satisfy that need. This is where the reasoning from principles, contradicting pervasive and dangerous myths, and analyzing trends for the sake of increasing foundational knowledge of security will go. TechRepublic, meanwhile, is where the simplistic, rote how-to and checklist material will go.
Ironically, my very first article as TR's security go-to guy actually touched on some of the above:
Five steps to becoming the local security guru
